December 4th, 2001, 10:16 PM
DNS Server behind firewall -- external or internal ip?
Ok, I am setting up my dns server behind an internet router by DLink. Behind the router, I have a LAN.
I have the router to allow in port 80 (httpd), 22 (sshd), and 21 (ftpd). If one of these requests are made, then the router points it to my FreeBSD machine that runs all these services. It also has Bind on it, and I will use it as my DNS. My ultimate goal here is to use it as a name server so that I can point a domain name to it, and I want to use it as a name server to point to itself.
Anyway, I am using a static ip address assigned to me by @home to get to the website externally (22.214.171.124). The internal ip on the lan is 192.168.0.103 .
My question is, which ip do I use when setting up bind. Do I use the external or the internal?
I assume that I will have to open up port 53, is this correct?
Also, this will be my primary name server, and I plan to use a friend who has bind running as the secondary.
December 4th, 2001, 10:46 PM
>> which ip do I use when setting up bind. Do I use the external or the internal?
You don't need to set IP to bind. However, your zone files need to point to your external IPs.
>> I will have to open up port 53, is this correct?
Yes and both TCP/UDP. Normally dns query uses UDP 53, but when packet coming in is larger than 512 bytes (non RFC-compliance), TCP 53 will be used instead. TCP is also being used when doing zone transfer.
December 4th, 2001, 11:02 PM
Yes, zone, thats what I meant. Thanks.