> I have a master DNS (bind9) for a domain. It was working until I put it
> behind firewall on a DMZ private subnet. It is setup in the way that
> from internet the DNS maintains its original IP address, that is SAT
> translated by firewall to the DMZ private subnet. I allowed ports 53
> TCP/UDP.
If the DNS server now has a RFC1918 IP address, then one will probably have to
setup appropriate NAT rules for a publicly accessible/routable IP address.
On some firewalls, there is a NAT rule for incoming traffic and a another rule
for outgoing traffic (basically mapping the public IP for both
2 matches
Mail list logo
