Link to home
Create AccountLog in
Avatar of Roba122
Roba122

asked on

Networking, DNS behind router with bind9

I'm just having the hardest time with something I consider should be easy.  I have the following

Static IP
Router w/portforwarding to my server and port 53 tcp/udp for dns to the same machine
Server is behind the router

I want to setup dns on the server so that I can have my domain.com go to the server.

I've set up a zone for domain.com and reverse dns.   I think Im close but just missing something,

Thanks!

I've set up reverse dns

Doesnt seem to be working.

And I've set up reverese dns for the public facing IP (my server is on 192.168.1.4, locally)

But that doesnt seem to be working, I just thought
My zone file for my domain 
 
$TTL 3D
 
 
@ IN    SOA     ns1.example.com. admin.example.com. (
   2007062001
   28800
   3600
   604800
   38400
);
 
 
example.com.      IN      NS              ns1.example.com.
example.com.      IN      MX     10       mta.example.com.
 
 
www              IN      A       PU.BL.IC.IP
mta              IN      A       PU.BL.IC.IP
ns1              IN      A       PU.BL.IC.IP
example.com.     IN      NS      ns2.example.com.
 
My reverese dns zone file
 
$TTL 3D
 
@       IN      SOA     ns1.example.com. admin.example.com. (
                        2007031002
                        28800
                        604800
                        604800
                        86400 )
                    IN    NS     ns1.example.com.
IP                   IN    PTR    example.com
 
#where IP is the last digit of my public ip
 
 
my named.conf file has the following
 
zone "example.com" {
        type master;
        file "/etc/bind/zones/db.example.com";
        };
 
# PU.BL.IC.IP = public ip address
zone "IC.BL.PU.in-addr.arpa" {
     type master;
     file "/etc/bind/zones/rev.IC.BL.PU.in-addr.arpa";
};

Open in new window

Avatar of fosiul01
fosiul01
Flag of United Kingdom of Great Britain and Northern Ireland image

What kind of problem are you facing ??

You would not able to do reverse dns internaly, you will have to tell your ISP to do reverse dns for your public ip
Avatar of Roba122
Roba122

ASKER

I dont really care about reverse dns, I can't do it with my isp,

Basically tell me how to setup my dns (same box as webserver ) so that when I go to example.com (my domain) resolves to my server on my internal network.

I need to access this domain from home and from the outside world.

I'd like the flexibility to setup subdomain,extra domains, thats why I just didn't set up an A record entry at my registrar for the domain.

Thanks!
Ok

From Domain Control panel
have you change your Name server already ??
which should be

ns1.example.com
ns2.exmaple.com

which should be point to your public ip address
Avatar of Roba122

ASKER

yes my registrar has the nameservers changed to ns1.example.com/ns2.example.com.

Those point to my public ip.  The router is set to forward that traffic to my dns server on port 53 tcp/udp
ok have a look at my zone file

$TTL 14400
@ 86400   IN      SOA     ns1.xxx.co.uk. ns2.xxxx.co.uk. (
                2008021501      ; serial
                86400           ; refresh
                7200            ; retry
                3600000         ; expire
                86400 )         ; minimum

                        IN NS ns1.xxx.co.uk.
                        IN NS ns2.xxx.co.uk.
                        IN MX 10  mail.xxxx.co.uk.
                        IN A 11.11.11.11
ns1                     IN A 11.11.11.11
ns2                     IN A 22.22.22.22
www                     IN A 11.11.11.11
mail                    IN A 11.11.11.11


now come to named.conf

have you allowed to do Dns query in your named.conf ??

options {
        listen-on port 53 { 11.11.11.11; 22.22.22.22; 127.0.0.1; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";

        // Those options should be used carefully because they disable port
        // randomization
        // query-source    port 53;
        // query-source-v6 port 53;

        allow-query     { any; };
        Recursion no;
};

other wise Dns query will not work
if you Edit your named.conf file with those options

then dns should work

also , have you opended port 53 in your linux server ??

can you telnet the pc internal

telnet pc ip 53 ??

also from out side of your network , telnet yourpublic ip 53
Avatar of Roba122

ASKER

what are the 11.11.11 / 22.22..... addresses? local ip's or external, my whole problem has been figuring out what local and external values go where.

Thanks
Avatar of Roba122

ASKER

Also, yes I can telnet from inside and outside the network on port 53
it whould be internal

try with

  listen-on port 53 { ANY; };


One more thing

in your Zone config

you put public ip I gueess

Since your dns server is internal so you need to put the ip address of Internal  pc

according to your configuraiton
www              IN      A       PU.BL.IC.IP
mta              IN      A       PU.BL.IC.IP
ns1              IN      A       PU.BL.IC.IP


you have to put internal Ip

if your Dns server would connected via public directly then you had to use public ip but your one is behind router and configured with internal ip

Avatar of Roba122

ASKER

If I put the local network address wouldn't it return that to the client, ie connecting from the outside world for example.com the dns would return 192.168.1.4 how would the client connect to that?

Explain if I missed something

Avatar of Roba122

ASKER

Well it just started working, and I did have the public IP in the zone.

ASKER CERTIFIED SOLUTION
Avatar of fosiul01
fosiul01
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
good!!
ok so what Ip you put in named.conf ??

in allow section ??