[FUG-BR] RES: DNS
Luan Tasca - FUG
luanfug em gmail.com
Terça Junho 8 15:11:19 BRT 2010
a minha estrutura ta assim..
|Internet| <- |Firewall Principal - 200.180.24.150| <- |Firewall Rede
Interna - 192.168.0.254| <- Rede Interna 192.168.0.x
|
|
+ ---------- |Servidor Web - 192.168.0.49|
Gostaria que quando a estação da rede interna fosse abrir o site
www.wmw.com.br/moldurarte ele redirecionasse para o ip 192.168.0.49
deu pra entender?
> Mario Lobo wrote:
>
> On Monday 07 June 2010 23:18:44 Luan Tasca - FUG wrote:
>
>> tens como me da um exemplo disso?
>>
>> Mario Lobo wrote:
>>
>>> On Monday 07 June 2010 17:11:33 Luan Tasca - FUG wrote:
>>>
>>>> nao alterei nada no named.conf, na verdade queria saber oque eu poderia
>>>> alterar, mais alguem sabe uma regra de firewall que possa me ajudar?
>>>>
>>>> Marco Botelho wrote:
>>>>
>>>>> Luan,
>>>>>
>>>>> entendo que para resolução de nomes se deva utilizar o DNS. É provável
>>>>> que os colegas da lista tenham outras sugestões para seu impasse.
>>>>>
>>>>> Qualquer dúvida posta aqui seu named.conf.
>>>>>
>>>>> Até mais.
>>>>>
>>>>> Marco Botelho
>>>>> http://twitter.com/botelho
>>>>>
>>>>> Em 7 de junho de 2010 10:59, Luan Tasca - FUG <luanfug em gmail.com>
>>>>>
>>> escreveu:
>>>
>>>>>> entendi, e não teria como eu fazer uma regra, pode ser com firewall,
>>>>>> pra quando a maquina estação tentar acessar o endereco
>>>>>> www.wmw.com.br/moldurarte ser redirecionado para um endereco de ip
>>>>>> interno?
>>>>>>
>>>>>> Julio BSD wrote:
>>>>>>
>>>>>>> Luan,
>>>>>>>
>>>>>>> Seguinte como você está redirecionando o acesso através de uma pagina
>>>>>>> no domínio principal www.wms.com.br/moldurarte/ ele sempre terá que
>>>>>>> buscar
>>>>>>>
>>>>>> no
>>>>>>
>>>>>>
>>>>>>> domínio a sua solicitação "IIS ou APACHE etc...".
>>>>>>>
>>>>>>> Sugestão: crie um subdomínio para redirecionar o cliente através de
>>>>>>> seu
>>>>>>>
>>>>>> DNS
>>>>>>
>>>>>>
>>>>>>> interno utilizando "view".
>>>>>>>
>>>>>>> Ex: moldurarte.wms.com.br apontando para o IP da rede interna.
>>>>>>>
>>>>>>> Att.
>>>>>>>
>>>>>>> -----Mensagem original-----
>>>>>>> De: freebsd-bounces em fug.com.br [mailto:freebsd-bounces em fug.com.br] Em
>>>>>>>
>>>>>> nome
>>>>>>
>>>>>>
>>>>>>> de Marco Botelho
>>>>>>> Enviada em: segunda-feira, 7 de junho de 2010 10:32
>>>>>>> Para: Lista Brasileira de Discussão sobre FreeBSD (FUG-BR)
>>>>>>> Assunto: Re: [FUG-BR] DNS
>>>>>>>
>>>>>>> Luan,
>>>>>>>
>>>>>>> pelas informações passadas você poderá configurar o DNS para
>>>>>>> trabalhar
>>>>>>>
>>>>>> com
>>>>>>
>>>>>>
>>>>>>> view.
>>>>>>>
>>>>>>> Ficaria assim: caso seu DNS receba uma solicitação da rede interna o
>>>>>>>
>>>>>> mesmo
>>>>>>
>>>>>>
>>>>>>> responderá com o IP da rede interna, caso contrário responda com o IP
>>>>>>> externo. Assim, seus clientes, da rede interna, nem passaram pelo
>>>>>>>
>>>>>> servidor
>>>>>>
>>>>>>
>>>>>>> web externo. Vão direto para o interno.
>>>>>>>
>>>>>>> No link que passei tem um exemplo de como configurar o named.conf
>>>>>>> para trabalhar com view.
>>>>>>>
>>>>>>> Marco Botelho
>>>>>>> http://twitter.com/botelho
>>>>>>>
>>>>>>>
>>>>>>> Em 7 de junho de 2010 10:14, Luan Tasca - FUG <luanfug em gmail.com>
>>>>>>>
>>>>>> escreveu:
>>>>>>
>>>>>>>> ela pode ir direto, eu tenho o ip do servidor que ta hospedado o
>>>>>>>> site, direto pelo ip funciona, mais o cliente quer acessar pelo
>>>>>>>> endereco sabe.. ele quer acessar pelo www.wmw.com.br/moldurarte
>>>>>>>>
>>>>>>>> Marco Botelho wrote:
>>>>>>>>
>>>>>>>>> Luan,
>>>>>>>>>
>>>>>>>>> o acesso a partir da rede interna tem que passar pelo site externo
>>>>>>>>> ou a conexão poderá ir direto para o servidor interno?
