AW: Can't get to internal www server from the outside

Mon Jul 24 08:05:33 UTC 2000

A little hint :

If you're using NAT over a Checkpoint Firewall-1, you have to add a
route from the external address to the internal networks although you
have already set up NAT.

like :

route add net 207.212.133.0 192.168.100.0 -netmask 255.255.255.0

Godd luck ;o)

Marcus

-----Urspr=FCngliche Nachricht-----
Von: Mark Johannessen [mailto:mfjlaw at pacbell.net]
Gesendet am: Freitag, 21. Juli 2000 16:02
An: bind-users at isc.org
Betreff: Can't get to internal www server from the outside

Can anyone point me to an example to set up DNS for a www server (or=20
other services for that matter) on a box in an internal net=20
(192.168.x.x) which can be accessed from an external internet query?=20
My set up works internally, but when queried (or pinged) from the=20
outside - there's  no response.  I'm probably missing something basic=20
here ...

My Setup:

I have a linux (RH) box set up with BIND 8, which is also the gateway=20
(public IP
207.212.133.64) and a router to my internal net with a mixture of OSs=20
and boxes.  I have a
domain (rudeboysrecords.com) which I would like to serve up audio=20
streams using an Mac
streaming server (which is called "house" at 192.168.1.102 on=20
internal net).  The problem
is, "www.rudeboysrecords.com" resolves ok when using an internal=20
host, but not when
using an extenal internet connection (in fact, I can't ping that=20
domain externally, but can
internally).

The /etc/hosts file looks like this:

127.0.0.1       localhost.localdomain   localhost
207.212.133.64  ns1.3of4.com
192.168.1.100   lin.3of4.com
192.168.1.102   s1.rudeboysrecords.com  house

ns1 and lin are two interfaces on the linux router/DNS box.  ns1 is=20
on eth0 and lin is on
eth1 (the internal net card).  The named.conf file looks like this:

options {
         directory "/var/named";
         query-source address * port 53;
};

zone "." {
         type hint;
         file "root.hints";
};

zone "localhost" {
         type master;
         file "pz/localhost";
};

zone "0.0.127.in-addr.arpa" {
         type master;
         file "pz/127.0.0";
};

zone "1.168.192.in-addr.arpa" {
         type master;
         file "pz/192.168.1";
};

zone "3of4.com" {
         type master;
         file "pz/3of4.com";
};

zone "rudeboysrecords.com" {
         type master;
         file "pz/rudeboysrecords.com";
};

and finally, pz/rudeboysrecords.com looks like this:

@TTL 86400
; rudeboysrecords.com
;
@       IN      SOA     s1.rudeboysrecords.com. =
hostmaster.rudeboysrecords.com.
(
2000070101      ; Serial
8H              ; refresh, seconds
2H              ; retry, seconds
1W              ; expire, seconds
1D )            ; minimum, seconds

NS      ns1.3of4.com.
NS      ns1.granitecanyon.com.
TXT     "Rude Boys Records"
MX      10 mail.3of4.com.

localhost       A       127.0.0.1
ns1             A       207.212.133.64
rbr           A       192.168.1.102
mail            CNAME   ns1
www             CNAME   rbr

Can anyone see the problem here or point me in the right direction or=20
maybe refer me to an
example somewhere where internal web servers are set up to respond to=20
external browser
requests?  I have the O'Reilly book but I still haven't a clue.

Thanks

Mark Johannessen