ケーブルモデムとスイッチの間にpfSenseインラインがあり、pfSenseには、LANにローカルサブゾーンを提供するために使用したいローカルDNSサーバーに53に転送されるNATポートがあります。ローカルネームサーバーを調べると、ゲートウェイのIPが返され、WAN IPが必要です。
パブリックIPの使用
dig @ns-local.jeffreylroberts.com www.local.jeffreylroberts.com
返品:
;; reply from unexpected source: 192.168.1.41#53, expected 72.28.137.79#53
;; reply from unexpected source: 192.168.1.41#53, expected 72.28.137.79#53
;; reply from unexpected source: 192.168.1.41#53, expected 72.28.137.79#53
; <<>> DiG 9.8.3-P1 <<>> @ns-local.jeffreylroberts.com www.local.jeffreylroberts.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
192.168.1.41は私のファイアウォール/ゲートウェイです。
dig ns-local.jeffreylroberts.com
返品:
; <<>> DiG 9.8.3-P1 <<>> ns-local.jeffreylroberts.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55005
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ns-local.jeffreylroberts.com. IN A
;; ANSWER SECTION:
ns-local.jeffreylroberts.com. 299 IN A 72.28.137.79
;; Query time: 75 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Apr 15 18:01:12 2015
;; MSG SIZE rcvd: 62
内部IPの使用
dig ns-local.jeffreylroberts.com
返品:
; <<>> DiG 9.8.3-P1 <<>> ns-local.jeffreylroberts.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16525
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ns-local.jeffreylroberts.com. IN A
;; ANSWER SECTION:
ns-local.jeffreylroberts.com. 299 IN A 192.168.1.35
;; Query time: 86 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Apr 15 18:03:53 2015
;; MSG SIZE rcvd: 62
dig @ns-local.jeffreylroberts.com www.local.jeffreylroberts.com
返品:
; <<>> DiG 9.8.3-P1 <<>> @ns-local.jeffreylroberts.com www.local.jeffreylroberts.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
いくつかの追加マイニングコマンド
$ dig @kara.ns.cloudflare.com www.local.jeffreylroberts.com
; <<>> DiG 9.8.3-P1 <<>> @kara.ns.cloudflare.com www.local.jeffreylroberts.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58910
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;www.local.jeffreylroberts.com. IN A
;; AUTHORITY SECTION:
local.jeffreylroberts.com. 300 IN NS ns-local.jeffreylroberts.com.
;; ADDITIONAL SECTION:
ns-local.jeffreylroberts.com. 300 IN A 72.28.137.79
;; Query time: 17 msec
;; SERVER: 173.245.58.123#53(173.245.58.123)
;; WHEN: Thu Apr 16 12:48:11 2015
;; MSG SIZE rcvd: 86
$ dig @8.8.4.4 www.local.jeffreylroberts.com
; <<>> DiG 9.8.3-P1 <<>> @8.8.4.4 www.local.jeffreylroberts.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 21237
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.local.jeffreylroberts.com. IN A
;; Query time: 3163 msec
;; SERVER: 8.8.4.4#53(8.8.4.4)
;; WHEN: Thu Apr 16 12:48:30 2015
;; MSG SIZE rcvd: 47
kara.ns.cloudflare.comでは正常に動作しますが、Googleでは動作しないようです。
これを達成する方法についてのアイデアをいただきありがとうございます。