<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:10.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body lang="EN-GB" link="blue" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;mso-fareast-language:EN-US">If you are natting and port forwarding then it is correct to use the private ip in the nsd.conf, of course any entries in zone files which refer to the server would use the public
address.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;mso-fareast-language:EN-US">Brett<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div>
<div>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;mso-fareast-language:EN-US">--<br>
Brett Carr<br>
Manager DNS Engineering<br>
Nominet UK</span><span style="font-size:11.0pt"> <o:p></o:p></span></p>
</div>
</div>
</div>
<p class="MsoNormal"><span style="font-size:11.0pt;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal" style="mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:12.0pt;margin-left:36.0pt">
<b><span style="font-size:12.0pt;color:black">From: </span></b><span style="font-size:12.0pt;color:black">nsd-users <nsd-users-bounces@lists.nlnetlabs.nl> on behalf of Mukul Shukla via nsd-users <nsd-users@lists.nlnetlabs.nl><br>
<b>Date: </b>Wednesday, 22 June 2022 at 09:14<br>
<b>To: </b>nsd-users@lists.nlnetlabs.nl <nsd-users@lists.nlnetlabs.nl><br>
<b>Subject: </b>Re: [nsd-users] NSD name server behind Firewall<o:p></o:p></span></p>
</div>
<div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt">Dear Kaulkwappe,<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt">Thanks for the prompt reply.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt">I have NATed and port forwarded to my internal name server.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt">The problem is when I use public IP on my internal name server (in /etc/nsd/nsd.conf) as ip-address, it gives me an error when I check with nsd-checkconf. But when I use its own
IP address (private) it gives me no error.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt">I also want to make Reverse DNS entries for my email server, so I want to know the correct method of configuring NSD behind a NATed firewall.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt">Thanks.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt">Mukul<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
</div>
</div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<div>
<div>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt">On Wed, Jun 22, 2022 at 1:05 PM Kaulkwappe via nsd-users <<a href="mailto:nsd-users@lists.nlnetlabs.nl">nsd-users@lists.nlnetlabs.nl</a>> wrote:<o:p></o:p></span></p>
</div>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-right:0cm">
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:11.0pt">Dear Mukul,<br>
<br>
you would still use the public IP address if the server potentially shall be available world-wide.<br>
<br>
Kind Regards,<br>
Kaulkwappe<br>
<br>
----------------------------------------------------------------<br>
From: Mukul Shukla via nsd-users <<a href="mailto:nsd-users@lists.nlnetlabs.nl" target="_blank">nsd-users@lists.nlnetlabs.nl</a>><br>
Sent: Wednesday, 22. Jun 2022 – 09:06 CEST +0200<br>
To: <a href="mailto:nsd-users@lists.nlnetlabs.nl" target="_blank">nsd-users@lists.nlnetlabs.nl</a><br>
<br>
Subject: [nsd-users] NSD name server behind Firewall<br>
<br>
Dear All,<br>
<br>
I have recently started to use NSD as my name server. The NSD server (private IP 192.168.110.14), is behind a firewall (with the public IP 14.139.250.83).
<br>
<br>
I am confused as to what I should set for the "ip-address" in /etc/nsd.conf?<br>
<br>
Thanks.<br>
<br>
Mukul<br>
<br>
_______________________________________________<br>
nsd-users mailing list<br>
<a href="mailto:nsd-users@lists.nlnetlabs.nl" target="_blank">nsd-users@lists.nlnetlabs.nl</a><br>
<a href="https://secure-web.cisco.com/1cDYCZ7f3G43NTpqVjuiMkDQoHAgMHkLXzb_jjzwrikzLiXeg_S5BmU9Aj26SJnlJThhQOKO840ZB3TdHEazsWWAMouDnGCJzG4LUmdKzGWiI2HiT3ZabiebeCCNZzgb62E8nBZR8j7_7zB7h8xoXJarUFsHVtViJhGZLU5TMFfTFeeZxJwy-NzJq0PNIVWwq6zKNFpEZr-S-oVMuR2f32ZvslMqVkQxhNEqZ899PKXei8ldFvKZCYPt8qJ2_nTVOamZW28Ozk3nxa40ZAkhsyqDQJA9juRMQ2QDsCj_FxPk/https%3A%2F%2Flists.nlnetlabs.nl%2Fmailman%2Flistinfo%2Fnsd-users" target="_blank">https://lists.nlnetlabs.nl/mailman/listinfo/nsd-users</a><o:p></o:p></span></p>
</blockquote>
</div>
</div>
</body>
</html>