0

I have what seems like a not-particularly-complicated home network, all things considered: a DSL line comes in to a modem/router, which goes off to a switch, which supports a bunch of machines. My machines live in a 192.168.0.x address space; however, I'm running some public servers on the network, so I have a block of 8 (5, really) static IP addresses that are mapped to the servers by the router. The non-servers get 192.168.0.x addresses via NAT; some machines have static addresses and some get addresses from DHCP. Locally, I'm running a DNS server (named) to map between the domain names and the 192.168 address space. Somewhat messy, but everything basically works.

Except: One of my local non-server clients occasionally switches from its internal address to its external address. That is, if I check the logs of a website I'm running internally, the hits coming from this client sometimes show up with the internal 192.168 address, and sometimes with the external (216.103...) address. It will flip back and forth for no apparent reason, without my doing anything. This can be a problem in terms of how the clients interact with the way I have some of the clients' SSH systems configured (e.g., allowing access from the internal network but not the external network), but it also Just Seems Wrong. I will confess that I'm kinda skating on the very edge of my networking competence here, but I can't for the life of me figure out what's going on.

If it helps, the client in question is running Mac OS X / 10.6; its address is statically assigned, is not one of the five externally-accessible addresses, and gets its DNS from (first) the internal DNS server and (second) my ISP's DNS servers. I can't swear that none of the other NAT clients are also showing this problem; the one I'm dealing with is my everyday machine, so this is where I run into it. Does anybody out there have any advice? This is driving me crazy...

jmiller-miramontes
  • 1

2 Answers2

2

I think DNS servers don't have priority, IF you have both your internal dns server, and the ISP's dns server configured, it will query one of them at random.

Try only using your internal dns server, and have it forward any queries it doesn't know the answer to up to your ISP's dns server.

becomingwisest
  • 3,328
  • 20
  • 18
2

The problem has to be your name server configuration. Set up all your internal machines to do dns lookups only against your server running named, and set up a private dns zone as detailed in this article. For the specific case of the statically configured system, that means /etc/resolv.conf should have one search line (for your private dns zone) and one nameserver line (pointing to the address of your named server).

Then, following this first part of the article, also configure your name server to be a caching server. You should point it at either your ISP's provided dns servers or external servers like , pointing at either your dns providers, or alternative dns servers like Google's.

You can change the configuration of your dynamically assigned hosts by editing the dhcp server setup on you router.

Phil Hollenback
  • 14,947
  • 4
  • 35
  • 52