3
2
Some background: I have a work laptop with Ubuntu 9.10 on it. I have a small network at home where I've been running some basic services (for myself/my family) for 10 some years. In my home network there is a nameserver (Fedora) running Bind 9 with two "views". One view is the "outside" view and it provides name resolution (to the Internet at large) for email, a wiki, and a couple of blogs. The "inside" view provides name resolution (to the internal RFC1918 addresses of theses servers) as well as all the inside hosts, network equipment, ...etc.
I connect with an openvpn client to my home network from outside (such as work). What I'd like to be able to do is resolve names on my internal network across this VPN (so I get the RFC1918 "inside" responses) without fully changing my resolver to the DNS server at my hose.
For example, if I connect to the VPN from work, I can change my resolver (by editing resolv.conf) to the DNS server at my house (across the VPN) and then successfully resolve all of the inside DNS names on my home network. The issue I have with this is that now I'm no longer able to resolve "inside" names provided by my work's DNS servers (because I'm using my home DNS server).
Alternatively, I can connect to the VPN and access my home severs via IP addresses directly, but this is inconvenient and causes issues with Apache name-based hosting (among other things).
In the end, the effect I'm trying to achieve is as follows:
When I connect to the VPN I automatically start sending DNS requests for *.myhomedomain.com to my home nameserver, but any other requests continue to go the the nameserver I was using before (the one I received on my company LAN via DHCP).
When I disconnect the VPN, requests for *.myhomedomain.com go back to the local LAN DNS server (e.g. all requests are going there now).
I'm looking for suggestion at to how this can be accomplished.
+1 "will let you do all sorts of stupid resolver tricks" then "Note that someone doing stupid DNS tricks ... will interfere"
Nice :P – Harley Watson – 2010-04-27T22:24:43.890
1Yeah, I've used dnsmasq in the past - it can be pretty useful. In this case though it doesn't appear to help achieve my goal without adding significant complexity. I realize I could install DNS software on my laptop (such and dnsmasq or bind) and manually script out something that edits the .conf file, adds an appropriate forwarder and then kill -HUPs' the process upon connecting and then does it all in reverse upon disconnecting. However this is quite elaborate for what I'm trying to do here and will also likely conflict with local name resolution while at work. Hoping for something simpler. – MT. – 2010-04-27T22:48:33.503