>>>I am trying to setup a DNS server with one static ip from my ADSL
>>>provider. My current setup has three computers:
>>>Linux one used as router/firewall
>>>Linux two used as web/sendmail/dns server
>>>I assigned 192.168.1.1 for the linux one, 192.168.1.9 for linux two, and
>>> 126.96.36.199 for the windows machine. Let's assume my static ip is
>>>In the A record, I have everything pointed to 192.168.1.9
>>>mydomain.com. IN A 192.168.1.9
>>>mail.mydonain.com. IN A 192.168.19
>>>ns1.mydomain.com. IN A 192.168.1.9
>>>Since all these are internal address, do I need to setup an A record for
>>>my static ip? If yes, could you provide some information on how to do
>> It would be similar to the above, but you might want to have separate DNS
>> server configurations for internet and intranet (you could use an alias IP
>> on your DNS box for one of them). Because you don't really want to
>> advertise your private IPs on the internet.
>> Note that you can have multiple A records pointing to the same IP, so you
>> could have all 3 of the above names pointing at your internet IP, and
>> ipchains rules to tell where to locally forward specific incoming ports.
> First of all, thanks for the hint.
> Okay, I added the following to my A record in db.mydomain.com:
> ns1.mydomain.com. IN A 999.999.999.999
> mydomain.com. IN A 999.999.999.999
> mail.mydomain.com. IN A 999.999.999.999
> The 999.999.999.999 is assumed to be my only static ip, and I also added
> a db.999.999.999 file.
> So right now, all I have to do is use iptable from my router/firewall
> machine to forward all the dns request to my internal DNS machine, right
> ? Is this correct?
You would need to forward port 53 for DNS, 25 for smtp and 80 for www.
But I am using a hardware gateway for the latter 2 and sshd, so I cannot
provide specific details on the ipchains rules required. When I was using
SuSE as a gateway it had an easy to set up firewall, but I never could
quite figure out how to do such port forwarding to masqueraded boxes.
David Efflandt - All spam ignored http://www.de-srv.com/