LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 09-01-2012, 07:33 PM   #1
Gil@LQ
Member
 
Registered: Apr 2010
Location: India /Hyderabad
Distribution: RedHat, CentOS
Posts: 273

Rep: Reputation: 1
forward DNS requests


hi,

can anyone help me nat the DNS requests,
Quote:
I DON'T mean forwarding DNS request from one DNS server to another
I have a gateway , client can connect to that gate way but can not connect or ping to the DNS server in the LAN, i want to make that i'll configure my GATEWAY as DNS in client and when ever my client sends DNS request's , request goes to GATEWAY IP and there my GATEWAY should redirect request to actual DNS server in my LAN...

Quote:
i always use
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination x.x.x.x:80

iptables -t nat -A POSTROUTING -j MASQUERADE

so all the web request comes on 80 port will be natted to x.x.x.x:80

any chance to nat DNS request in the same way did above

thank you.
 
Old 09-01-2012, 07:41 PM   #2
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 2,093

Rep: Reputation: Disabled
The protocol used by DNS is (usually) udp, and the port number is 53. Change the iptables line above accordingly, and it should work.

Is that your entire firewall setup? The only way the commands above can successfully forward requests to an internal web server without an entry in the FORWARD chain of the filter table, is if the FORWARD policy is ACCEPT. If so, your setup is horribly insecure.
 
Old 09-02-2012, 08:27 AM   #3
Gil@LQ
Member
 
Registered: Apr 2010
Location: India /Hyderabad
Distribution: RedHat, CentOS
Posts: 273

Original Poster
Rep: Reputation: 1
hi Ser Olmy,

thank for reply, i tried as you said, then i found the below result,


Quote:
C:\Users\sony>ping ns.gil.com

Pinging ns.gil.com [192.168.85.90] with 32 bytes of data:
Request timed out.
Request timed out.
if you notice the lines highlighted with red, it's my nameserver ip, so my other server redirecting perfectly as defined in iptables, but from there it's not connecting or giving reply, please tel me.

FOR YOUR INFORMATIOIN, my client is in other network, but client can connect to my other server in whcih we defined nating rule...
 
Old 09-02-2012, 08:51 AM   #4
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 2,093

Rep: Reputation: Disabled
DNS packets and ICMP echo requests (which is what "ping" sends) are two entirely different things.

It's not at all clear what you are trying to accomplish. Your first post indicates that the "client" and the DNS server are on different sides of the gateway, but the "ping" test you just performed only makes sense if they are on the same side.

A simple diagram of your network would be a great help.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] forward all http/https requests vigilandy Linux - Networking 5 05-13-2010 12:56 AM
Forward incoming requests to another server ajaimes Linux - Networking 4 06-04-2007 02:43 PM
forward all HTTP requests to the proxy cccc Linux - Networking 2 10-01-2006 07:42 PM
Forward FTP Requests mitt Linux - Networking 7 04-08-2005 11:11 AM
forward all dns requests to one page Moszer Linux - Networking 4 05-25-2004 02:34 PM


All times are GMT -5. The time now is 04:04 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration