Ubuntu Networking :: Bind9 Forwarding / Caching DNS For VPN
Jan 6, 2010
I have Ubuntu 9.10 PC on my home network acting as a VPN gateway. It is using vpnc & iptables to provide access to the remote network - other computers on my local network have routing rules in place to go via the Ubuntu gateway if trying to reach an IP on the remote network. This works just fine, except DNS lookups for names on the remote network don't work.
I'm trying to solve this by using Bind9 on the gateway, so it can act as DNS for the local network. I don't want to create excess VPN traffic or load on the remote DNS, so I want the gateway to forward the lookup to my ISPs DNS first and if the name is not found then try the remote network DNS. Is this possible, or is there another (better) way around this? The Bind9 configs seem to admit multiple DNSs, but use them in a failover sense - only using secondary DNSs when the first one in the list is not reachable at all.
View 1 Replies
ADVERTISEMENT
Dec 12, 2009
I have just set up shorewall on my router running Arch Linux. The external network is on eth0 and the internal network on eth1.I have set it up for masquerading and that works fine and I can open ports to the firewall. But I'm having trouble with port forwarding to my internal machines.The problem I have is that when port 22350 is forwarded to 192.168.1.3 on my local network, checking the port with nmap from a remote computer gives me:
Code:
PORT STATE SERVICE
22350/tcp closed unknown
[code]....
View 2 Replies
View Related
Oct 3, 2010
Here's my current setup:Ubuntu 10.04
When I go to run it via this command:
I get the following error message:
Quote:
This is my /etc/bind/named.conf.options file:
Code:
I've looked at various solutions already:
[url]
[url]
[url]
[url]
[url]
[url]
View 2 Replies
View Related
Dec 18, 2010
My router is crap. If I use DHCP it sets all the computers DNS to itself and all DNS requests get cached in the router. It even starts to loose some DNS request if to many are made at once. On my windows PCs this isnt a problem I just set DNS to google's public DNS servers (8.8.8.8 & 8.8.4.4) and bypass my router and ISP alltogether but when i go to pref>network_connections i have to either set DHCP or manual, there is no option to set DHCP with custom DNS.
I'm sure there must be a way to do this in terminal, can someone tell me how?
I'm using ubuntu 10.10.
View 2 Replies
View Related
Apr 3, 2011
ran an internet cafe and last week my windows server got fried because of power surge. Now i got Fedora 14 running on another PC and i want to set it up as a full caching proxy server, so other computers can connect through it to the internet. I have 2 network cards inside.I'm really new to Linux and now learning my way around. I managed to install squid but don't know how to configure it to suit the purpose above
View 1 Replies
View Related
May 9, 2011
I want to configure DNS Server on Fedora14. So I install caching-nameserver cause any template files.I can't install caching-nameserver on my Fedora14 by this command: [but i can do it on Fedora5]
View 4 Replies
View Related
Dec 10, 2010
I want to setup bind9 so that IPs from one range will use the Google DNS Servers and IPs from another range will work from Opens DNS but am unable to get it working here are my configs.anyone that can help me please?
View 1 Replies
View Related
Dec 3, 2008
I have setup ubuntu server and right now i'm trying to get my DNS server working for my intranet.
I'm using my ubuntu as gateway wo internet and somehow my windows client can't use my DNS service.
when i do nslookup www.google.com from my server (10.0.0.1) it return me answer code...
View 1 Replies
View Related
Oct 23, 2009
I have the following bind9 configuration, and I'm trying to resolve reverse lookup IP address to name.
$ttl 38400
mydomain.org.INSOAmyhosting.com. (
1243281304
10800
[code]...
** server can't find 1.2.3.4.in-addr.arpa: NXDOMAIN
Is my PTR wrong, or what do I need to have the reverse lookup working ?
Note: I replace real IP by 1.2.3.4, same for my domain name.
View 4 Replies
View Related
Dec 15, 2010
Set up a server with Bind, Dovecote, Apache etc. Registered a domain and made all the necessary things for it to work. The server can send/receive mail on my domain, but when I try to look up the site I have it returns a lookup failure. I know Apache is working as I can browse the site when I used my ip address but I can't when I use the domain name. Anyone got a few tricks I could try to dumb down and find the possible failures I did when setting this up?
View 7 Replies
View Related
Jan 30, 2009
I have Squid Version 3.0 PRE5 installed on debian etch.Howto exclude some URL from the proxy caching at squid.conf ?
