게이트웨이 IP를 반환하는 방화벽으로 인해 로컬 도메인 하위 지역의 로컬 DNS 서버에 액세스할 수 없습니다.

게이트웨이 IP를 반환하는 방화벽으로 인해 로컬 도메인 하위 지역의 로컬 DNS 서버에 액세스할 수 없습니다.

케이블 모뎀과 스위치 사이에 pfSense 인라인이 있고 pfSense에는 LAN에 로컬 하위 영역을 제공하는 데 사용하려는 로컬 DNS 서버에 53으로 전달되는 NAT 포트가 있습니다. 이제 로컬 네임서버를 조사하면 게이트웨이의 IP가 반환되고 WAN IP가 필요합니다.

공개 IP 사용

dig @ns-local.jeffreylroberts.com www.local.jeffreylroberts.com

반품:

;; reply from unexpected source: 192.168.1.41#53, expected 72.28.137.79#53
;; reply from unexpected source: 192.168.1.41#53, expected 72.28.137.79#53
;; reply from unexpected source: 192.168.1.41#53, expected 72.28.137.79#53

; <<>> DiG 9.8.3-P1 <<>> @ns-local.jeffreylroberts.com www.local.jeffreylroberts.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

192.168.1.41은 내 방화벽/게이트웨이입니다.

dig ns-local.jeffreylroberts.com

반품:

; <<>> DiG 9.8.3-P1 <<>> ns-local.jeffreylroberts.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55005
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;ns-local.jeffreylroberts.com.  IN  A

;; ANSWER SECTION:
ns-local.jeffreylroberts.com. 299 IN    A   72.28.137.79

;; Query time: 75 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Apr 15 18:01:12 2015
;; MSG SIZE  rcvd: 62

내부 IP 사용

dig ns-local.jeffreylroberts.com

반품:

; <<>> DiG 9.8.3-P1 <<>> ns-local.jeffreylroberts.com
;; global options: +cmd 
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16525
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;;  QUESTION SECTION:
;ns-local.jeffreylroberts.com.  IN  A

;; ANSWER SECTION:
ns-local.jeffreylroberts.com. 299 IN    A   192.168.1.35

;; Query time: 86 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Apr 15 18:03:53 2015
;; MSG SIZE  rcvd: 62

dig @ns-local.jeffreylroberts.com www.local.jeffreylroberts.com

반품:

; <<>> DiG 9.8.3-P1 <<>> @ns-local.jeffreylroberts.com www.local.jeffreylroberts.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

몇 가지 추가 마이닝 명령

$ dig @kara.ns.cloudflare.com www.local.jeffreylroberts.com

; <<>> DiG 9.8.3-P1 <<>> @kara.ns.cloudflare.com www.local.jeffreylroberts.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58910
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;www.local.jeffreylroberts.com. IN  A

;; AUTHORITY SECTION:
local.jeffreylroberts.com. 300  IN  NS  ns-local.jeffreylroberts.com.

;; ADDITIONAL SECTION:
ns-local.jeffreylroberts.com. 300 IN    A   72.28.137.79

;; Query time: 17 msec
;; SERVER: 173.245.58.123#53(173.245.58.123)
;; WHEN: Thu Apr 16 12:48:11 2015
;; MSG SIZE  rcvd: 86

$ dig @8.8.4.4 www.local.jeffreylroberts.com

; <<>> DiG 9.8.3-P1 <<>> @8.8.4.4 www.local.jeffreylroberts.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 21237
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.local.jeffreylroberts.com. IN  A

;; Query time: 3163 msec
;; SERVER: 8.8.4.4#53(8.8.4.4)
;; WHEN: Thu Apr 16 12:48:30 2015
;; MSG SIZE  rcvd: 47

kara.ns.cloudflare.com에서는 제대로 작동하지만 Google에서는 작동하지 않는 것 같습니다.

이를 달성할 수 있는 방법에 대한 아이디어를 주시면 감사하겠습니다.

관련 정보