>>>>>>>>>
>>>>>>>>> Marco Botelho
>>>>>>>>> http://twitter.com/botelho
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Em 7 de junho de 2010 09:52, Luan Tasca - FUG <luanfug em gmail.com>
>>>>>>>>>
>>>>>>>> escreveu:
>>>>>>>>
>>>>>>>>>> é que é assim, esse endereco www.wmw.com.br esta externo, mais
>>>>>>>>>> quando acessa o endereco www.wmw.com.br/moldurarte ele redireciona
>>>>>>>>>> para um
>>>>>>>>>>
>>>>>> ip
>>>>>>
>>>>>>
>>>>>>>>>> interno.
>>>>>>>>>>
>>>>>>>>>> Marco Botelho wrote:
>>>>>>>>>>
>>>>>>>>>>> Luan,
>>>>>>>>>>>
>>>>>>>>>>> o endereço do site é este www.wmw.com.br <
>>>>>>>>>>>
>>>>>>>>>> http://www.wmw.com.br/moldurarte>?
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>> Quando você tentar pingar neste endereço a partir da rede interna
>>>>>>>>>>>
>>>>>> qual
>>>>>>
>>>>>>
>>>>>>>> é
>>>>>>>>
>>>>>>>>
>>>>>>>>>> o
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>> endereço IP retornado?
>>>>>>>>>>>
>>>>>>>>>>> Marco Botelho
>>>>>>>>>>> http://twitter.com/botelho
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Em 7 de junho de 2010 09:41, Luan Tasca - FUG <luanfug em gmail.com>
>>>>>>>>>>>
>>>>>>>>>> escreveu:
>>>>>>>>>>
>>>>>>>>>>>> Seguinte, em um cliente meu, a internet chega em um servidor
>>>>>>>>>>>>
>>>>>>> Firewall,
>>>>>>>
>>>>>>>
>>>>>>>>>>>> tem dois servidores ligados nesse, o de hospedagem, e o firewall
>>>>>>>>>>>> da
>>>>>>>>>>>>
>>>>>>>> rede
>>>>>>>>
>>>>>>>>
>>>>>>>>>>>> interna, nesse firewall da rede interna esta ligado as estacoes
>>>>>>>>>>>> da
>>>>>>>>>>>>
>>>>>>>> rede
>>>>>>>>
>>>>>>>>
>>>>>>>>>>>> interna, o site esta hospedado no servidor de hospedagem que
>>>>>>>>>>>> esta
>>>>>>>>>>>>
>>>>>>>> ligado
>>>>>>>>
>>>>>>>>
>>>>>>>>>>>> no firewall principal da rede, de fora eu consigo acessar o site
>>>>>>>>>>>> normalmente, mais de dentro da rede interna nao estou
>>>>>>>>>>>> conseguindo acessar o site que esta no servidor de hospedagem.
>>>>>>>>>>>> deu pra entender?
>>>>>>>>>>>>
>>>>>>>>>>>> ||FIREWALL PRINCIPAL||
>>>>>>>>>>>>
>>>>>>>>>>>> - ||HOSPEDAGEM||
>>>>>>>>>>>> - sites hospedados
>>>>>>>>>>>> - || FIREWALL REDE INTERNA||
>>>>>>>>>>>> - estacoes rede interna
>>>>>>>>>>>>
>>>>>>>>>>>> Marco Botelho wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Luan,
>>>>>>>>>>>>>
>>>>>>>>>>>>> na verdade não. O DNS cuidará da resolução de nomes. Caso
>>>>>>>>>>>>> utilize a
>>>>>>>>>>>>>
>>>>>>>>>>>> cláusula
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>> view você poderá "personalizar" a resposta dependendo de quem
>>>>>>>>>>>>> está perguntando.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Poderia nos explicar como está a configuração da sua rede?
>>>>>>>>>>>>>
>>>>>>>>>>>>> Marco Botelho
>>>>>>>>>>>>> http://twitter.com/botelho
>>>>>>>>>>>>>
>>>>>>>>>>>>> Em 7 de junho de 2010 09:26, Luan Tasca - FUG
>>>>>>>>>>>>> <luanfug em gmail.com>
>>>>>>>>>>>>>
>>>>>>>>>>>> escreveu:
>>>>>>>>>>>>
>>>>>>>>>>>>>> eu tava lendo ali. com aquilo ali, consigo configurar por
>>>>>>>>>>>>>> exemplo
>>>>>>>>>>>>>>
>>>>>>> se
>>>>>>>
>>>>>>>
>>>>>>>> a
>>>>>>>>
>>>>>>>>
>>>>>>>>>>>>>> minha rede 192.168.34.0/24 acessar o endereco www.site.com.br
>>>>>>>>>>>>>> ele verificar primeiro se tem esse site em um ip da rede ?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Marco Botelho wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Luan,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Através da cláusula view você poderá configurar seu DNS para
>>>>>>>>>>>>>>>
>>>>>>> prover
>>>>>>>
>>>>>>>
>>>>>>>>>>>>>>> diferentes funcionalidades dependendo de quem está acessando.
