LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 11-08-2004, 12:36 AM   #1
setiDude
LQ Newbie
 
Registered: Oct 2004
Distribution: Gentoo, Debian, FreeBSD
Posts: 9

Rep: Reputation: 0
using bind to redirect to port


Is it possible to use bind to resolve a domain name to a port on the localhost.
IE. Im running BIND on domain.org, and I want BIND to resolve sub.domain.org to port 22?

Story goes, Ive got a new office, full of computer projects im working on. Ive got a new freebsd box acting as a gateway with my single ip address on the external interface. On the internal lan, Ive got a number of boxes with privately routable ip addresses.

I need to be able to ssh to one of these internal boxes, names andromeda. Already, im setting up ipnat port forwarding to forward the external port 42000 on the freebsd machine to the internal port on andromeda 22. What I was to know is, is there a way to have bind resolve andromeda.domain.org to 127.0.0.1:42000?

So far, bind doesn't seem to like it when I try to resolve a port and an ip address.

Last edited by setiDude; 11-08-2004 at 12:39 AM.
 
Old 11-08-2004, 03:21 AM   #2
Kahless
Member
 
Registered: Jul 2003
Location: Pennsylvainia
Distribution: Slackware / Debian / *Ubuntu / Opensuse / Solaris uname: Brian Cooney
Posts: 503

Rep: Reputation: 30
you can probally get somthing to work with iptables fowarding, but im to nibby to tell you how exactly

man iptables


you might have to use a different port on the external if that machine needs ssh as well, and just have that port foward to the correct port on the internal machine.


somthing else that I do here at home that works well, is to simply ssh into the gateway machine, then ssh FROM the gateway machine to the internal client machine. Probally not very efficiant if you want to copy files over ssh bc you woudl have to use two hops, but it works just fine for running commands (even wget ect)
 
Old 11-08-2004, 03:24 AM   #3
Kahless
Member
 
Registered: Jul 2003
Location: Pennsylvainia
Distribution: Slackware / Debian / *Ubuntu / Opensuse / Solaris uname: Brian Cooney
Posts: 503

Rep: Reputation: 30
oh yeah, and fowarding anything to 127.0.0.1 is a probally a complete waste of time. That is your lookback address, and isnt going to let anything go anywhere. Use your other IP :P

the 192.168 or the 10.10 or whatever.
 
Old 11-08-2004, 03:26 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,398

Rep: Reputation: 1964Reputation: 1964Reputation: 1964Reputation: 1964Reputation: 1964Reputation: 1964Reputation: 1964Reputation: 1964Reputation: 1964Reputation: 1964Reputation: 1964
a domain name doesn't have any connection to a port. wether you are useing http, smtp, ssh etc.. the hostname is still the same... the port number comes later on. basically this isn't bind's "problem" in any way. i would say just use the different port number on the external machine. forward port 222 or something instead.
 
Old 11-08-2004, 03:10 PM   #5
setiDude
LQ Newbie
 
Registered: Oct 2004
Distribution: Gentoo, Debian, FreeBSD
Posts: 9

Original Poster
Rep: Reputation: 0
Well, if using bind to redirect to a different port is impossible, does anyone know if it is at all possible to use bind to reference an ip address on the internal lan if that IP is non-routable?

You see, I was hoping that using different ports might be a way around the fact that the internal IP's are part of the 192.168 group, and those couldn't possibly work behind a nat box, could they...?

Like I said, Ive got the port redirection down, but having DNS for those boxes on the inside would be useful.
 
Old 11-08-2004, 06:08 PM   #6
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
An "unroutable" IP is just that: Not routable to from the Internet, period.

What's wrong with normal port forwarding? You can forward a port from an external IP to the same, or a different port an an arbitrary internal IP. It has nothing to do with resolving names to IPs, it has everything to do with translating external IPs to internal IPs and translating (or not) port numbers.
 
Old 11-08-2004, 09:18 PM   #7
setiDude
LQ Newbie
 
Registered: Oct 2004
Distribution: Gentoo, Debian, FreeBSD
Posts: 9

Original Poster
Rep: Reputation: 0
Well, convenience, of course

Wouldn't you love a gateway that could take a hostname, figure out its an internal machine, and do NAT translation

Wouldn't you love to connect to a subdomain of some machine, instead of have to remember a port number for redirects.

Im just confused over why someone hasn't developed a daemon that can translate a subdomain to a port redirect, and take care of all of the messy translation stuff.

I suppose it would be similar to virtual hosts in apache. I dont know the gory details myself, but somehow that machine is taking the domain name and directing the packets where they need to go.
 
Old 11-16-2004, 11:24 PM   #8
adevadeh
LQ Newbie
 
Registered: Nov 2004
Posts: 1

Rep: Reputation: 0
I think its a great idea... haven't seen it before though.
 
Old 11-17-2004, 01:35 AM   #9
Demonbane
Guru
 
Registered: Aug 2003
Location: Sydney, Australia
Distribution: Gentoo
Posts: 1,796

Rep: Reputation: 47
But you see not every application layer protocol require that the domain name to be passed to the server. HTTP does, and in fact using Apache virtualhosts and mod_proxy you can achieve what you want, though only on http.

It is possible to accomplish what you said, but will require a rewrite on many protocols and many existing softwares.

IP shortage is a problem yes, but a solution called ipv6 is being developed.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Port Redirect on Suse 9.2, how? diavlos Linux - Networking 0 01-16-2005 08:34 PM
Outside FTP Port 21 redirect to different port inside LAN??? hendrixx Linux - Security 5 06-05-2004 06:42 PM
Redirect to another port dlucas10 Linux - Networking 4 02-06-2004 01:03 PM
simple bind and redirect example, please benazonafunk Linux - Networking 3 08-26-2003 07:43 AM
Redirect port with iptables |DeJoTa| Linux - Networking 0 07-11-2003 01:31 AM


All times are GMT -5. The time now is 01:16 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration