DNS Query from different Subnet
Matus UHLAR - fantomas
uhlar at fantomas.sk
Thu Nov 15 12:40:33 UTC 2018
On 15.11.18 05:29, sethologik wrote:
>we have three subnet ( x.x.98.0/24 ; x.x.99.0/24 ; x.x.100.0/24 ) connected
>to a firewall wich is connected to WAN ( so the gateway always x.x.x.254 ).
>
>We wanted switch from dnsmasq to BIND9.
>
>The BIND9 and (old) dnsmasq DNS Server is in 99.0/24 net with IP 201(BIND)
>and 200(dnsmasq)
...
>From net 99.0/24 everything is working fine.
...
>however when I try to do so in subnet like 98.0/24 it says he can't reach
>this server...
>I can dig on website.test.de.webserver01.office.lan.de from ANY subnet and
>it gives me an answer like:
>
>;; QUESTION SECTION: ;
>website.test.de.webserver01.office.lan.de. IN A
>
>;; ANSWER SECTION:
>website.test.de.webserver01.office.lan.de. 86400 IN CNAME webserver01.office.lan.de.
>website.test.de.webserver01.office.lan.de. 86400 IN A x.x.99.216
>
>;; AUTHORITY SECTION:
>office.lan.de. 86400 IN NS dns.office.lan.de.
>
>;; ADDITIONAL SECTION:
>dns.office.lan.de. 86400 IN A x.x.99.201
>But somehow the explorer can't open up the website anyways.
what site and what is the error?
>When I switch back to dnsmasq everything is working.
>
>It is simply configured with wildcards like this:
>
>address=/.webserver01/x.x.99.216
this is not possible with BIND, you must define zhole zone.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"Where do you want to go to die?" [Microsoft]
More information about the bind-users
mailing list