Running public Bind Server from behind firewall
kboyack at gmail.com
Tue Jun 7 05:47:07 UTC 2005
On 6/6/05, John McGowan <mcgowan at lynch2.com> wrote:
> I've been running bind for a while now without any problems. server is
> on public ip space behind a L2 transparent firewall.
> I just reconfigured the server to be on a private ip address and moved
> it behind a new firewall that is not a L2 transparent firewall. I have
> setup a "Mapped IP" on the firewall, but for some reason DNS doesn't
> work like it should. looks like responses to queries done by the dns
> server aren't getting back.
> The thing that's confusing me is that all other services on the machine
> that were moved are working fine SMTP, POP, HTTP. DNS is the only
> service that is having problems.
> Is there something obvious that I would have to change in my named.conf
> to support a bind server running on a private ip address behind a
> firewall? (keep in mind that the firewalls i'm running are identical
> with identical policies, the only difference is the introduction of this
> private ip network)
Does your named.conf contain a "blackhole" statement? If it does and
the queries are coming from the private IP address of your firewall,
that could be your problem.
More information about the bind-users