Avatar of Roba122
Roba122

asked on 

Networking, DNS behind router with bind9

I'm just having the hardest time with something I consider should be easy.  I have the following

Static IP
Router w/portforwarding to my server and port 53 tcp/udp for dns to the same machine
Server is behind the router

I want to setup dns on the server so that I can have my domain.com go to the server.

I've set up a zone for domain.com and reverse dns.   I think Im close but just missing something,

Thanks!

I've set up reverse dns

Doesnt seem to be working.

And I've set up reverese dns for the public facing IP (my server is on 192.168.1.4, locally)

But that doesnt seem to be working, I just thought
My zone file for my domain 
 
$TTL 3D
 
 
@ IN    SOA     ns1.example.com. admin.example.com. (
   2007062001
   28800
   3600
   604800
   38400
);
 
 
example.com.      IN      NS              ns1.example.com.
example.com.      IN      MX     10       mta.example.com.
 
 
www              IN      A       PU.BL.IC.IP
mta              IN      A       PU.BL.IC.IP
ns1              IN      A       PU.BL.IC.IP
example.com.     IN      NS      ns2.example.com.
 
My reverese dns zone file
 
$TTL 3D
 
@       IN      SOA     ns1.example.com. admin.example.com. (
                        2007031002
                        28800
                        604800
                        604800
                        86400 )
                    IN    NS     ns1.example.com.
IP                   IN    PTR    example.com
 
#where IP is the last digit of my public ip
 
 
my named.conf file has the following
 
zone "example.com" {
        type master;
        file "/etc/bind/zones/db.example.com";
        };
 
# PU.BL.IC.IP = public ip address
zone "IC.BL.PU.in-addr.arpa" {
     type master;
     file "/etc/bind/zones/rev.IC.BL.PU.in-addr.arpa";
};

Open in new window

DNSLinux Networking

Avatar of undefined
Last Comment
fosiul01
Avatar of fosiul01
fosiul01
Flag of United Kingdom of Great Britain and Northern Ireland image

What kind of problem are you facing ??

You would not able to do reverse dns internaly, you will have to tell your ISP to do reverse dns for your public ip
Avatar of Roba122
Roba122

ASKER

I dont really care about reverse dns, I can't do it with my isp,

Basically tell me how to setup my dns (same box as webserver ) so that when I go to example.com (my domain) resolves to my server on my internal network.

I need to access this domain from home and from the outside world.

I'd like the flexibility to setup subdomain,extra domains, thats why I just didn't set up an A record entry at my registrar for the domain.

Thanks!
Avatar of fosiul01
fosiul01
Flag of United Kingdom of Great Britain and Northern Ireland image

Ok

From Domain Control panel
have you change your Name server already ??
which should be

ns1.example.com
ns2.exmaple.com

which should be point to your public ip address
Avatar of Roba122
Roba122

ASKER

yes my registrar has the nameservers changed to ns1.example.com/ns2.example.com.

Those point to my public ip.  The router is set to forward that traffic to my dns server on port 53 tcp/udp
Avatar of fosiul01
fosiul01
Flag of United Kingdom of Great Britain and Northern Ireland image

ok have a look at my zone file

$TTL 14400
@ 86400   IN      SOA     ns1.xxx.co.uk. ns2.xxxx.co.uk. (
                2008021501      ; serial
                86400           ; refresh
                7200            ; retry
                3600000         ; expire
                86400 )         ; minimum

                        IN NS ns1.xxx.co.uk.
                        IN NS ns2.xxx.co.uk.
                        IN MX 10  mail.xxxx.co.uk.
                        IN A 11.11.11.11
ns1                     IN A 11.11.11.11
ns2                     IN A 22.22.22.22
www                     IN A 11.11.11.11
mail                    IN A 11.11.11.11


now come to named.conf

have you allowed to do Dns query in your named.conf ??

options {
        listen-on port 53 { 11.11.11.11; 22.22.22.22; 127.0.0.1; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";

        // Those options should be used carefully because they disable port
        // randomization
        // query-source    port 53;
        // query-source-v6 port 53;

        allow-query     { any; };
        Recursion no;
};

other wise Dns query will not work
Avatar of fosiul01
fosiul01
Flag of United Kingdom of Great Britain and Northern Ireland image

if you Edit your named.conf file with those options

then dns should work

also , have you opended port 53 in your linux server ??

can you telnet the pc internal

telnet pc ip 53 ??

also from out side of your network , telnet yourpublic ip 53
Avatar of Roba122
Roba122

ASKER

what are the 11.11.11 / 22.22..... addresses? local ip's or external, my whole problem has been figuring out what local and external values go where.

Thanks
Avatar of Roba122
Roba122

ASKER

Also, yes I can telnet from inside and outside the network on port 53
Avatar of fosiul01
fosiul01
Flag of United Kingdom of Great Britain and Northern Ireland image

it whould be internal

try with

  listen-on port 53 { ANY; };


Avatar of fosiul01
fosiul01
Flag of United Kingdom of Great Britain and Northern Ireland image

One more thing

in your Zone config

you put public ip I gueess

Since your dns server is internal so you need to put the ip address of Internal  pc

according to your configuraiton
www              IN      A       PU.BL.IC.IP
mta              IN      A       PU.BL.IC.IP
ns1              IN      A       PU.BL.IC.IP


you have to put internal Ip

if your Dns server would connected via public directly then you had to use public ip but your one is behind router and configured with internal ip

Avatar of Roba122
Roba122

ASKER

If I put the local network address wouldn't it return that to the client, ie connecting from the outside world for example.com the dns would return 192.168.1.4 how would the client connect to that?

Explain if I missed something

Avatar of Roba122
Roba122

ASKER

Well it just started working, and I did have the public IP in the zone.

ASKER CERTIFIED SOLUTION
Avatar of fosiul01
fosiul01
Flag of United Kingdom of Great Britain and Northern Ireland image

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of fosiul01
fosiul01
Flag of United Kingdom of Great Britain and Northern Ireland image

good!!
ok so what Ip you put in named.conf ??

in allow section ??
DNS
DNS

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

29K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo