?
Solved

Redirection with BIND

Posted on 2003-12-06
5
Medium Priority
?
378 Views
Last Modified: 2010-04-21
How can I redirect any request to www.blahblah.com to an inlan server 192.16.8.1. The same dns server host the zone for www.blahblah.com as well so i still want people from the outside to get to www.blahblah.com.
0
Comment
Question by:mesican
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 9899428
It sounds like you want to set up a web server on a machine inside of a NAT'ing firewall and have it accessible from the Internet and local machines. This means that you'll need to configure your firewall to port forward traffic on 80/TCP and 443/TCP to the inside IP of your web server, or if you have multiple outside IP's you'll need to set up a static NAT translation. Your Internet accessible DNS will need to include a record for www.dom.tld pointing to the outside IP of your firewall (or the static NAT IP).

For inside machines to access the web server you either need a private DNS server that equates the hostname of the web server to its inside IP or create hosts file records on each system equating the hostname to the inside IP.
0
 

Author Comment

by:mesican
ID: 9901341
I already have all that setup, my question is:

I have 1 DNS server that host abc.com. It is behinde my firewall with a private ip address and all the port fowarding and stuff works. HOWEVER, clients on the lan, when they type in www.abc.com it goes to the dns server, gets the public ip (which is the routers e0 interface) and it just hangs. So to avoid all this i want to be able to have it to where the clients type in www.abc.com, it goes to dns, and then dns sees that its coming from the lan and fowards it to the private ip of the webserver.
0
 
LVL 40

Accepted Solution

by:
jlevie earned 200 total points
ID: 9901616
Okay, waht you need is to configure your DNS server with two views. One view is limited by an ACL to only respond to requests from the private LAN and it supplies private IP's for anll requests. The other view responds to Internet requests with routable IP's. A partial named.conf to do this might look like:

...
acl "inside" { 127/8; 192.168.0.0/16; };

view "internal" {
  match-clients { "inside"; };
  recursion yes;
  zone "." IN {
    type hint;
    file "root.zone";
  };

  zone "." IN {
    type hint;
    file "root.zone";
  };
  zone "localhost" IN {
    type master;
    file "localhost.zone";
    allow-update { none; };
  };
  zone "0.0.127.in-addr.arpa" IN {
    type master;
    file "localhost.rev";
    allow-update { none; };
  };
  zone "my-dom.tld" IN {
    type master;
    file "inside/my-dom.tld.zone";
    allow-update { none; };
  };
...
};

view "external" {
  match-clients { any; };
  recursion yes;

  zone "." IN {
    type hint;
    file "root.zone";
  };
  zone "localhost" IN {
    type master;
    file "localhost.zone";
    allow-update { none; };
  };
  zone "0.0.127.in-addr.arpa" IN {
    type master;
    file "localhost.rev";
    allow-update { none; };
  };
  zone "my-dom.tld" {
    type master;
    file "outside/my-dom.tld.zone";
    allow-update { none; };
  };
...
};
...
0
 

Author Comment

by:mesican
ID: 9906207
Ok let me try this out and ill get back to you.
0
 

Author Comment

by:mesican
ID: 9906226
Thank you. It works.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Fine Tune your automatic Updates for Ubuntu / Debian
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Suggested Courses
Course of the Month14 days, 22 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question