View 5 Replies
View Related
Apr 3, 2010
when i try to set up bind9 to resolve the top level of the name it cant do it. for current sake of arguement i have 4 servers on the network
192.168.0.200 diana.undernets.lan
192.168.0.201 jen.undernets.lan
192.168.0.202 amanda.undernets.lan
192.168.0.203 alex.undernets.lan
those are the IP addresses of the servers and their respective hostnames
so if i send a request for anything to just undernets.lan it will fail because there is no record for that. so i added this to the bottom of the zone record
Code:
IN CNAME amanda
thinking that a blank would refer to the top of the zone
here is my named.conf.local which is called in my named.conf
Code:
zone "undernets.lan" {
type master;
file "/etc/bind/undernets.db";
};
zone "0.168.192.in-addr.arpa" {
[Code]....
i want to be able to lookup undernets.lan and it give me the IP address of amanda.undernets.lan
View 3 Replies
View Related
Sep 5, 2010
I'm trying to configure bind9 to block porn by having it pretend to be authoritative for a list of porn domains. It can then return a "fake" IP for the port sites, which points to a page on my server. So far, the only way I have found to do in this in bind requires a separate zone for each porn domain. This doesn't work because of memory problems - I have 1000's of porn domains to block.
I'd like to instead have bind forward queries to rbldnsd, which can take a list of domains in a "data set" file, and use it to return a single A record (pointing to my "access denied" page). However, I think this will not work because I would still need a separate "zone" for each porn domain name.
View 4 Replies
View Related
Oct 26, 2009
Im trying to set up a slave dns to my master, but the problem is that only one of the views is being transferd.
View 1 Replies
View Related
Jun 29, 2010
I have installed CentOS 5.5 final on VM ware 7.0 workstation.... and I was trying to install and configure bind9.. it installed alright but it refused to start because named.conf is not in the /etc/ directory. I have copied the template for /usr/share/doc/named/* to (/etc/ and /var/named/) the appropriate directory but it still fails but on it does not gives me any error message. Oh... least I forgot I was trying to configure it as a cache only server for now.
View 1 Replies
View Related
Sep 5, 2009
I've set up a caching nameserver on my laptop running Fedora 11. The problem with this is that NetworkManager always overwrites the entry that points to the local nameserver. NetworkManager no longer respects /etc/dhclient.conf or at least its scripts run after dhclient.conf. Also it doesn't respect /etc/sysconfig/ network-scripts/ifcfg-* setting of DNS{1.2}.The man page of NetworkManager describes scripts that run in /etc/NetworkManager/dispatcher.d which can be run when interfaces are brought up and down. I've written a script that will put the entry needed for the local nameserver.
View 1 Replies
View Related
Oct 15, 2009
I am running centos 5.3 with the latest bind, i have made some changes in the config and now it wont start.
Fel i named-konfigurationen:/etc/named.conf:27: unexpected end of input (last line)
My named.conf looks like this:
options { directory "/var/named/";
};
view "externt" {
match-clients { any; };
recursion no;
zone "dala.hk" {
type master;
file "dala.hk";
};
zone "0.0.168.192.in-addr.arpa." {
type master;
file "1.0.168.192.in-addr.arpa";
};
};
view "intern" {
match-clients { 192.168.0.0/8;};
zone "intern" {
type master;
file "intern;
};
};
View 2 Replies
View Related
Jun 15, 2010
v10.4 {I have completely re-edited this thread because I have started over fresh. I am no longer using bind9, but now using the installation-defaults nameserver and dhcp and trying to get a handle on how things ought to be setup properly. My previous attempts was a disaster.}
Coming fresh out of a newly installed 10.4, I obviously was able to get network connectivity but then I ran into trouble the minute that I tried to change eth0/eth1 connections via network-manager's applet. What I found was, that when I attempted to define static connections, all bets were off. It seems that once one attempts to change eth0/eth1 which are wired devices, I was no longer able to recover my network connectivity!
I was however able to setup a wireless connection, so in this way I was able to get back network (and Internet) connectivity, and write this thread on this forum. I notice also, that there is no longer 'Networks' in the System->Administration menus! Geez, what the hell is going on? how to properly configure my static wired connection? Networks in 10.4 have really changed alot!
View 2 Replies
View Related
Mar 19, 2011
system: centos 5.5 Kernel 2.6.18-194.el5 freshly installed. bind is configured in chroot environment out of the box. placed named.conf in /var/named/chroot/etc and my zone files in /var/named/chroot/var/named.
[Code]...
View 3 Replies
View Related
Nov 21, 2010
I have a ubuntu 9.10 on my desktop in my office and I have another ubuntu on my home desktop. Both machines are behind a router. I guess many people have already asked the same question: how to remote control the office desktop from my home desktop?Many posts discussed about solving this by setting up ssh and port forwarding. But my situation is that I cannot control the router in my office so I cannot set up any port forwarding for my office desktop. So I guess my question becomes how to remote control my office desktop without setting up any port forwarding on the office router.
View 3 Replies
View Related
Mar 26, 2011
I currently use a commercial VPN when working overseas for secure internet access.
I now also need to VNC to a home ubuntu desktop (which runs software 24/7 that I need to periodically check).
When overseas, I use a Ubuntu laptop and an Android tablet.
For the VNC I intend to use an SSH tunnel. So my question is: should I ALSO set up openVPN on the home computer (so I can stop paying for a commercial provider which routes all my traffic twice across the Atlantic...) or is it easier/better to use the SSH tunnel for the secure webbrowsing too? Something like a SOCKS proxy?
