Results 1 to 7 of 7

Thread: DHCP, NAT and Firewall

  1. #1
    PimpDaDdy is offline Junior Member
    Join Date
    Jan 2007
    Posts
    7
    Rep Power
    8

    Default DHCP, NAT and Firewall

    I've gotten some really good answers to this point on a couple other topics and hope that I can get one more I have looked through the forum answers and have found a few that seem to come close to fitting the bill but nothing dead on. Here is my problem. I am a residential Road Runner customer trying to install zimbra behind a linksys router that's providing NAT for the actual server. Residential Road Runner is DHCP so my IP address resovles to a Road Runner domain. I signed up for, and have to renew, a dyndns account with my own domain and MX record so they seem to work.

    My problem is sending AND receiving email at the same time. With DNS check enabled I can send out but can't receive. With DNS check turned off I can receive but can't send. I might have that reversed but the behavior is basically as described. I've tried adding entries into my /etc/hosts file for my dyndns name and local host with various configurations but I can't get send and receive to work at the same time. Is there a tutorial on how to configure this specific setup? Is there something that I am missing or could tweak without getting overly complicated? I don't currently have any experience with DNS servers and would like to avoid setting up an internal server solely for the purpose of "fooling" Zimbra.

  2. #2
    jholder's Avatar
    jholder is offline Former Zimbran
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    20

    Default

    What does a
    dig mx DOMAIN

    return?

  3. #3
    PimpDaDdy is offline Junior Member
    Join Date
    Jan 2007
    Posts
    7
    Rep Power
    8

    Default dig results

    mjolnir:~/Desktop sgallwey$ dig mx mjolnir.dnsdojo.net

    ; <<>> DiG 9.3.2 <<>> mx mjolnir.dnsdojo.net
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33024
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 5, ADDITIONAL: 6

    ;; QUESTION SECTION:
    ;mjolnir.dnsdojo.net. IN MX

    ;; ANSWER SECTION:
    mjolnir.dnsdojo.net. 43200 IN MX 5 mjolnir.dnsdojo.net.
    mjolnir.dnsdojo.net. 43200 IN MX 10 mjolnir.dnsdojo.net.

    ;; AUTHORITY SECTION:
    dnsdojo.net. 47075 IN NS ns1.dyndns.org.
    dnsdojo.net. 47075 IN NS ns2.dyndns.org.
    dnsdojo.net. 47075 IN NS ns3.dyndns.org.
    dnsdojo.net. 47075 IN NS ns4.dyndns.org.
    dnsdojo.net. 47075 IN NS ns5.dyndns.org.

    ;; ADDITIONAL SECTION:
    mjolnir.dnsdojo.net. 60 IN A 74.67.179.245
    ns1.dyndns.org. 38167 IN A 63.208.196.90
    ns2.dyndns.org. 27124 IN A 204.13.249.81
    ns3.dyndns.org. 63326 IN A 204.13.250.81
    ns4.dyndns.org. 59679 IN A 213.155.150.205
    ns5.dyndns.org. 63326 IN A 63.170.10.81

    ;; Query time: 43 msec
    ;; SERVER: 24.92.226.9#53(24.92.226.9)
    ;; WHEN: Tue Feb 20 01:46:34 2007
    ;; MSG SIZE rcvd: 265

  4. #4
    jholder's Avatar
    jholder is offline Former Zimbran
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    20

    Default

    Is this the IP of your server?
    mjolnir.dnsdojo.net. 60 IN A 74.67.179.245

  5. #5
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,568
    Rep Power
    57

    Default

    Quote Originally Posted by PimpDaDdy View Post
    Is there something that I am missing or could tweak without getting overly complicated? I don't currently have any experience with DNS servers and would like to avoid setting up an internal server solely for the purpose of "fooling" Zimbra.
    I'm afraid it's time to learn DNS.

    It's not a case of 'fooing' Zimbra (actually, it's Postfix that needs the DNS lookup), the problem is your server can't be found via DNS when you're behind a NAT router. The only address a DNS lookuk will see is the public IP assigned to the router, your private LAN IP of 192.168.x.x is 'invisible' to DNS. In order to get over that you'll need a DNS server on your LAN so that when a DNS lookup is made your internal IP will resolve to your ZImbra server and you will be able to send & receive mail happily. There's an introduction to that setup on the wiki, it's split-DNS.

    Before you go down that route, there may be one trick you might be able to use if your router has it. Have a look at the documentation or in a linksys forum and see if there's a feature called 'loopback', if it has that then you may be in luck. Let us know if it has.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  6. #6
    PimpDaDdy is offline Junior Member
    Join Date
    Jan 2007
    Posts
    7
    Rep Power
    8

    Default Thanks

    I was afraid of that. I wish there was a way to make DNS checks look at the /etc/hosts file first. It would be a lot easier than running and administering a DNS server.


    Thanks for your help. I'll try the DNS thing when I get home.

  7. #7
    jholder's Avatar
    jholder is offline Former Zimbran
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    20

    Default

    Quote Originally Posted by PimpDaDdy View Post
    I was afraid of that. I wish there was a way to make DNS checks look at the /etc/hosts file first. It would be a lot easier than running and administering a DNS server.


    Thanks for your help. I'll try the DNS thing when I get home.
    Hosts file trumps dns look up in terms of name to ip. It doesn't provide MX, CNAME, or PTR records. Only A

    john

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Firewall / NAT
    By dnewburg in forum Administrators
    Replies: 9
    Last Post: 01-31-2007, 08:39 AM
  2. Replies: 7
    Last Post: 10-04-2006, 02:49 AM
  3. Replies: 2
    Last Post: 09-06-2006, 01:15 AM
  4. Zimbra behind NAT firewall
    By amitbapat in forum Administrators
    Replies: 9
    Last Post: 01-09-2006, 12:55 PM
  5. Firewall ports and NAT
    By mrcottonmouth in forum Installation
    Replies: 3
    Last Post: 10-23-2005, 07:53 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •