Simple "inhouse" DNS

Discussion in 'Installation/Configuration' started by eko_taas, May 14, 2011.

  1. eko_taas

    eko_taas New Member

    My ADSL-router (Dlink) has "feature", that it allows port-forward nicely when coming from WAN (ADSL), but same from LAN stops all ports (to router)...

    Till today I have made simple work-around by using with modified /etc/hosts
    Code:
    ...
    # temp manual additions to access server inside home network
    192.168.xx.yy0    example.com
    192.168.xx.yy0    server1.example.com
    192.168.xx.yy0    www.example.com
    192.168.xx.yy0    www2.example.com
    ...
    Anyhow this is not possible / convenient with all devices (like N900)

    I tried to understand (ISPConfig3 /) DNS-zone by googling (+ manual) also w/o great success... to find steps I need to do (to simplify setting in all "inhouse clients").

    I made some some test (w/o success :confused: ):

    0. removed extra lines (from one of client's) /etc/hosts

    1. created in ISPConfig3 new DNS-zone for example.com (for internal use only)
    Domain example.com
    IP Address 192.168.xx.yy
    NS 1 ns1.example.com
    NS 2 ns2.example.com​

    2. changed NS1 as 1st DNS to my to "inhouse-router" (I'll have 2nd router for home machines with all ports closed and all computers with IPv4 setting automatic incl. DNS i.e. set by inhouse-router).

    3. restarted server (reboot to be on safe side) and client network (1st DNS is now 192.168.xx.yy)

    4. (after some time) trying to connect to example.com / www.example.com etc. goes still to ADSL-router...

    What else should be done? Thanks again for help....
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    1) It is better to use a toplevel domain name that does not exist in the internet, like .int for internal or tld so your domain name is e.g. example.int or example.tld

    2) Create the dns zone in ispconfig, you can test the server with the dig command on the shell like this:

    dig example.tld
     
  3. eko_taas

    eko_taas New Member

    trials, but still no success

    Thanks for help... I would have preferred to use same domain-name also in-house (as e.g. due email client accounts etc. on mobile device)

    Anyhow I deleted my earlier DNS zone "example.com" and created (as proposed) example.int . Waited (some hours), and run
    Code:
    dig example.int
    
    ; <<>> DiG 9.7.3 <<>> example.int
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1570
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;example.int.			IN	A
    
    ;; Query time: 1 msec
    ;; SERVER: 192.168.xx.1#53(192.168.xx.1)
    ;; WHEN: Tue May 17 07:05:51 2011
    ;; MSG SIZE  rcvd: 27
    
    looks to me that no success as below looks better (for NewB)
    Code:
    dig example.com
    
    ; <<>> DiG 9.7.3 <<>> XXXXXXX.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45077
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;XXXXXX.com.			IN	A
    
    ;; ANSWER SECTION:
    XXXXXX.com.		3600	IN	A	114.aaa.bbb.ccc
    
    ;; AUTHORITY SECTION:
    XXXXXX..com.		2704	IN	NS	ns64.domaincontrol.com.
    XXXXXX..com.		2704	IN	NS	ns63.domaincontrol.com.
    
    ;; Query time: 101 msec
    ;; SERVER: 192.168.xx.1#53(192.168.xx.1)
    ;; WHEN: Tue May 17 07:33:50 2011
    ;; MSG SIZE  rcvd: 95
    
    client (Linux Mint DE) IPv4:
    Prim. DNS 192.168.xx.1
    Sec. DNS 192.168.yy.zzz (same as example.int)
    Tern. DNS 202.aaa.208.bb1​

    and inhouse-router set to (clients behing this)
    Default gateway 192.168.xx.1
    DNS Address 192.168.xx.90 202.aaa.208.bb1​

    and ADSL router set to (ISP-server and inhouse-router behind this)
    Default gateway 192.168.yy.1
    DNS Address 202.aaa.208.bb1 202.aaa.208.bb2​
     
    Last edited: May 18, 2011
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    To query your loacl server, please use this command:

    dig @localhost abc.int
     
    Last edited: May 18, 2011
  5. eko_taas

    eko_taas New Member

    @localhost did not work eather...

    Code:
    dig @localhost example.int
    
    ; <<>> DiG 9.7.3 <<>> @localhost example.int
    ; (2 servers found)
    ;; global options: +cmd
    ;; connection timed out; no servers could be reached
    
    Looks that it found only my BlackArmors (NAS, 2pcs) in 192.168.xx.qq1 and 192.168.xx.qq2

    as inhouse-clients are in diff. IP-set (192.168.xx) than ISP (192.168.yy.zzz) should this work anyway? (as asking for @localhost)

    Thanks again..
     
    Last edited: May 18, 2011
  6. falko

    falko Super Moderator ISPConfig Developer

    Can you check your named configuration if the zone asy-a.int was created?
     
  7. eko_taas

    eko_taas New Member

    sorry but...

    How to check that as ISPConfig3 menus seems to have it....

    Which log I should look into to double chek that also actually created :confused: ?
     
  8. falko

    falko Super Moderator ISPConfig Developer

    Can you post your named.conf?
     
  9. eko_taas

    eko_taas New Member

    named.conf and named.conf.local

    I'll assume you are looking for /etc/bind/named.conf....
    Code:
    include "/etc/bind/named.conf.options";
    include "/etc/bind/named.conf.local";
    include "/etc/bind/named.conf.default-zones";
    
    then /etc/bind/named.conf.local
    Code:
    zone "example.int" {
            type master;
            allow-transfer {none;};
            file "/etc/bind/pri.example.int";
    };
    Meanwhile I changed physical location of server (earlier behind D-Link-ADSL, now Buffalo-ADSL) and now router understands port-forwarding even from inside. i.e. problemDNS-zone not needed and issue partly solved (till I need my D-link again).
     
  10. falko

    falko Super Moderator ISPConfig Developer

    Can you post your /etc/bind/pri.example.int?
     
  11. eko_taas

    eko_taas New Member

    /etc/bind/pri.example.int

    Here you are my /etc/bind/pri.example.int, thanks again for cont. support...
    Code:
    $TTL        86400
    @       IN      SOA     ns1.example.int. postmaster.example.com. (
                            2011051601       ; serial, todays date + todays serial #
                            28800              ; refresh, seconds
                            7200              ; retry, seconds
                            604800              ; expire, seconds
                            86400 )            ; minimum, seconds
    ;
    
    example.int. 86400 A        192.168.xx.yyy
    example.int.      MX    10   mail.example.int.
    example.int.      NS        ns1.example.int.
    mail 86400 A        192.168.xx.yyy
    www 86400 A        192.168.xx.yyy
     
    Last edited: May 26, 2011
  12. falko

    falko Super Moderator ISPConfig Developer

    Hm, looks ok... :confused:
     

Share This Page