Two could be newbie's questions

derek.b.gooh at sg.andersen.com derek.b.gooh at sg.andersen.com
Fri Oct 5 09:39:38 UTC 2001


                                                                                
                                                                                
                                                                                
  Hi all,                                                                       
                                                                                
  I am trying to set up a master dns server for my domain (abcd.com). I have    
  managed to configure Bind9.1.3rc1 such that when using nslookup locally on    
  the dns server, I'm able to resolve IP address of hosts in my domain. This    
  also works when I use nslookup on another machine on the same network with    
  the DNS setting set to my dns server's ip address. Now, when I put my dns     
  server onto the Internet, I find that applications could not resolve hosts in 
  my domain (abcd.com) when the client's DNS settings was set to say my ISP     
  dns. What did I missed out in order for the entire Internet to be able        
  resolve hosts in my domain through my dns?                                    
                                                                                
  Second question, when I try putting my dns box behind a firewall, assigned an 
  internal IP to the dns box, and let the firewall translate the ip to an       
  external one using NAT. nslookup from the Internet no longer work. I have     
  open up port 53 for both udp and tcp for both incoming and outgoing traffic   
  on the firewall, and the firewall's log do not review any access deny. In     
  addition, I have include the "query-source address * port 53" under the       
  option statement for my conf file as suggested by some documentation. What    
  could have been wrong?                                                        
                                                                                
  Thanks in advanced for any comment.                                           
                                                                                
 Rdgs                                                                           
 Derek                                                                          
                                                                                






*******************Internet Email Confidentiality Footer*******************


Privileged/Confidential Information may be contained in this message.  If you
are not the addressee indicated in this message (or responsible for delivery of
the message to such person), you may not copy or deliver this message to anyone.
In such case, you should destroy this message and kindly notify the sender by
reply email. Please advise immediately if you or your employer do not consent to
Internet email for messages of this kind.  Opinions, conclusions and other
information in this message that do not relate to the official business of my
firm shall be understood as neither given nor endorsed by it.




More information about the bind-users mailing list