Well, this is probably not the direct answer you were looking for, but you
might want to consider a secondary ns solution that is hosted elsewhere
anyways. I''ve been using easydns.com for a while now, and have been
extremely happy with the service. Their secondary DNS service is really
inexpensive, and they''ve had several years of constant uptime.
That being said, what kind of netblock has your ISP assigned to you? If
it''s large enough, you could sub-subnet it. Then you could give your
two
dns servers real public IP addresses, and route between your external
interface and your DMZ using real addresses. Then you wouldn''t have to
do
something like static NAT.
Speaking of which, have you tried using either static NAT or proxy ARP,
and seeing if your ISP can somehow detect or block it?
-jason
On Sun, 19 Oct 2003 02:08:55 -0600, Randy Millis
<rmillisl@mailhost.isa-geek.net> wrote:
> I want to run two name servers in my DMZ (primary and secondary) but my
> ISP
> does not permit 2 IPs on one MAC address.
>
> I am trying to find a way to run each name server on its own IP and
> forward
> them via Shorewall into the DMZ for ns1 and ns2.
>
> Seems my only option is to run two external NICs on my external hub. I
> know
> that there can be issues with this however so I am seeking some guidance
> in
> this area.
>
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users@lists.shorewall.net
> Subscribe/Unsubscribe:
> https://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm