How do i get my internal linux dns to retrieve information from an external dns

the_iddiot at the_iddiot at
Wed Oct 18 22:34:44 UTC 2006

Hi i am doing this project for a university class i have a Linux
Firewall running iptables i have a internal network for the DMZ
(192.168.78.x) and the Lan (192.168.77.x) on the DMZ i have a DNS
( and other servers.  the firewall sits on a fake external
network (which is a internal network) ( with an "external
DNS" (

the external dns is win 2003 and the internal is centos

my problem is that i am trying to run the master slave dns setup
between the two atm i have got the external dns working it sees all the
internal information from the linux domain but the internal
linux dns cannot see the win 2003 server domain

i have set up forwarding and the natting in the firewall to allow the
ip address from the"external network" to be translated on port 53 to
the internal network.


iptables -t nat -A PREROUTING -p tcp $NET_NIC --dport 53 -j DNAT
iptables -t nat -A PREROUTING -p udp $NET_NIC --dport 53 -j DNAT

iptables -A FORWARD -i $NET_NIC -o $DMZ_NIC -p ALL -m state --state
iptables -A FORWARD -i $DMZ_NIC -o $NET_NIC -p ALL -m state --state

i believe that is the relivant information from the IPtables if you
wish to see the whole iptables i can set up ssh and get it i supose

i do not understand even though i have opened the ports and set it up
to allow this passage of data from the external DNS to the internal one
it does not allow this data through

when i restare named i get the error message in the logs

transfer of '' from failed while
recieving responses: Primisison denied

assistance is more than required

Kind Regards

More information about the bind-users mailing list