Two could be newbie questions

Barry Margolin barmar at
Fri Oct 5 15:04:11 UTC 2001

In article <9pjq4n$32s at>, Derek <bkgooh at> wrote:
>I am trying to set up a master dns server for my domain ( I have
>managed to configure Bind9.1.3rc1 such that when using nslookup locally on
>the dns server, I'm able to resolve IP address of hosts in my domain. This
>also works when I use nslookup on another machine on the same network with
>the DNS setting set to my dns server's ip address. Now, when I put my dns
>server onto the Internet, I find that applications I could not resolve hosts
>in my domain ( when the client's DNS settings was set to say my ISP
>dns. What did I missed out in order for the entire Internet to be able
>resolve hosts in my domain through my dns?

You probably haven't changed the delegation in the COM domain to point to
your nameserver.

If you told us the real domain name ( belongs to Disney) and the
name of your nameserver we could verify this.

>Second question, when I try putting my dns box behind a firewall, assigned
>an internal IP to the dns box, and let the firewall translate the ip to an
>external one using NAT. nslookup from the Internet no longer work. I have
>open up port 53 for both udp and tcp for both incoming and outgoing traffic
>on the firewall, and the firewall's log do not review any access deny log,
>what could be wrong here? In addition, I have include the "query-source
>address * port 53" under the option statement for my conf file as
>by some documentation. What could have been wrong?

It sounds like you've done the right things.  Check the firewall's logs to
see what it's blocking.

Barry Margolin, barmar at
Genuity, Woburn, MA
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

More information about the bind-users mailing list