Monthly Archives: January 2014

NAT loopback and local DNS again

A while ago I had to do some fiddling to make my internet-accessible server also work from behind the Orange Livebox router at home. I described the problem and first fix in this post. Yesterday, it all stopped working, which was very annoying. It was my fault.

What was the problem? Well, the dynamic DNS entry was no longer updating, so when the IP address of the home router changed, as it does from time to time, the outside world could no longer find my server. It turns out that the little script which keeps the dynamic DNS updated relies on being able to find two addresses on the internet which are in the same domain as my dynamic address. For the sake of this example, we’re using ‘example.dyn.com’ as my dynamic IP address. The dynamic DNS update process also needs to be able to find ‘echo.dyn.com’ (which finds out the IP address of my router) and ‘rh.dyn.com’ (which accepts the update itself). I’d got my local DNS set up to override the whole ‘dyn.com’ domain so the update process simply wasn’t working – it could find neither ‘echo.dyn.com’ or ‘rh.dyn.com’.

The fix was delightfully simple. I just changed my DNS setup so it overrode only the specific address I was interested in. So now /etc/bind/named.conf.local has the following section in:

zone "example.dyn.com" {
  type master;
  file "/etc/bind/db.example.dyn.com";
};

and the zone file /etc/bind/db.example.dyn.com looks like:

$ORIGIN .
$TTL 604800 ; 1 week
example.dyn.com IN SOA localhost. root.localhost. (
  2009060801 ; serial
  604800 ; refresh (1 week)
  86400 ; retry (1 day)
  2419200 ; expire (4 weeks)
  604800 ; minimum (1 week)
  )
  NS sheevaplug
  A 192.168.1.10

Problem solved – the dynamic DNS update works and my server is visible from the internet again. Now I can go to the office and use it.

Advertisements