so you are recommending i run a full chrooted BIND dns server to serve dns for my internal hosts and then use it to pass external DNs requests to my firewall for forwarding? That was going to be my next step since i intended to put samba as my PDC and when i can get a copy setup a 2k3 server box to integrate Astaro and Samba directly into an AD environment. So let the full dns server adventure begin..! Robert Hanson wrote: > } no this is not authoritative. I actually have my ecc domain hosted > } elsewhere..i simply clal my machines internally that to keep it simple > } so there are behind a nat in RFC1918 space at the house here. > } > > please forgive yet i recommend > > dig > > for dns testing almost all of the time. although nslookup is ok i recall > instances years ago where dig used properly returned right answers and > helped find problem when nslookup was totally wrong. could have been the > resolver libraries, i dont recall. > > just a preference. > > if you are trying to reverse lookup that x.x.x.200 ip address or whatever > private space, like the others said, you have to run your own dns and i do > not know if caching truly supports this authoritatively as well... see > below. > > chalk up the caching nameserver experience and go to chroot bind IMHO. > > -- > Robert Hanson > Abba Communications > http://www.abbacomm.net > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > . > -- My "Foundation" verse: Isa 54:17 No weapon that is formed against thee shall prosper; and every tongue that shall rise against thee in judgment thou shalt condemn. This is the heritage of the servants of the LORD, and their righteousness is of me, saith the LORD. -- carpe ductum -- "Grab the tape" CDTT (Certified Duct Tape Technician) Linux user #322099 Machines: 206822 256638 276825 http://counter.li.org/