Solved

Redirection with BIND

Posted on 2003-12-06
5
372 Views
Last Modified: 2010-04-21
How can I redirect any request to www.blahblah.com to an inlan server 192.16.8.1. The same dns server host the zone for www.blahblah.com as well so i still want people from the outside to get to www.blahblah.com.
0
Comment
Question by:mesican
  • 3
  • 2
5 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 9899428
It sounds like you want to set up a web server on a machine inside of a NAT'ing firewall and have it accessible from the Internet and local machines. This means that you'll need to configure your firewall to port forward traffic on 80/TCP and 443/TCP to the inside IP of your web server, or if you have multiple outside IP's you'll need to set up a static NAT translation. Your Internet accessible DNS will need to include a record for www.dom.tld pointing to the outside IP of your firewall (or the static NAT IP).

For inside machines to access the web server you either need a private DNS server that equates the hostname of the web server to its inside IP or create hosts file records on each system equating the hostname to the inside IP.
0
 

Author Comment

by:mesican
ID: 9901341
I already have all that setup, my question is:

I have 1 DNS server that host abc.com. It is behinde my firewall with a private ip address and all the port fowarding and stuff works. HOWEVER, clients on the lan, when they type in www.abc.com it goes to the dns server, gets the public ip (which is the routers e0 interface) and it just hangs. So to avoid all this i want to be able to have it to where the clients type in www.abc.com, it goes to dns, and then dns sees that its coming from the lan and fowards it to the private ip of the webserver.
0
 
LVL 40

Accepted Solution

by:
jlevie earned 50 total points
ID: 9901616
Okay, waht you need is to configure your DNS server with two views. One view is limited by an ACL to only respond to requests from the private LAN and it supplies private IP's for anll requests. The other view responds to Internet requests with routable IP's. A partial named.conf to do this might look like:

...
acl "inside" { 127/8; 192.168.0.0/16; };

view "internal" {
  match-clients { "inside"; };
  recursion yes;
  zone "." IN {
    type hint;
    file "root.zone";
  };

  zone "." IN {
    type hint;
    file "root.zone";
  };
  zone "localhost" IN {
    type master;
    file "localhost.zone";
    allow-update { none; };
  };
  zone "0.0.127.in-addr.arpa" IN {
    type master;
    file "localhost.rev";
    allow-update { none; };
  };
  zone "my-dom.tld" IN {
    type master;
    file "inside/my-dom.tld.zone";
    allow-update { none; };
  };
...
};

view "external" {
  match-clients { any; };
  recursion yes;

  zone "." IN {
    type hint;
    file "root.zone";
  };
  zone "localhost" IN {
    type master;
    file "localhost.zone";
    allow-update { none; };
  };
  zone "0.0.127.in-addr.arpa" IN {
    type master;
    file "localhost.rev";
    allow-update { none; };
  };
  zone "my-dom.tld" {
    type master;
    file "outside/my-dom.tld.zone";
    allow-update { none; };
  };
...
};
...
0
 

Author Comment

by:mesican
ID: 9906207
Ok let me try this out and ill get back to you.
0
 

Author Comment

by:mesican
ID: 9906226
Thank you. It works.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I am a long time windows user and for me it is normal to have spaces in directory and file names. Changing to Linux I found myself frustrated when I moved my windows data over to my new Linux computer. The problem occurs when at the command line.…
Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now