[H-GEN] Bind from behind a firewall

Rick Phillips rickp at suntech.net.au
Wed Sep 10 07:55:50 EDT 2003 

[ Humbug *General* list - semi-serious discussions about Humbug and     ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]

I have been having a huge struggle getting Bind 9 to work from behind an
ADSL modem/router/firewall.  I have read a great deal about DNS over the
last week and have, I believe, correctly configured the name server as a
"Bastion" name server i.e. presenting an external and internal view.  I have
also uncommented the line in the conf file which "forces" it to listen on
port 53.  Port 53 of course is open trough the firewall.

I used to run this server from behind a linux satellite gateway configured
by the service provider and they used to run a caching name server on the
gateway.  The gateway was also the firewall.  I never had any problems with
this set up but for various reasons, I wish to remain with my new
configuration.  Main reason being that I have limited backup power in case
of failure of the public system and a small box and a computer consume far
less power than 2 computers.

The problem has been huge for me and I have wasted a lot of hours on this.
My ISP has been generous and has put my domain and zones on his name server
just so that I can get mail and serve pages.  I have put a new zone on the
server and this has been an excellent opportunity to pursue the problem.  (I
look after a few very small companies and some mums and dads with their own
email addresses and some very basic web pages)

The URL has been registered for 2 days now but as yet, my name server is not
serving it to the world.

Firstly, as I can't test properly from "inside" can someone please "ping",
"dig" or "host" www.qmp.net.au for me to see if there is a result.

Secondly, can anyone point me in the direction of any "gotchas" that they
might be aware of.  My named.conf file is fairly long with the zones and the
two views but I will post it edited or in full if anyone wants to peruse my
effort.

I am comfortable with linux but lack understanding in some areas.  This
happens to be one of them!!

Regards,

Rick Phillips


===================
The Tymling Group
PO Box 97
Cooroy Q 4563

Suncoast Technical - Ph (07) 5442 5423  Fax (07) 5442 5712
rickp at suntech.net.au
http://www.suntech.net.au

** Queensland Agent for Mandrake & Xandros Linux **



--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.  See http://www.humbug.org.au/

More information about the General mailing list