Let me tell you what I did.
My ifconfig says:
Code:
[root@bangmediasrv1 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:1E:4F:39:57:F0
inet addr:10.209.47.241 Bcast:10.209.47.255 Mask:255.255.255.0
inet6 addr: fe80::21e:4fff:fe39:57f0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:530953455 errors:0 dropped:0 overruns:0 frame:0
TX packets:480732835 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:221810717905 (206.5 GiB) TX bytes:559330872945 (520.9 GiB)
Interrupt:169 Memory:da000000-da012100
eth1 Link encap:Ethernet HWaddr 00:1E:4F:39:57:F2
inet addr:192.168.0.241 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::21e:4fff:fe39:57f2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:88376739061 errors:0 dropped:0 overruns:0 frame:0
TX packets:61086224304 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:125975145168098 (114.5 TiB) TX bytes:8634656856075 (7.8 TiB)
Interrupt:169 Memory:d6000000-d6012100
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:77825143 errors:0 dropped:0 overruns:0 frame:0
TX packets:77825143 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:106733780332 (99.4 GiB) TX bytes:106733780332 (99.4 GiB)
I am connected to local LAN through 192.x.x.x series.
All I did is edited the forward file as:
Code:
# pwd
/var/named/chroot/etc
# cat named.conf
//
// named.conf for Red Hat caching-nameserver
//
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
forwarders {10.209.1.252; }; ==< My Company Gateway
forward only;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost;10.209.0.0; } keys { rndckey; }; =< I think I need to mention 192 series under inet ..Is it Ok?Do I need to make changes.
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "bangmediasrv1.apient.com" IN {
type master;
file "apient.com.for";
allow-update { none; };
};
zone "0.209.10.in-addr.arpa" IN {
type master;
file "pient.com.rev";
allow-update { none; };
};
zone "241.47.209.10.in-addr.arpa" IN { ==< Doubt: Should I write 192.168 series or 10.209.*.*
type master;
file "pient.com.rev";
allow-update { none; };
};
include "/etc/rndc.key";
#
Under /var/named I put these files:
pient.com.rev and pient.com.for
Code:
[root@bangmediasrv1 named]# cat pient.com.for
$TTL 86400
@ IN SOA bangmediasrv1.pient.com. root.pient.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS bangmediasrv1.pient.com.
IN A 192.168.0.241
IN MX 5 bangmediasrv1.pient.com.
bangmediasrv1 IN A 192.168.0.241
bangvmhost1 IN A 192.168.0.31
bangvmhost2 IN A 192.168.0.32
bangvmhost3 IN A 192.168.0.33
bangvmhost4 IN A 192.168.0.34
bangenvodconsole IN A 192.168.0.22
www IN CNAME bangmediasrv1.pient.com.
[root@bangmediasrv1 named]# cat pient.com.rev
$TTL 86400
@ IN SOA bangmediasrv1.sapient.com. root.pient.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS bangmediasrv1.sapient.com.
241 IN PTR bangmediasrv1.pient.com.
31 IN PTR bangvmhost1.pient.com.
.
[root@bangmediasrv1 named]#
Restarted the named and its working fine.
Now about How to access external website.
What my plan was is to NAT it to my company pient.com network.
So i followed this link:
http://blog.sourcehosting.net/2008/0...d-connections/
And followed these steps:
Code:
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j SNAT --to 10.209.47.241
Saved the iptables.Restarted.
I wonder Why I cant see rules through:
Anyway, I can ping now all the pient.com machine..also dig the yahoo.com
Is it correct?