Hi Manuel. thanks for answering.
> -----Original Message-----
...
>
> On Sun, Jun 22, 2003 at 06:15:57PM -0400, fernando@rxp.com wrote:
> > hello there.
> > i'm about to put together a old box and use it as a firewall and nat. i
> > currently have 2 machines. one is a win2k server acting as a nat for the
> > other and as a dns server for web sites off location. i'm not
> sure that if i
> > set up the netbsd box, if my dns server will continue to answer
> queries from
> > the web. should i install bind on the netbsd box since it will be taking
> > over the public ip address (i don't know how to do that;-)? or
> should i just
>
> The best solution IMHO, and setting up bind isn't that hard.

i'm a noobee. it's ALL hard.  :-)

>
> > forward port 53 through netbsd to the win2k box? will i see a big hit in
> > performance using the fowarding?
>
> This can be done, and the performance impact will be minimal. Of course
> the DNS queries will be a few ms slower because of the extra hop.

Good. for now, that's the route i'll go so i can find time to learn about
bind.

> >
> > also, when i set up the new nat/firewall, i don't want to
> disconnect the dns
...
>
> I don't know, I don't know this NetBSD Firewall Project. Why don't you
> just install NetBSD the normal way (from cd for example, or from ftp
> though your NAT box), and then configure it to be the firewall ?
> It's really not hard, I guess most of the bits are in the man pages and
> in the docs on the www.netbsd.org site.

good idea. i'll do that as soon as i have another week or so to play with
it. until then, i just have to get the fw/nat working since i already
started it. it's on a very limited box so installing the full netbsd will
probably need more hard drive.

Firewall is up and running now. it took no brains at all to set up (big
advantage for newbies like me).

Thank you Manuel.

Fernando