Dear All,
I have recently started to use NSD as my name server. The NSD server (private IP 192.168.110.14), is behind a firewall (with the public IP 14.139.250.83).
I am confused as to what I should set for the “ip-address” in /etc/nsd.conf?
Thanks.
Mukul
Dear Mukul,
you would still use the public IP address if the server potentially shall be available world-wide.
Kind Regards,
Kaulkwappe
No, not really. You need to use the IP address that is configured on the server and is
reachable - there is a route between public internet and the IP address - either directly
or via NAT.
E.g. to answer the original question - the NSD must be configured with the IP address
that can receive packets meant to reach the NSD.
Ondrej
Dear Kaulkwappe,
Thanks for the prompt reply.
I have NATed and port forwarded to my internal name server.
The problem is when I use public IP on my internal name server (in /etc/nsd/nsd.conf) as ip-address, it gives me an error when I check with nsd-checkconf. But when I use its own IP address (private) it gives me no error.
I also want to make Reverse DNS entries for my email server, so I want to know the correct method of configuring NSD behind a NATed firewall.
Thanks.
Mukul
If you are natting and port forwarding then it is correct to use the private ip in the nsd.conf, of course any entries in zone files which refer to the server would use the public address.
Brett
Dear Bret,
Thanks for the help.
Yes, I have kept private IP as an ip-address in nsd.conf. No errors with private IP.
But, I wonder if there can be any issue when I create a reverse Zone file.
Thanks
Mukul