On Fri, Dec 30, 2005 at 09:29:05AM +0100, Philippe Marzouk wrote: > On Thu, Dec 29, 2005 at 11:49:58PM -0800, Ross Boylan wrote: > > I have a box, wheat, connected to the internet and my local network. > > Another box, corn, is on the local network. > > I'm running DNS on wheat and have two domains to call my own (both > > going to the same IP address). > > > > When I try to access corn from wheat I get errors that wheat is > > spoofing. This happens in several contexts, but the worst is NFS. > > corn is acting as an NFS server, and when I attempt to mount from > > wheat I get, in the log on corn, > > Dec 29 23:16:33 corn mountd[5922]: NFS mount of / attempted from > > 192.168.10.1 > > Dec 29 23:16:33 corn mountd[5922]: spoof attempt by 192.168.10.1: pretends > > to be wheat.mydomain.com! > > Dec 29 23:16:33 corn mountd[5922]: Unauthorized access by NFS client > > 192.168.10.1. > > Dec 29 23:16:33 corn mountd[5922]: Blocked attempt of 192.168.10.1 to mount > > / > > > > dig -x 192.168.10.1 from corn gives wheat.mydomain.com. > > dig wheat.mydomain.com returns the external IP address. > > > > My theory is that this mismatch looks like spoofing. > > > > You may wish to look at views in bind (if this is your DNS server) it > allows you to have different zone files for internal and external > clients. That way, when someone queries from the outside your domain the > external ip is returned but from the inside of your LAN the internal ip > would be returned. > > Philippe > Thanks. That solved the problem. Ross
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