View 8 Replies
View Related
Jan 31, 2010
I have a script to establish a reverse tunnel with other machine,My problem is to stop the tunnel. If I just kill the PID at sshtunnel.pids, ssh does not release the ports at the server side, so any new connection will fail for several minutes.Is there any way to signal SSH to exit gracefully?
View 5 Replies
View Related
Feb 20, 2010
This should be easy but for some reason its not working. I don't have admin rights on one of my local networks to open the firewall for port 80 to make my server accessible remotely (from the internet). I have a remote server (OpenVZ VPS) and I want to port forward so that [url]:8080 will point to my localhost:80 from the internet itself (i can get it to work on the remote VPS server's local network)...
How could I accomplish this? Basically, I am trying to serve webpages from behind a firewall using a VPS as a hub.
View 4 Replies
View Related
Apr 30, 2010
At work we are planning on migrating XP machines to ubuntu, and from there connect via remote desktop to a Windows Server 2008. That part is working perfectly, but our problem now is how to set up ubuntu to "share" the local webcam, so it can be used from the remote session in the server. Going through rdesktop man page there is a redirection option, but doesn't say anything about USB devices.
View 1 Replies
View Related
May 6, 2010
would it be possible for anyone to give me step-by-step instructions on how to set up port forwarding on my laptop? I've been using Karmic Koala and just upgraded to Lucid Lynx and not really bothered to port-forward before, so not too sure where to start - googling gives me a lot of terms I don't understand.
View 1 Replies
View Related
Jul 6, 2010
I have two nic cards installed in a Lucid LTS server.
eth0 is static using
address 192.168.0.235
gateway 192.168.0.1
netmask 255.255.255.0
[Code]...
I have my Qwest DSL modem port forwarding port 80 to 192.168.3.235 however this doesn't seem to work if I have both cards running. If I remove the second card (eth1) and reconfigure eth0 to use 192.168.3.235 I can port forward into my webserver.
View 1 Replies
View Related
Aug 22, 2010
I have logged into my router and set up port-forwarding on port 22. I can log into the machine fine from a machine on the local network using the machines internal IP but when I try to log on from a remote machine using my router's external IP or my DyDNS host-name I get a message saying "connection refused" or "connection timed out." I have configured port-forwarding on the router and the firewall rules says that port 22 is open but when I nmap my routers external ip it says that only port 23 and 80 are open. I am very new to linux and networking.
View 8 Replies
View Related
Nov 2, 2010
I've used wake on lan and SSH on the local network for some time now. I also used SSH to mount a filesystem (SSHFS / sftp, same thing, right?) and I could forward X11, loved it. I used both these options for my convenience. So I decided it was time to open up some ports on my router (Linksys WRT320n running dd-wrt) and try to set up a remote connection. This actually worked after some time, so I'm now able to turn on my home computer from the Internet (school in my case) and then log in to it through SSH. I set this up using other ports then the default ports. Something like this (these are not the actual ports I use, just examples):
port 2112 -> port 9 (for wol, wake on lan)
port 2113 -> port 22 (for SSH)
This information might be useful: I set this up using public and private keys. This is necessary for SSHFS to work properly I think and it also makes it more secure. And then I found (and had some presumptions that this was going to happen) that both SSHFS and X11 were not working. I'd rather not open up more ports on the router for security's sake though, so I'm asking for other solutions. And if there really aren't any other solutions then which ports to forward. And if forwarding is really necessarily then how to make the client use port 2114 for SSHFS and 2115 for X11 so I can forward those ports to the default ports.
View 3 Replies
View Related
Jan 30, 2011
I'm trying to set up very simple UDP port forwarding, but can't seem to have good results. I read trough netcat and iptables manuals, but can't seem to figure things out. my setup is the following:
I have machine1, listening on UDP port 49000. I have machine_fw, which accepts connections on 59000, and forwards all this to machine1:49000 (and returning traffic too) I have machine2, which will connect to machine_fw:59000, and this way communicate at the end with machine1:49000, as machine_fw is taking care of forwarding is there an easy way to achieve this?
View 2 Replies
View Related
Feb 1, 2011
At home, I am running Ubuntu 10.04.1 LTS with openssh server OpenSSH_5.3p1 Debian-3ubuntu5 In my office, we are using CentOS 5.5 with openssh OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 Both my /etc/ssh/sshd_config at home and my ~/.ssh/config has X forwarding enabled.When I log in to my home machine from my office with ssh -X -vv host, I got the following:
Code:
debug2: x11_get_proto: /usr/bin/xauth list :0.0 2>/dev/null
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req confirm 0
But once I log in, I get:
Code:
home:~>echo $DISPLAY
DISPLAY: Undefined variable.
I tried setting DISPLAY to localhostx.0 (xx from 0 to 10) but none of that works. I have also tried ssh -Y but the result is the same.
View 4 Replies
View Related
