Change source IP at outgoing packet send by Bind9 as forwarder.
Noel Butler
noel.butler at ausics.net
Fri Oct 18 01:02:00 UTC 2019
OK, it might be too early and i'm not getting your question, I'm only
half way through my first coffee of the day...
But if you have 192.168.0.1 as lan, and the wan, lets say is 1.1.1.1,
and needs to resolve a hostname, it has to go to the big wide world of
internets, and it can only do that using 1.1.1.1, therefor thats the
only way it will work, your internal LAN IP is not asking the root
serves or subsequent in chain, your WAN IP is, because routing, pvt
address space etc, you know...
On 18/10/2019 07:16, CpServiceSPb . wrote:
> I have Bind9 on Ubuntu 18.04 x64 LTS working as a cache and forwarding one.
> There are some forwarders IPs.
>
> Server has 2 NICs (lan and wan) .
>
> BInd9 binds strictly to localhost and lan NICs, that is to 127.0.0.1 and
> 192.168.0.1.
> But when Bind9 forwards queries to external servers, it do it via wan
> interface but uses at the first onset server external IP as sources, which
> is not changed by SNAT or MASQUERADE Iptables.
> Unlike other soft, for example Asterisk, what is binded to lan interface
> only and uses internal (192.168.0.1) IP as source for outgoing packet and
> then iptables changes source address of such outgoing packets from internal
> to external using either SNAT or MASQUERADE.
>
> So how is to change Bind9 , what and where is to set up and waht setting
> that Bind9 would send forwarding packet via wan interface but would use
> address what it is binded to or internal, if it is binded to 127.0.0.1 and
> 192.168.0.1 ?
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Kind Regards,
Noel Butler
This Email, including any attachments, may contain legally privileged
information, therefore remains confidential and subject to copyright
protected under international law. You may not disseminate, discuss, or
reveal, any part, to anyone, without the authors express written
authority to do so. If you are not the intended recipient, please notify
the sender then delete all copies of this message including attachments,
immediately. Confidentiality, copyright, and legal privilege are not
waived or lost by reason of the mistaken delivery of this message. Only
PDF [1] and ODF [2] documents accepted, please do not send proprietary
formatted documents
Links:
------
[1] http://www.adobe.com/
[2] http://en.wikipedia.org/wiki/OpenDocument
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20191018/50817261/attachment.htm>
More information about the bind-users
mailing list