Multiple authoritative DNS server on same IPv4 address

Posted by Adrien Clerc on Server Fault See other posts from Server Fault or by Adrien Clerc
Published on 2012-06-12T08:35:04Z Indexed on 2012/06/12 16:42 UTC
Read the original article Hit count: 675

I'd like to maintain a DNS tunnel on my self-hosted server at example.com. I also have a DNS server on it, which serves everything for example.com. I'm currently using dns2tcp for DNS tunneling, on the domain tunnel.example.com. NSD3 is used for serving authoritative zones, because it is both simple and secure.

However, I have only one public IPv4 address, which means that NSD and dns2tcp can't listen on the same IP/port.

So I'm currently using PowerDNS Recursor using the forward-zones parameter like this:

forward-zones-recurse=tunnel.example.com=1.2.3.4:5354
forward-zones=example.com=1.2.3.4:5353

This enables request for authoritative zone to be asked to the correct server, as well as for tunnel requests. NSD is listening on port 5353 and dns2tcp on port 5354.

However, this is bad, because the recursor needs to be open. And it actually answers to any recursive query.

Do you have any solution for that? I really prefer a solution that doesn't involve setting up BIND, but if you are in the mood to convince me, don't hesitate to do so ;)


EDIT: I change the title to be clearer.

© Server Fault or respective owner

Related posts about dns

Related posts about tunneling