Results 1 to 2 of 2

Thread: DNS and NAT... sorry.

  1. #1

    DNS and NAT... sorry.

    I am sure this has been answered before... I just exceeded my 3-hour limit on head-banging. I am looking for a sense of direction, as I am sure I can fill in the blanks.

    I have a working DNS Server, where I can resolve to any desired ip address. Nameservers from are correctly pointed to my DNS server. So now, I want to be able to route the traffic to a specific machine on the LAN based on my DNS server's resolution. The server has 2 ethernet cards, one listening to WAN traffic and the other to LAN traffic. Everything works...

    I want for anyone on the outside (WAN) to be able to ping (or whatever) and the traffic to be routed through the DNS server to the actual machine. More concretely, using bind9, I have associated to So, from the LAN, if I ping I get the expected result. However, if I do the same thing from the WAN, then my request is resolved also to (which usually does not exist). I somehow want it resolved to I've been fiddling iptables without success... I don't seem to get the hang on how to route the "output" of bind through iptables...

    Suggestions are appreciated. Thanks for your time!


  2. #2
    I'm not exactly sure what you mean by routing connections, but I think I have an idea.

    To serve different answers given different criteria is possible in bind. Edit /etc/named.conf and create two ACL lists.

    acl "trusted" {;

    Then your different stanzas.

    view "internal-in" in {
    match-clients { trusted; };

    view "external-in" in {
    match-clients { any; };

    This will give you control given the vector of the client, and you don't need to mess with iptables.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts