yllee
asked on
DNS Setup
Hallo,
I have problem with my Bind DNS. I am using Sun E250 and sit behind CheckPoint Firewall. Internet connection via 128k lease line.
Sun E250 serve as SMTP server (Sendmail), Apache Webserver & DNS server. The external IP is 202.190.160.131 (NAT)[private IP 198.10.10.112], and mail server & webserver work fine. For internal user, the DNS server work fine because it albe to resolve name correctly, and users able to browse Internet.
My internal network IP is 198.10.10.X (example), and Sun E250 have NAT IP 202.190.160.131. I set everything accordingly for DNS but I cant get mail reply for other internet users because MX record problem.
Following is the result I got from www.checkdns.net :
Asking root servers about authoritative NS for domain
Got DNS list for 'dbku.gov.my' from GATE1.JARING.my
Found NS record: 'ns1.jaring.my' [161.142.201.17], was resolved to IP by GATE1.JARING.my
Found NS record: 'ns2.jaring.my' [192.228.188.61], was resolved to IP by GATE1.JARING.my
Domain has 2 DNS server(s)
Verifying if NS are alive
DNS server ns1.jaring.my [161.142.201.17] is alive and authoritative for domain 'dbku.gov.my'
DNS server ns2.jaring.my [192.228.188.61] is alive and authoritative for domain 'dbku.gov.my'
2 server(s) are alive
Check if all NS have the same version
All 2 your servers have the same zone version (2002051500)
Checking www. records
Checking http server www.dbku.gov.my [202.190.160.131]
HTTP server www.dbku.gov.my [202.190.160.131] answers on port 80
Received: HTTP/1.1 200 OK (Server: Apache/2.0.35 (Unix)) . . . . . .Welcome to Kuching North City Hall official Website. . . . . . .A:hover {color: #FF99FF; font-family: Arial; font-size: 10pt} . . function Activated() { window.alert("English version is under renovation"); } . . . . ...Welcome to the Official Homepage of Kuching North City Hall... . . . .
Check mail-servers
Domain dbku.gov.my has no MX records
Here are the my DNS configuration files :
>>>>>named.conf<<<<<
//
// DNS config file for a primary server
//
options {
directory "/var/named";
query-source address * port 53;
};
zone "." {
type hint;
file "db.cache";
};
zone "localhost" {
type master;
file "local.zone";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.local";
};
zone "dbku.gov.my" {
type master;
file "named.dbku.gov.my";
};
zone "0.0.10.in-addr.arpa" {
type master;
file "named.dbku.gov.my.rev";
};
>>>>>>>>><<<<<<<<<<<<<<
>>>>>>>>local.zone<<<<<<<<
;
; Forward resolution zone file for a primary nameserver
;
$TTL 86400
@ IN SOA enigma.dbku.gov.my. jim.dbku.gov.my. (
2000041900 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400) ; Minimum
IN NS enigma.dbku.gov.my.
IN NS ns1.jaring.my.
localhost. IN A 127.0.0.1
>>>>>>>>><<<<<<<<<<<<
>>>>>>local.rev<<<<<<<<
;
; Reverse resolution zone file for a primary nameserver
;
$TTL 86400
@ IN SOA enigma.dbku.gov.my. jim.dbku.gov.my. (
2000041900 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400) ; Minimum
IN NS enigma.dbku.gov.my.
IN NS ns1.jaring.my.
1 IN PTR localhost.
>>>>>>>>>>>>>><<<<<<<<<<<<
>>>>>>named.dbku.gov.my<<<
;
; Forward resolution zone file for a primary nameserver
;
$TTL 86400
@ IN SOA enigma.dbku.gov.my. jim.dbku.gov.my. (
2000041900 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400) ; Minimum
IN NS enigma.dbku.gov.my.
IN NS ns1.jaring.my.
IN MX 10 mail.dbku.gov.my.
IN A 198.10.10.112
enigma IN A 198.10.10.112
www IN CNAME enigma.dbku.gov.my.
>>>>>>>>><<<<<<<<<<<<
>>>>>>>>named.dbku.gov.my.
;
; Forward resolution zone file for a primary nameserver
;
$TTL 86400
@ IN SOA enigma.dbku.gov.my. jim.dbku.gov.my. (
2000041900 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400) ; Minimum
IN NS enigma.dbku.gov.my.
IN NS ns1.jaring.my.
1 IN PTR enigma.dbku.gov.my.
>>>>>>>>>>>>><<<<<<<<<<<<<
I think it might cause by my NAT IP. But, I dont know how to correct.
How to solve it/
Thank you very much.
I have problem with my Bind DNS. I am using Sun E250 and sit behind CheckPoint Firewall. Internet connection via 128k lease line.
