graylion
Dabbler
- Joined
- Dec 28, 2019
- Messages
- 32
I have installed the bind plugin plain vanilla. I have enabled NAT and port forwarding. host has one NIC.
Host IP: 192.168.1.215
Jail IP: 172.16.0.2
On the host:
dig against the jail's IP:
so, that works.
next step, test port forwarding, still from the host:
Tested the same from another host on the network:
dafuq?
This looks like bind9 is behaving differently, depending on where it is queried from. Also, do I need to include an acl in named.config?
Thanks in advance!
Host IP: 192.168.1.215
Jail IP: 172.16.0.2
On the host:
dig against the jail's IP:
Code:
# dig @172.16.0.2 google.com ; <<>> DiG 9.16.23 <<>> @172.16.0.2 google.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51981 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ; COOKIE: 804e16219b8b665e0100000062bdc19b36f5fed926bd8fea (good) ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 300 IN A 74.125.193.101 google.com. 300 IN A 74.125.193.139 google.com. 300 IN A 74.125.193.113 google.com. 300 IN A 74.125.193.138 google.com. 300 IN A 74.125.193.100 google.com. 300 IN A 74.125.193.102 ;; Query time: 416 msec ;; SERVER: 172.16.0.2#53(172.16.0.2) ;; WHEN: Thu Jun 30 16:30:35 IST 2022 ;; MSG SIZE rcvd: 163
so, that works.
next step, test port forwarding, still from the host:
Code:
# dig @192.168.1.215 google.com ; <<>> DiG 9.16.23 <<>> @192.168.1.215 google.com ; (1 server found) ;; global options: +cmd ;; connection timed out; no servers could be reached
Tested the same from another host on the network:
Code:
% dig @192.168.1.215 google.com ; <<>> DiG 9.10.6 <<>> @192.168.1.215 google.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 1446 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;google.com. IN A ;; Query time: 46 msec ;; SERVER: 192.168.1.215#53(192.168.1.215) ;; WHEN: Thu Jun 30 16:31:57 IST 2022 ;; MSG SIZE rcvd: 39
dafuq?
This looks like bind9 is behaving differently, depending on where it is queried from. Also, do I need to include an acl in named.config?
Thanks in advance!