My ADSL-router (Dlink) has "feature", that it allows port-forward nicely when coming from WAN (ADSL), but same from LAN stops all ports (to router)... Till today I have made simple work-around by using with modified /etc/hosts Code: ... # temp manual additions to access server inside home network 192.168.xx.yy0 example.com 192.168.xx.yy0 server1.example.com 192.168.xx.yy0 www.example.com 192.168.xx.yy0 www2.example.com ... Anyhow this is not possible / convenient with all devices (like N900) I tried to understand (ISPConfig3 /) DNS-zone by googling (+ manual) also w/o great success... to find steps I need to do (to simplify setting in all "inhouse clients"). I made some some test (w/o success ): 0. removed extra lines (from one of client's) /etc/hosts 1. created in ISPConfig3 new DNS-zone for example.com (for internal use only) Domain example.com IP Address 192.168.xx.yy NS 1 ns1.example.com NS 2 ns2.example.com 2. changed NS1 as 1st DNS to my to "inhouse-router" (I'll have 2nd router for home machines with all ports closed and all computers with IPv4 setting automatic incl. DNS i.e. set by inhouse-router). 3. restarted server (reboot to be on safe side) and client network (1st DNS is now 192.168.xx.yy) 4. (after some time) trying to connect to example.com / www.example.com etc. goes still to ADSL-router... What else should be done? Thanks again for help....
1) It is better to use a toplevel domain name that does not exist in the internet, like .int for internal or tld so your domain name is e.g. example.int or example.tld 2) Create the dns zone in ispconfig, you can test the server with the dig command on the shell like this: dig example.tld
trials, but still no success Thanks for help... I would have preferred to use same domain-name also in-house (as e.g. due email client accounts etc. on mobile device) Anyhow I deleted my earlier DNS zone "example.com" and created (as proposed) example.int . Waited (some hours), and run Code: dig example.int ; <<>> DiG 9.7.3 <<>> example.int ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1570 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;example.int. IN A ;; Query time: 1 msec ;; SERVER: 192.168.xx.1#53(192.168.xx.1) ;; WHEN: Tue May 17 07:05:51 2011 ;; MSG SIZE rcvd: 27 looks to me that no success as below looks better (for NewB) Code: dig example.com ; <<>> DiG 9.7.3 <<>> XXXXXXX.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45077 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;XXXXXX.com. IN A ;; ANSWER SECTION: XXXXXX.com. 3600 IN A 114.aaa.bbb.ccc ;; AUTHORITY SECTION: XXXXXX..com. 2704 IN NS ns64.domaincontrol.com. XXXXXX..com. 2704 IN NS ns63.domaincontrol.com. ;; Query time: 101 msec ;; SERVER: 192.168.xx.1#53(192.168.xx.1) ;; WHEN: Tue May 17 07:33:50 2011 ;; MSG SIZE rcvd: 95 client (Linux Mint DE) IPv4: Prim. DNS 192.168.xx.1 Sec. DNS 192.168.yy.zzz (same as example.int) Tern. DNS 202.aaa.208.bb1 and inhouse-router set to (clients behing this) Default gateway 192.168.xx.1 DNS Address 192.168.xx.90 202.aaa.208.bb1 and ADSL router set to (ISP-server and inhouse-router behind this) Default gateway 192.168.yy.1 DNS Address 202.aaa.208.bb1 202.aaa.208.bb2
@localhost did not work eather... Code: dig @localhost example.int ; <<>> DiG 9.7.3 <<>> @localhost example.int ; (2 servers found) ;; global options: +cmd ;; connection timed out; no servers could be reached Looks that it found only my BlackArmors (NAS, 2pcs) in 192.168.xx.qq1 and 192.168.xx.qq2 as inhouse-clients are in diff. IP-set (192.168.xx) than ISP (192.168.yy.zzz) should this work anyway? (as asking for @localhost) Thanks again..
sorry but... How to check that as ISPConfig3 menus seems to have it.... Which log I should look into to double chek that also actually created ?
named.conf and named.conf.local I'll assume you are looking for /etc/bind/named.conf.... Code: include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; then /etc/bind/named.conf.local Code: zone "example.int" { type master; allow-transfer {none;}; file "/etc/bind/pri.example.int"; }; Meanwhile I changed physical location of server (earlier behind D-Link-ADSL, now Buffalo-ADSL) and now router understands port-forwarding even from inside. i.e. problemDNS-zone not needed and issue partly solved (till I need my D-link again).
/etc/bind/pri.example.int Here you are my /etc/bind/pri.example.int, thanks again for cont. support... Code: $TTL 86400 @ IN SOA ns1.example.int. postmaster.example.com. ( 2011051601 ; serial, todays date + todays serial # 28800 ; refresh, seconds 7200 ; retry, seconds 604800 ; expire, seconds 86400 ) ; minimum, seconds ; example.int. 86400 A 192.168.xx.yyy example.int. MX 10 mail.example.int. example.int. NS ns1.example.int. mail 86400 A 192.168.xx.yyy www 86400 A 192.168.xx.yyy
