Solved

BIND 9 help

Posted on 2003-10-23
4
326 Views
Last Modified: 2010-03-18
Here is my problem. My isp is handing out private ips now.So my public ip (a.b.c.d) is now being fowarded to my private ip of 10.20.20.20. My router is connected to the 10.20.20.20. on EO and then to my private network of 172.16.8.0. on E1. I have 3 server on my private network (172.16.8.2 -5) and the router is port fowarding dns,web,and mail to the right ip. But i need help setting up my dns server. This is what i have so far. Is this right? This is the zone file for example.com

$TTL 2D
@      SOA      ns1.example.com. dns.example.com. (
                  2003102301      ; Serial
                  8h            ; Refresh
                  2h            ; Retry
                  3600000            ; Expire (1000h)
                  1D)            ; Minimum TTL
      NS      ns1.example.com.
      MX 5      mail.example.com.
      A      a.b.c.d ; My public ip right?

; Addresses
localhost                      A              127.0.0.1                      ; Loopback
router            A      172.16.8.1            ; Cisco Router
www            A      172.16.8.2            ; Web Server
ns1            A      172.16.8.3            ; Name server
mail            A      172.16.8.4            ; Mail server

webmail            CNAME      172.16.8.4            ; Send webmail to Mail
pop3            CNAME      172.16.8.4            ; Send pop3 to Mail
smtp            CNAME       172.16.8.4            ; Send smtp to Mail
 
0
Comment
Question by:mesican
  • 2
  • 2
4 Comments
 
LVL 13

Accepted Solution

by:
td_miles earned 125 total points
Comment Utility
The zone syntax you have looks fine, but it depends on where you will be using this zone. If you will only be using this internally, then it is fine. If you will be using this zone as the zone that people on the Internet use to connect to your servers, then you will need to use REAL IP addresses in the zone. These IP addresses will be the ones that your ISP has given you. This way if someone tries to connect to (as an example) your web server, their browser will do the following:

1. Browser does DNS lookup for www.example.com = a.b.c.d
2. connect to a.b.c.d
3. ISP NAT's a.b.c.d to 10.20.20.20
4. You NAT 10.20.20.20 to 172.16.8.2
5. web server on 172.16.8.2 responds.

If you advertise the zone the was you have it now, what would happen would be:

1. Browser does DNS lookup for www.example.com = 172.16.8.2
2. connect 172.16.8.2
3. Get nowehere, as 172.16.8.2 is not an Internet-routable address.
0
 

Author Comment

by:mesican
Comment Utility
So are you saying that i should make all the www, mail, dns address to a.b.c.d?
0
 
LVL 13

Expert Comment

by:td_miles
Comment Utility
If this is the DNS file that you will be using so that people on the Internet can access your servers, then yes, you will need to change the IP addresses to the a.b.c.d address. When people connect to a.b.c.d the magic of NAT will actually make them connect to your server on its private IP address.

If this DNS file is for INTERNAL only use (ie. just for your LAN), then you would want to leave it at is.

I assume that you have your own domain and have just put in "example.com" for illustrative purposes.
0
 

Author Comment

by:mesican
Comment Utility
Yea, I dont want people to know the real domain and think its ran by newbs. Thanks for your input, you cleared everything up for me.
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video discusses moving either the default database or any database to a new volume.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now