Page 1 of 1
DIY Hosting/Nameserver DNS forwarding
Posted: Fri Feb 15, 2019 8:30 pm
by lvnona
Hello folks! Need your help.
I have my own home made server for hosting / mail / name server.
And it's setup by local ip address: example: 192.168.1.55
External IP: example 99.75.65.66
my domain example: example.ca
At my domain purchaser (Godaddy) i created name server hosts: ns1.example.ca & ns2.example.ca
ns1.example.ca - 99.75.65.66
ns2.example.ca - 99.75.65.66
Godaddy name servers accordingly:
nameserver1:ns1.example.ca
nameserver2:ns2.example.ca
Now how I can properly setup routerboard DNS forwarding so Godaddy can see my 99.75.65.66 to local 192.168.1.55?
Thanks for help
Re: DIY Hosting/Nameserver DNS forwarding
Posted: Fri Feb 15, 2019 9:20 pm
by mkx
add action=dst-nat chain=dstnat comment="DNS TCP port forwarded" dst-port=53 \
in-interface-list=WAN protocol=tcp to-addresses=192.168.1.55 to-ports=53
add action=dst-nat chain=dstnat comment="DNS UDP port forwarded" dst-port=53 \
in-interface-list=WAN protocol=udp to-addresses=192.168.1.55 to-ports=53
The above will work if you only have single WAN IP address. If that's not the case, replace "in-interface-list=WAN" with "dst-address=<chosen WAN IP>".
You should really diversify your DNS servers ... most (if not all) domain checking services will complain about both NS having same IP address.
Re: DIY Hosting/Nameserver DNS forwarding
Posted: Sat Feb 16, 2019 9:37 am
by lvnona
Thanks I'll play with it but is it mistake or it has to be:
in-interface-list=WAN
or
in-interface=WAN
?
Tnx
Re: DIY Hosting/Nameserver DNS forwarding
Posted: Sat Feb 16, 2019 10:35 am
by nescafe2002
Newer default configuration make use of interface lists, the provided example will work fine on recent configs.
If you don't have interface lists, we can only guess. Post config ( /export hide-sensitive ) or adept example to your liking.
Re: DIY Hosting/Nameserver DNS forwarding
Posted: Sat Feb 16, 2019 10:50 pm
by lvnona
I need more help.
With my domain I sat - example.ca to 99.75.65.66 - which is my static public IP
Now when i type example.ca it goes straight to my router login 192.168.1.1
which makes sense because 99.75.65.66 is same as 192.168.1.1 - right?
How i can make sure router will forward example.ca to 192.168.1.55
Thanks,
Norm
Re: DIY Hosting/Nameserver DNS forwarding
Posted: Sat Feb 16, 2019 10:56 pm
by mkx
Did you test from internet or from your LAN?
If from LAN, then you need to implement "hair-pin NAT" ... search for it on this forum, it's shown how to do it properly a few times.
If from internet, then your NAT doesn't work and your firewall is flawed ... and I sincerely hope that's not the case.
Re: DIY Hosting/Nameserver DNS forwarding
Posted: Sun Feb 17, 2019 4:10 am
by lvnona
Did you test from internet or from your LAN?
If from LAN, then you need to implement "hair-pin NAT" ... search for it on this forum, it's shown how to do it properly a few times.
If from internet, then your NAT doesn't work and your firewall is flawed ... and I sincerely hope that's not the case.
From internet, but for some reason it doesnt do that all the time.
Is it possibly somehow effected with ISPConfig DNS settings as well?
Re: DIY Hosting/Nameserver DNS forwarding
Posted: Sun Feb 17, 2019 10:28 am
by mkx
I don't think ISP can affect how inbound connection (e.g. to port 80) is handled by your RB. If connection, showing RB, is actually hitting your RB that is ...
Why don't you post config (/export hide-sensitive and obfuscate your public IP address) so we can have a look?