Search Again: Re: Selective Responses From: Chris Buxton Date: Friday, May 7, 1999 Time: 10:54:00 am >I am wondering if there is a way to allow only certain IP ranges to access >the DNS? > >Example Setup: > >www.mydomain.com >privatestuff.mydomain.com > >I want requests the dns to return results for anyone who does a lookup for >www.mydomain.com. I want only people in a certain IP range to be able to >do lookups on privatestuff.mydomain.com. Is this possible with QuickDNS >Pro 2.2. I have checked the manual and see now way of doing this OTHER >than through the setup on the privatestuff.mydomain.com server limiting >access. Not sure what you mean by that last statement. However, perhaps it is what I am about to suggest: Set up a separate pair of DNS servers for serving out privatestuff.mydomain.com. Set these as your resolvers in TCP/IP for all machines on your intranet. Use a router filter to deny requests to the privatestuff name servers from IPs not in your intranet. This way, if a host on your intranet wants to resolve a privatestuff hostname, it sends a recursive query to one of your privatestuff servers, which immediately sends back the response. If a host on your intranet wants to resolve any other query, it sends the request to a privatestuff server, which resolves it as normal. If a host outside your intranet tries to resolve a name from the privatestuff subdomain, it is blocked at the router. Just be absolutely sure that nobody uses your regular servers as DNS resolvers, because, they'll be able to see the privatestuff server, and they'll cache the results. Hope this is clear. ________________________________________________________________________ Chris Buxton Men & Mice cbuxton@menandmice.com http://www.menandmice.com

Messages In This Thread: Selective Responses by Chris Parker on May 6, 1999 at 6:38:00 pm Re: Selective Responses by Chris Buxton on May 7, 1999 at 10:54:00 am