[H-GEN] Bind from behind a firewall

Alex Delaforce dir.tech at ormiston.qld.edu.au
Wed Sep 10 17:48:38 EDT 2003


[ Humbug *General* list - semi-serious discussions about Humbug and     ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]

Rick,
>From my work at 7.46am on Thursday a ping for www.qmp.net.au shows that
there is no resolution for the name. I tested the ping worked from
within my work system by using names I know haven't been used and cached
on my servers. So it isn't resolving to IP on the DNS.
Alex

> -----Original Message-----
> From: Majordomo [mailto:majordom at caliburn.humbug.org.au] On 
> Behalf Of Rick Phillips
> Sent: Wednesday, 10 September 2003 9:56 PM
> To: general at lists.humbug.org.au
> Subject: [H-GEN] Bind from behind a firewall
> 
> 
> [ Humbug *General* list - semi-serious discussions about 
> Humbug and     ]
> [ Unix-related topics. Posts from non-subscribed addresses 
> will vanish. ]
> 
> I have been having a huge struggle getting Bind 9 to work 
> from behind an ADSL modem/router/firewall.  I have read a 
> great deal about DNS over the last week and have, I believe, 
> correctly configured the name server as a "Bastion" name 
> server i.e. presenting an external and internal view.  I have 
> also uncommented the line in the conf file which "forces" it 
> to listen on port 53.  Port 53 of course is open trough the firewall.
> 
> I used to run this server from behind a linux satellite 
> gateway configured by the service provider and they used to 
> run a caching name server on the gateway.  The gateway was 
> also the firewall.  I never had any problems with this set up 
> but for various reasons, I wish to remain with my new 
> configuration.  Main reason being that I have limited backup 
> power in case of failure of the public system and a small box 
> and a computer consume far less power than 2 computers.
> 
> The problem has been huge for me and I have wasted a lot of 
> hours on this. My ISP has been generous and has put my domain 
> and zones on his name server just so that I can get mail and 
> serve pages.  I have put a new zone on the server and this 
> has been an excellent opportunity to pursue the problem.  (I 
> look after a few very small companies and some mums and dads 
> with their own email addresses and some very basic web pages)
> 
> The URL has been registered for 2 days now but as yet, my 
> name server is not serving it to the world.
> 
> Firstly, as I can't test properly from "inside" can someone 
> please "ping", "dig" or "host" www.qmp.net.au for me to see 
> if there is a result.
> 
> Secondly, can anyone point me in the direction of any 
> "gotchas" that they might be aware of.  My named.conf file is 
> fairly long with the zones and the two views but I will post 
> it edited or in full if anyone wants to peruse my effort.
> 
> I am comfortable with linux but lack understanding in some 
> areas.  This happens to be one of them!!
> 
> Regards,
> 
> Rick Phillips
> 
> 
> ===================
> The Tymling Group
> PO Box 97
> Cooroy Q 4563
> 
> Suncoast Technical - Ph (07) 5442 5423  Fax (07) 5442 5712 
> rickp at suntech.net.au http://www.suntech.net.au
> 
> ** Queensland Agent for Mandrake & Xandros Linux **
> 
> 
> 
> --
> * This is list (humbug) general handled by 
> majordomo at lists.humbug.org.au .
> * Postings to this list are only accepted from subscribed addresses of
> * lists 'general' or 'general-post'.  See http://www.humbug.org.au/
> 

--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.  See http://www.humbug.org.au/



More information about the General mailing list