Cisco 678 DNS Problem

lancewynn · Feb 19, 2002

Sorry if this has already been posted. I have a DNS server in my LAN at my home that I use to publish some personal websites, a friend asked me to host some entries for him, and I obliged, which leads to my problem. From within my LAN requests made to the DNS server are correct; however any requests made from outside my LAN are being sent the external IP address of the router. You can verify this by doing an NSLookup, setting the server to 216.126.202.165, and querying any website, IE:

http://www.yahoo.com,

or

http://www.google.com.

I am very perplexed by this as I wouldn't think the router would get that far into the packet to change it. Again, inside my LAN, the DNS Server reports IP addresses correctly. Any help is greatly appreciated. Thank you.
Lance Wynn

ChrisAC · Feb 19, 2002

Do you have a live static IP address that is mapped to your internal DNS server? If not then your DNS server can't be seen by other hosts on the internet.

Chris.
************************
Chris Andrew, CCNA
chrisac@gmx.co.uk
************************

lancewynn · Feb 19, 2002

Yes there is a static internal IP for the DNS Server, I am using NAT on port 53 of the Router's outside IP (Also static).

lui3 · Feb 19, 2002

Others have to know that your dns server exists. DNS entries would need to point to your routers address where the resolved names are located in order for the addresses to be properly resolved. Also the order of the dns entries would be important. However, your mapped router address would need to be routable via the internet. Just because it is static does not mean it is routable. Check with your service provider to find out if you can host websites with your address (ie is it routable over the net, can i ping this from another country or someplace outside your network) It may be pingable even at your friends house if you are both on the same internal network . Some cable companies use nat and private addresses to provide service to their customers. In this case the mapping would need to be done by the cable provider and the location of your webserver mapped in the providers firewall, router, etc. DNS is a very complex subject. People pay thousands a month to have their entries hosted or posted in public dns servers. Your dns server is private it sounds like. If your friend just wants to visit his site via your routers address then have him modify the hosts file and point it at the appropriate address.

ie

http://www.mywebsite.com

208.6.62.2

#and then save as hosts with no file extension#

LUI3

lui3 · Feb 19, 2002

Is the outside address that is live routeable over the internet? If so it can then been mapped through your routers nat to the internal ip address. In this case you would need two addresses on the outside of your router for simplicity sake.

lancewynn · Feb 19, 2002

Thanks for the replies, I may not have been clear with my initial description. I do have a valid Internet IP address, that is routable, I am hosting several sites on my internal server with the internal 192,168.x.y:80 address being NATed to the external 216.126.202.165:80 port. Also, I have an internal DNS server with an internal IP address of 192.168.x.y (it happens to be on the same server as my websites). My buddy has his site on his PC at home with an Internet IP address of 205.208.203.189. I put a Zone record in my DNS Server that points

http://www.familyadmin.com

to 205.208.203.189.

Now the problem:

When I am at one of the PCs on my LAN, I can connect to the dns server via nslookup, and for

http://www.familyadmin.com

the ip address of 205.208.203.189 is returned. For that matter, I can query any

http://www site,

and the correct address is returned (Which leads me to believe the DNS is working properly). However; when querying the DNS from outside -in this case from work- using nslookup, for all sites that I query, I get 216.126.202.165, which is the external address for the router, and also the NATed address for the DNS Server. I suspected it may be the router itself responding to the DNS Request, but if I turn off DNS on the server, there is no response. I can only imagine that the NATing is somehow changing the IP addresses within the Packet during the translation process. Please feel free to connect to the site (216.126.202.165) with NSLookup, and also your browser to verify the symptoms.
I know this is a long post, and I am sorry.
Again Thanks for the replies; I really appreciate all your time.
Also Thanks in advance for any information.

ChrisAC · Feb 20, 2002

Well, the web site seems to work (something about dogs??). I've done a lookup from our DNS server, ns1.sisna.com and dns01.aworldoutdoors.com and they all come back with 216.126.202.165.

However, the SOA for the familyadmin.com domain is nt1-web.wyburnet.com which doesn't seem to exist! That could be the problem. When a lookup is done on

http://www.familyadmin.com

the root DNS server should point to the SOA for that domain, which in this case is nt1-web.wyburnet.com. However, that domain doesn't exist!

To be honest, it's all a bit of a mess!

C:\>nslookup
Default Server: bison.kingston-internet.co.uk
Address: 212.50.161.28

> set q=all
> familyadmin.com
Server: bison.kingston-internet.co.uk
Address: 212.50.161.28

Non-authoritative answer:
familyadmin.com nameserver = NS1.SISNA.com
familyadmin.com nameserver = DNS01.AWORLDOUTDOORS.com

familyadmin.com nameserver = NS1.SISNA.com
familyadmin.com nameserver = DNS01.AWORLDOUTDOORS.com
NS1.SISNA.com internet address = 209.210.176.8
DNS01.AWORLDOUTDOORS.com internet address = 216.126.202.165
> set q=SOA
> familyadmin.com
Server: bison.kingston-internet.co.uk
Address: 212.50.161.28

familyadmin.com
primary name server = nt1-web.wyburnet.com
responsible mail addr = (root)
serial = 12
refresh = 3600 (1 hour)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
>
> set q=SOA
> familyadmin.com
Server: bison.kingston-internet.co.uk
Address: 212.50.161.28

familyadmin.com
primary name server = nt1-web.wyburnet.com
responsible mail addr = (root)
serial = 12
refresh = 3600 (1 hour)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
>
default TTL = 3600 (1 hour)
> wyburnet.com
Server: bison.kingston-internet.co.uk
Address: 212.50.161.28

com
primary name server = A.GTLD-SERVERS.NET
responsible mail addr = nstld.verisign-grs.com
serial = 2002021901
refresh = 1800 (30 mins)
retry = 900 (15 mins)
expire = 604800 (7 days)
default TTL = 86400 (1 day)
> set q=all
> nt1-web.wyburnet.com
Server: bison.kingston-internet.co.uk
Address: 212.50.161.28

*** bison.kingston-internet.co.uk can't find nt1-web.wyburnet.com: Non-existent domai
n

************************
Chris Andrew, CCNA
chrisac@gmx.co.uk
************************

lancewynn · Feb 20, 2002

Thanks again for that. (This server was an old one from a previous job, and I didn't rebuild it, so it had the same DNS setup) I made the changes you outlined, so now the SOA records match, but still no-go. If I do an nsLookup locally from the server, I get the correct info, However when I do an NSLookup, and set the server to 216.126.202.165 (effectiveky going through the Router's NAT) all sites queried return 216.126.202.165. All of these tests point at the router being the culprit.

C:\>nslookup
Default Server: ns1.rmci.net
Address: 205.162.184.2

> server 216.126.202.165
Default Server: dsl-b2-165.sisna.com
Address: 216.126.202.165

> set q=all
> familyadmin.com
Server: dsl-b2-165.sisna.com
Address: 216.126.202.165

familyadmin.com internet address = 216.126.202.165
familyadmin.com nameserver = dns01.aworldoutdoors.com
familyadmin.com
primary name server = dns01.aworldoutdoors.com
responsible mail addr = lance_wynn@hotmail.com
serial = 13
refresh = 3600 (1 hour)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)

Look what happens when I query Yahoo from outside the router:

> server 216.126.202.165
Default Server: dsl-b2-165.sisna.com
Address: 216.126.202.165

> set q=all
>

http://www.yahoo.com

Server: dsl-b2-165.sisna.com
Address: 216.126.202.165

Non-authoritative answer:

http://www.yahoo.com

canonical name =

http://www.yahoo.akadns.net