Moving DNS behind NAT

Daniel Ström daniel at
Mon May 15 20:55:07 UTC 2006

On May 14, 2006, at 7:50 PM, Peter Dambier wrote:

> Daniel Ström wrote:
>> I have two DNS servers (BIND 9.2.2) that have static public IP:s. I
>> now have to move them behind a router but i can still use the same
>> static IP:s but i have to use NAT for them. I will change the IP on
>> the machines to 192.168.x.x adresses and NAT the public IP:s with the
>> firewall to those two adresses/machines/DNS-servers.
>> What needs to be changed here? Do i need to change all my A and NS
>> records to the internal 192.182.x.x or shouldnt they still be using
>> the external IP that is mapped with NAT?
>> / Daniel
> It depends:
> Seen from outside, dont change anything.
> Seen from inside, if your NAT is intelligent enough, again no need
> to change.
> Your inside clients might need to set their dns resolver (/etc/ 
> resolve.conf)
> to the internal address.

No LAN clients are using these DNS-servers.

> Are both servers behind different NATs or behind the same NAT?

Same NAT. Behind a linksys RV082.

> If they are behind different NATs then there is probably no need to
> change anything at all.
> Hope that helps
> Peter and Karin

It sure does, how did you know that this was exactly the answer i was  
hoping for? "Dont change anything".

/ Daniel

More information about the bind-users mailing list