Port Forwarding & DNS with a Cisco Router (WWW, DNS, FTP, etc.)
Posted on 2003-03-11
Two basic parts that go hand in hand.
Unfortunately our CCNA training didn't cover running public services behind a router, etc. I am attempting to run a Web Server behind a Cisco 806 Router at home. I would like to forward the web traffic obviously. In particular, I am looking for commands that would push port 80 destinations to the specific internal static address. I've seen NAT, PAT and filters throw around information, however I am looking for the instructions that the router receives that causes it to forward that port. I can see how the filters let it through, but it the incoming port 80 packet guided to the WS via NAT? It's not clicking for some reason. Need some definitive information.
Another note, and I am willing to share points with this other half;
DNS! I presume that I set my www name to point to my DNS server in the "DMZ" area which then points to my internal IP for the WS in the DMZ as well. My understanding is that the DNS inquiry gets shot over to my DNS server from the big DNS guys (after a user outside the LAN asks for my www name IP) and then is pushed through my Cisco Router via a "port forwarding" concept, then returns the requested www name-to-IP (public) to the inquirer. Then they throw the port 80 traffic to the (in this case) same IP as the DNS came through, only to be pushed through to the web server by the router once again. If this is correct then why is NOBODY asking how to get their web names directed to a self-hosted DNS server and they ask just how to push http through? Anyone else notice that? Where is the DNS process taking place? When I registered my www name to the interic, it wants DNS servers. Is the router or something else performing DNS? I've got a server ready for DNS and a web server.
So to recap;
1.)"Port Forwarding" concepts for a recent Cisco IOS
2.)Where the heck does DNS fit into my DMZ or inside ranges?
I can REALLY further clarify this if need be. If you don't believe me about people ONLY asking for port 80 manipulation, then do a search for it. You'll see what I mean.
I would like to award points based on a good, solid conceptual answer with a practical solution or an idea. Please bear in mind that there is no open-source software or OS involved in my network. Haven't picked that up yet.
Much thanks in advance!