Multiple authoritative DNS server on same IPv4 address
Posted
by
Adrien Clerc
on Server Fault
See other posts from Server Fault
or by Adrien Clerc
Published on 2012-06-12T08:35:04Z
Indexed on
2012/06/12
16:42 UTC
Read the original article
Hit count: 668
I'd like to maintain a DNS tunnel on my self-hosted server at example.com. I also have a DNS server on it, which serves everything for example.com. I'm currently using dns2tcp for DNS tunneling, on the domain tunnel.example.com. NSD3 is used for serving authoritative zones, because it is both simple and secure.
However, I have only one public IPv4 address, which means that NSD and dns2tcp can't listen on the same IP/port.
So I'm currently using PowerDNS Recursor using the forward-zones
parameter like this:
forward-zones-recurse=tunnel.example.com=1.2.3.4:5354
forward-zones=example.com=1.2.3.4:5353
This enables request for authoritative zone to be asked to the correct server, as well as for tunnel requests. NSD is listening on port 5353 and dns2tcp on port 5354.
However, this is bad, because the recursor needs to be open. And it actually answers to any recursive query.
Do you have any solution for that? I really prefer a solution that doesn't involve setting up BIND, but if you are in the mood to convince me, don't hesitate to do so ;)
EDIT: I change the title to be clearer.
© Server Fault or respective owner