[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Redirection with BIND

Posted on 2003-12-06
5
Medium Priority
?
385 Views
Last Modified: 2010-04-21
How can I redirect any request to www.blahblah.com to an inlan server 192.16.8.1. The same dns server host the zone for www.blahblah.com as well so i still want people from the outside to get to www.blahblah.com.
0
Comment
Question by:mesican
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 9899428
It sounds like you want to set up a web server on a machine inside of a NAT'ing firewall and have it accessible from the Internet and local machines. This means that you'll need to configure your firewall to port forward traffic on 80/TCP and 443/TCP to the inside IP of your web server, or if you have multiple outside IP's you'll need to set up a static NAT translation. Your Internet accessible DNS will need to include a record for www.dom.tld pointing to the outside IP of your firewall (or the static NAT IP).

For inside machines to access the web server you either need a private DNS server that equates the hostname of the web server to its inside IP or create hosts file records on each system equating the hostname to the inside IP.
0
 

Author Comment

by:mesican
ID: 9901341
I already have all that setup, my question is:

I have 1 DNS server that host abc.com. It is behinde my firewall with a private ip address and all the port fowarding and stuff works. HOWEVER, clients on the lan, when they type in www.abc.com it goes to the dns server, gets the public ip (which is the routers e0 interface) and it just hangs. So to avoid all this i want to be able to have it to where the clients type in www.abc.com, it goes to dns, and then dns sees that its coming from the lan and fowards it to the private ip of the webserver.
0
 
LVL 40

Accepted Solution

by:
jlevie earned 200 total points
ID: 9901616
Okay, waht you need is to configure your DNS server with two views. One view is limited by an ACL to only respond to requests from the private LAN and it supplies private IP's for anll requests. The other view responds to Internet requests with routable IP's. A partial named.conf to do this might look like:

...
acl "inside" { 127/8; 192.168.0.0/16; };

view "internal" {
  match-clients { "inside"; };
  recursion yes;
  zone "." IN {
    type hint;
    file "root.zone";
  };

  zone "." IN {
    type hint;
    file "root.zone";
  };
  zone "localhost" IN {
    type master;
    file "localhost.zone";
    allow-update { none; };
  };
  zone "0.0.127.in-addr.arpa" IN {
    type master;
    file "localhost.rev";
    allow-update { none; };
  };
  zone "my-dom.tld" IN {
    type master;
    file "inside/my-dom.tld.zone";
    allow-update { none; };
  };
...
};

view "external" {
  match-clients { any; };
  recursion yes;

  zone "." IN {
    type hint;
    file "root.zone";
  };
  zone "localhost" IN {
    type master;
    file "localhost.zone";
    allow-update { none; };
  };
  zone "0.0.127.in-addr.arpa" IN {
    type master;
    file "localhost.rev";
    allow-update { none; };
  };
  zone "my-dom.tld" {
    type master;
    file "outside/my-dom.tld.zone";
    allow-update { none; };
  };
...
};
...
0
 

Author Comment

by:mesican
ID: 9906207
Ok let me try this out and ill get back to you.
0
 

Author Comment

by:mesican
ID: 9906226
Thank you. It works.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question