Linux Surgeon

Find your answer !!!

How to Setup Forward DNS

Feb-25th-2011
By piyushmap in CentOS, DNS, Linux tutorials, fedora

Hello Friends,

DNS Forwarding | Configure Local and Live DNS | Forward DNS | Local DNS Cache

Setting up a DNS which should have my server’s forward entries.

I have a live dns server for abc.com domain and running 500 subdomains (i.e. alive.abc.com, blive.abc.com etc..) through that servers. And secondly i have local dns server for abc.com in my local network and running 20 subdomains (i.e. a.abc.com , b.abc.com etc….) through that server.

I want if any user of my network with our local DNS IP try to access ours local domain with the name, my local DNS should provide that entry from it. If the user try to use the domain which is not available within my local DNS, it should query the DNS available in internet and should respond to the query of the user computer.

1. Install DNSMASQ

[root@map007 ~]# yum install dnsmasq

2. Edit /etc/resolve.conf to lookup the localhost

[root@map007 ~]# cat /etc/resolv.conf |grep nameserver
nameserver 127.0.0.1

3. Now put the following lines in /etc/dnsmasq.conf

domain-needed
bogus-priv
filterwin2k
resolv-file=/etc/resolv.external
expand-hosts
domain=abc.com
log-queries
log-facility=/var/log/dnsmasq
conf-dir=/etc/dnsmasq.d

4. Make a file for to specify external DNS server.

[root@map007 ~]# cat /etc/resolv.external
nameserver 192.168.122.1

5. Put the entry of your abc.com into /etc/hosts

[root@map007 ~]# cat /etc/hosts |grep abc

192.168.1.51 host1.abc.com
192.168.1.52 host2.abc.com
192.168.1.53 host3.abc.com

6. Start DNSMASQ Service

[root@map007 ~]# service dnsmasq start

Now check the results

[root@map007 ~]# nslookup host1.abc.com
Server: 127.0.0.1
Address: 127.0.0.1#53

Name: host1.abc.com
Address: 192.168.1.51

[root@map007 ~]# nslookup www.abc.com
Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
Name: www.abc.com
Address: 20.80.x.x

It works great for me…..

====================================================================

Enjoy Linux !!!

Comments (0)
ReadMore

ip and port forwarding

Feb-9th-2011
By piyushmap in CentOS, Linux tutorials, Ubuntu

Hello Friends,

IP Forwarding | Port Forwarding | Redirects TCP connections from one IP address and port to another

Since 3 days i was in trouble, i want to redirect my all incoming request port 8080 (i.e.) to remote machine port 8080. I have set lots of iptables rules but none of those working on internet or live environment.

The iptables rules which i tried are below and it was working perfectly in local environment but not in live environment :-

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp -s *route_only_for_this_ip* -d *router_ip* –dport 80 -j DNAT –to *destination_ip*:*destination_port*
iptables -t nat -A POSTROUTING -o eth0 -d *destination_ip* -j SNAT –to-source *router_ip*

After spending little bit time on google i found “rinetd” software that work great in ip and port redirection for live environment.

rinetd redirects TCP connections from one IP address and port to another or remote machine,rinetd is a single-process server which handles any number of connections to the address/port pairs specified in the file /etc/rinetd.conf.

Since rinetd runs as a single process using nonblocking I/O, it is able to redirect a large number of connections without a severe impact on the machine. This makes it practical to run TCP services on machines inside an IP masquerading firewall. rinetd does not redirect FTP, because FTP requires more than one socket.

rinetd is typically launched at boot time, using the following syntax:

/usr/sbin/rinetd

The default config file for rinetd is :- /etc/rinetd.conf

[root@map007]# wget http://www6.atomicorp.com/channels/atomic/centos/5/i386/RPMS/rinetd-0.62-6.el5.art.i386.rpm

[root@map007]#  vim /etc/rinetd.conf

# example configuration file for rinetd
#
# to forward connections to port 80 on 10.10.10.2 to port 80 on 192.168.0.2
10.10.10.2 8080 61.x.x.x 8080

# to forward connections to port 80 on all addresses to port 80 on 192.168.0.2
# access controls can be set with allow and deny rules
# allow and deny before the first forwarding rule are global
# allow and deny after a specific rule apply to it only

# this rule allows hosts from 172.16.32.0/24 netblock
allow 10.10.10.*

# this rule denies the host 192.168.32.12
# deny 192.168.32.12

# rinetd supports logging – to enable, uncomment the following
logfile /var/log/rinetd.log

# by default, logs are in a tab-delimited format. Web common-log format
# is available by uncommenting the following
logcommon

Now save and exit. And restart rinetd service.

[root@map007]#  /etc/init.d/rinetd restart

===============================================================================

Enjoy Linux !!!

Comments (0)
ReadMore
« Previous Entries
Next Entries »
Subscribe feed