I'd like now to use my debian machine as my real Home LAN dns server too. 192.168.3.0/24 is my physical LAN subnet.
So, I set my debian IP (192.168.3.96) as my main dns server in my LAN router. I then added these two iptables rules in my debian server machine:
Code: Select all
iptables -A INPUT -i ens33 -s
192.168.3.0/24 -p udp --dport 53 -m conntrack --ctstate NEW -j ACCEPT iptables -A INPUT -i ens33 -s 192.168.3.0/24 -p tcp --dport 53 -m conntrack --ctstate NEW -j ACCEPT
Code: Select all
C:\Users\mike>nslookup bbc.co.uk
Server: UnKnown
Address: 192.168.3.96
*** UnKnown can't find bbc.co.uk: Query refused
Code: Select all
root@debianser:~# sudo tcpdump -n udp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
23:38:52.995069 IP 192.168.3.100.58294 > 192.168.3.96.53: 1+ PTR? 96.3.168.192.in-addr.arpa. (43)
23:38:52.995987 IP 192.168.3.96.53 > 192.168.3.100.58294: 1 Refused 0/0/0 (43)
23:38:52.998894 IP 192.168.3.100.58295 > 192.168.3.96.53: 2+ A? bbc.co.uk. (27)
23:38:52.999055 IP 192.168.3.96.53 > 192.168.3.100.58295: 2 Refused 0/0/0 (27)
23:38:53.000411 IP 192.168.3.100.58296 > 192.168.3.96.53: 3+ AAAA? bbc.co.uk. (27)
23:38:53.002549 IP 192.168.3.96.53 > 192.168.3.100.58296: 3 Refused 0/0/0 (27)
23:38:53.003966 IP 192.168.3.100.58297 > 192.168.3.96.53: 4+ A? bbc.co.uk. (27)
23:38:53.005820 IP 192.168.3.96.53 > 192.168.3.100.58297: 4 Refused 0/0/0 (27)
23:38:53.006366 IP 192.168.3.100.58298 > 192.168.3.96.53: 5+ AAAA? bbc.co.uk. (27)
23:38:53.008249 IP 192.168.3.96.53 > 192.168.3.100.58298: 5 Refused 0/0/0 (27)
Also, I was wondering whether my debian can be used as a dns server for both networks, the virtual one in VMware (10.10.10.0/24) and my real one (192.168.3.0/24)
Thanks