PowerDNS /localhost recursion/cache/iptables
Hello,
I am a newbie in Linux. I have Fedora 13 OS 32 bits. I am working with PowerDNs and Poweradmin. How can I configure this with PowerDNS? 1. Allow localhost recursion but deny recursion to external clients. Is there a tutorial for that? 2. Set up cache nameserver for localhost (like caching-nameserver in Bind). Is there a tutorial for that? 3. My Master Server with PowerDNS is working well from localhost but external clients cannot access it. I have iptables with these rules: *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] # Keep state. -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # PowerDNS for external clients -A INPUT -m state --state NEW -p udp --dport 53 -j ACCEPT -A INPUT -m state --state NEW -p tcp --dport 53 -j ACCEPT # Loop device. -A INPUT -i lo -j ACCEPT COMMIT Are they ok? Should I add something else in iptables? Thanks |
I only have recently started using powerdns recursor locally.
On your box make an eth iface alias, give it a lan address and have your pdns recursor listen on that address. For your authoritative pdns you probably want to run it in a chroot. But really it seems you should stop, step back and define your config at a high-level. Questions to consider and answer to yourself: Do lan hosts talk to the auth dns and the recursor? Does the wan and lan use different ifaces? Just a drawing on paper can go a lng way. I have not used poweradmin or powerdns auth dns, only recursor. Also haven't looked at fedora in a year or so and probably never will again. |
All times are GMT -5. The time now is 09:50 PM. |