Sun E250 serve as SMTP server (Sendmail), Apache Webserver & DNS server. The external IP is 202.190.160.131 (NAT)[private IP 198.10.10.112], and mail server & webserver work fine. For internal user, the DNS server work fine because it albe to resolve name correctly, and users able to browse Internet.
My internal network IP is 198.10.10.X (example), and Sun E250 have NAT IP 202.190.160.131. I set everything accordingly for DNS but I cant get mail reply for other internet users because MX record problem.
Following is the result I got from www.checkdns.net :
Asking root servers about authoritative NS for domain
Got DNS list for 'dbku.gov.my' from GATE1.JARING.my
Found NS record: 'ns1.jaring.my' [161.142.201.17], was resolved to IP by GATE1.JARING.my
Found NS record: 'ns2.jaring.my' [192.228.188.61], was resolved to IP by GATE1.JARING.my
Domain has 2 DNS server(s)
Verifying if NS are alive
DNS server ns1.jaring.my [161.142.201.17] is alive and authoritative for domain 'dbku.gov.my'
DNS server ns2.jaring.my [192.228.188.61] is alive and authoritative for domain 'dbku.gov.my'
2 server(s) are alive
Check if all NS have the same version
All 2 your servers have the same zone version (2002051500)
Checking www. records
Checking http server www.dbku.gov.my [202.190.160.131]
HTTP server www.dbku.gov.my [202.190.160.131] answers on port 80
Received: HTTP/1.1 200 OK (Server: Apache/2.0.35 (Unix)) . . . . . .Welcome to Kuching North City Hall official Website. . . . . . .A:hover {color: #FF99FF; font-family: Arial; font-size: 10pt} . . function Activated() { window.alert("English version is under renovation"); } . . . . ...Welcome to the Official Homepage of Kuching North City Hall... . . . .
Check mail-servers
Domain dbku.gov.my has no MX records
Here are the my DNS configuration files :
>>>>>named.conf<<<<<
//
// DNS config file for a primary server
//
options {
directory "/var/named";
query-source address * port 53;
};
zone "." {
type hint;
file "db.cache";
};
zone "localhost" {
type master;
file "local.zone";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.local";
};
zone "dbku.gov.my" {
type master;
file "named.dbku.gov.my";
};
zone "0.0.10.in-addr.arpa" {
type master;
file "named.dbku.gov.my.rev";
};
>>>>>>>>><<<<<<<<<<<<<<
>>>>>>>>local.zone<<<<<<<<
;
; Forward resolution zone file for a primary nameserver
;
$TTL 86400
@ IN SOA enigma.dbku.gov.my. jim.dbku.gov.my. (
2000041900 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400) ; Minimum
IN NS enigma.dbku.gov.my.
IN NS ns1.jaring.my.
localhost. IN A 127.0.0.1
>>>>>>>>><<<<<<<<<<<<
>>>>>>local.rev<<<<<<<<
;
; Reverse resolution zone file for a primary nameserver
;
$TTL 86400
@ IN SOA enigma.dbku.gov.my. jim.dbku.gov.my. (
2000041900 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400) ; Minimum
IN NS enigma.dbku.gov.my.
IN NS ns1.jaring.my.
1 IN PTR localhost.
>>>>>>>>>>>>>><<<<<<<<<<<<
>>>>>>named.dbku.gov.my<<<
;
; Forward resolution zone file for a primary nameserver
;
$TTL 86400
@ IN SOA enigma.dbku.gov.my. jim.dbku.gov.my. (
2000041900 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400) ; Minimum
IN NS enigma.dbku.gov.my.
IN NS ns1.jaring.my.
IN MX 10 mail.dbku.gov.my.
IN A 198.10.10.112
enigma IN A 198.10.10.112
www IN CNAME enigma.dbku.gov.my.
>>>>>>>>><<<<<<<<<<<<
>>>>>>>>named.dbku.gov.my.
;
; Forward resolution zone file for a primary nameserver
;
$TTL 86400
@ IN SOA enigma.dbku.gov.my. jim.dbku.gov.my. (
2000041900 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400) ; Minimum
IN NS enigma.dbku.gov.my.
IN NS ns1.jaring.my.
1 IN PTR enigma.dbku.gov.my.
>>>>>>>>>>>>><<<<<<<<<<<<<
I think it might cause by my NAT IP. But, I dont know how to correct.
How to solve it/
Thank you very much.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you very much
This is easily done with one named instance in Bind 9.x by using ACL's and views. For earlier versions you have to run two copies of bind each listening on a different IP. That of couse means that the inside DNS server needs to have an IP alias of a second NIC.