>>>>>>>>>>>>>>> No
>>>>>>>>>>>>>>>
>>>>>>>> link
>>>>>>>>
>>>>>>>>
>>>>>>>>>>>> que
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>>> passei tem um exemplo.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Sugiro começar a configurar seu named.conf, caso você esteja
>>>>>>>>>>>>>>>
>>>>>>>>>> utilizando
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>>> o
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>>> bind, e postar aqui suas dúvidas.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Até mais.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Marco Botelho
>>>>>>>>>>>>>>> http://twitter.com/botelho
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Em 7 de junho de 2010 09:00, Luan Tasca - FUG
>>>>>>>>>>>>>>> <luanfug em gmail.com
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> escreveu:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Bom Dia Marco Boelho,
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Teria como você me falar algo sobre esse "view", nunca
>>>>>>>>>>>>>>>>
>>>>>>> utilizei
>>>>>>>
>>>>>>>
>>>>>>>>>>>>>>>> isso, e to meio perdido nisso.. obrigado
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Marco Botelho wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Luan, bom dia!
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Você pode resolver isto com view.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Veja no link a seguir:
>>>>>>>>>>>>>>>>> http://www.zytrax.com/books/dns/ch7/view.html
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Atenciosamente,
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Marco Botelho
>>>>>>>>>>>>>>>>> http://twitter.com/botelho
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Em 7 de junho de 2010 08:28, Luan Tasca - FUG <
>>>>>>>>>>>>>>>>>
>>>>>> luanfug em gmail.com
>>>>>>
>>>>>>
>>>>>>>>>>>>>>>> escreveu:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Gostaria de fazer o seguinte, tenho um endereco aqui,
>>>>>>>>>>>>>>>>>> www.wmw.com.br/moldurarte, de fora eu consigo acessar
>>>>>>>>>>>>>>>>>>
>>>>>>>>>> normalmente,
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>>>>> mais
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> de dentro da rede eu não acesso, eu gostaria de fazer a
>>>>>>>>>>>>>>>>>>
>>>>>>> seguinte
>>>>>>>
>>>>>>>
>>>>>>>>>>>>>> regra,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> quando os usuarios da rede interna fossem acessar esse
>>>>>>>>>>>>>>>>>>
>>>>>>> endereco,
>>>>>>>
>>>>>>>
>>>>>>>>>>>>>>>>>> redirecionar pra tal ip da rede que ta o site hospedado,
>>>>>>>>>>>>>>>>>>
>>>>>> porque
>>>>>>
>>>>>>
>>>>>>>>>> ele
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>>> ta
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> fazendo a volta na rede externa e depois voltando para o
>>>>>>>>>>>>>>>>>>
>>>>>>>> servidor,
>>>>>>>>
>>>>>>>>
>>>>>>>>>>>>>>>>>> gostaria que ja ficasse na rede interna e fosse para o ip
>>>>>>>>>>>>>>>>>> do
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>> servidor
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> que ta hospedado.
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>> -------------------------
>>>>>>>>>>>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>>>>>>>>>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>>>>>>>>>>
>>>>>>>>>>>> -------------------------
>>>>>>>>>>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>>>>>>>>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>>>>>>>>>
>>>>>>>>>>> -------------------------
>>>>>>>>>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>>>>>>>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>>>>>>>>
>>>>>>>>>> -------------------------
>>>>>>>>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>>>>>>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>>>>>>>
>>>>>>>>> -------------------------
>>>>>>>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>>>>>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>>>>>>
>>>>>>>> -------------------------
>>>>>>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>>>>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>>>>>
>>>>>>> -------------------------
>>>>>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>>>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>>>>
>>>>>>> -------------------------
>>>>>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>>>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>>>>
>>>>>> -------------------------
>>>>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>>>
>>>>> -------------------------
>>>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>>
>>>> -------------------------
>>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>
>>> Não precisa nem mexer no DNS. Basta criar uma rota estática no seu
>>> gateway, para que todo pacote vindo da rede interna para o IP do servidor
>>> web saia pela placa em que ele (servidor web) está conectado.
>>>
>> -------------------------
>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>
>>
>
> Ok Vamos admitir o seguinte cenário:
>
>
> 192.168.0.1
> INTERNET <--- rl0-- FBSD -- rl1 ------ REDE INTERNA 171.16.3.x
> | 172.16.3.1
> |
> +----- rl2 ------ DMZ (web,ftp,etc) 200.123.10.x
> 200.123.10.1
>
> No gateway FBSD:
> route add -net 200.123.10.0 255.255.255.0 200.123.10.1
>
> Quando a rede interna solicitar www.wmw.com.br, vai resolver para o IP do
> servidor web e sera roteado direto pela rl2, sem sair pela internet.
>
>
Mais detalhes sobre a lista de discussão freebsd