Home / server / Questions / 152600
Accepted
w00t
Asked: 2010-06-19 10:11:26 +0800 CST

iptables traffic redirection for multiple public ips

  • 772

On my linux machine I have:
- one physical interface eth0 with the public ip x.x.x.x
- one logical interface eth0:0 with the public ip t.t.t.t
- BIND DNS listening to t.t.t.t

If I ping t.t.t.t from any other place, it responds back, so that's good.
What I'm trying to do is set up BIND to use the t.t.t.t ip for zone exchange, the only bad thing is that traffic returning from the master server is going back to x.x.x.x.
I have tried some SNAT but I didn't quite hit the spot, traffic did match my rule but the master BIND would still reply to x.x.x.x.

Any ideas?

bind iptables ips

1 Answers

  1. Best Answer

    BIND has a transfer-source option that controls which local address is used to fetch zones. Add it to the options section of named.conf:

    options {

    // ...

    transfer-source t.t.t.t;
};

    With this option set, BIND will send out transfer request messages from t.t.t.t. Responses from the master will then be sent back to t.t.t.t. You will also need to configure the master to accept zone transfers from t.t.t.t (if you've not done so already).

    You might also like to set the query-source and notify-source options to control which local address is used for making queries and sending notify messages respectively:

    query-source address t.t.t.t;
notify-source t.t.t.t;

    Further documentation for these options can be found in the BIND Administrator Reference Manual, available from the BIND documentation page.

    • 1