Set up DNS behind Airport Base Station with NAT

Dec 03, '02 09:34:09AM

Contributed by: benoitc

Yesterday I bought an airport base staion. Funny, I've no more wire in my room :) Before, I hosted a web server with dyndns on my mac, and could access to my machine with my own domain name. But since I setup my mac to access the Net over the airport base station I have not been able to "see" my site from outside my wireless network. After reading many comments spread around, I decide to install my own domain name server to resolve my domain whith local IP. We will use BIND to do it. Apple includes it by default on mac os x 10.2 clients.

[Editor's note: Setting up your own DNS can be complicated. As I believe it's beyond my skill set (and I can't risk losing access if I mess up!), I have not tested this hint myself, Please proceed with care if you decide to give it a shot...]

In the following example, the IP address of your airport base station is 10.0.1.1 and the IP address of the Mac OS X machine that will be used as the DNS Server is 10.0.1.2 . Your Airport Base Station is configured to share a single IP address using DHCP or NAT. example.com is the domain name we will setup.

Now it's time to open your Terminal.

  1. Create a new named.conf:
    Save old named.conf:
     % sudo mv /etc/named.conf /etc/named.conf.old
    Create new named.conf:
     % sudo vi /etc/named.conf
    Paste this content:

    ------ Copy Below This Line --------
    // BIND 8.2 Config File 
    //
    // Controls global server configuration options
    // and sets defaults for other statements
    options {
    directory "/var/named";
    notify no;
    forwarders { ipofdns2; ipofdns2; };
    statistics-interval 1;
    version "surely you must be joking";

    };

    // These entries are not specific to any zone
    // They are required by any DNS server

    zone "0.0.127.in-addr.arpa" in {
    type master;
    file "db.127.0.0";
    };

    zone "." in {
    type hint;
    file "db.cache";
    };
    //
    // The following entries are where your zone information is entered
    //

    // This file contains the host names and their correlating IP addresses.

    zone "example.com" in {
    type master;
    file "db.example.com";
    };

    // This file contains the IP addresses and their correlating reverse lookup.

    zone "1.0.10.in-addr.arpa" in {
    type master;
    file "db.10.0.1";
    };
    ------ Copy Above This Line --------

  2. Create address-to-name lookup database file db.10.0.1Type:
     % sudo vi /var/named/db.10.0.0.1
    Paste this content:

    ------ Copy Below This Line --------
    $TTL 38400
    ; db.10.0.1 file
    ;

    1.0.10.in-addr.arpa. IN SOA ns.example.com. admin.bs.example.com. (
    1 ; Serial
    10800 ; Refresh after 3 hours
    3600 ; Retry after 1 hour
    604800 ; Expire after 1 week
    86400 ) ; Minimum TTL of 1 day

    ; Name servers

    1.0.10.in-addr.arpa. IN NS ns.example.com.

    ; Addresses point to canonical names

    2.1.0.10.in-addr.arpa. IN PTR ns.example.com.
    3.1.0.10.in-addr.arpa. IN PTR host3.example.com.
    4.1.0.10.in-addr.arpa. IN PTR host4.example.com.
    5.1.0.10.in-addr.arpa. IN PTR host5.example.com.
    6.1.0.10.in-addr.arpa. IN PTR host6.example.com.
    7.1.0.10.in-addr.arpa. IN PTR host7.example.com.
    8.1.0.10.in-addr.arpa. IN PTR host8.example.com.
    9.1.0.10.in-addr.arpa. IN PTR host9.example.com.
    ------ Copy Above This Line --------

    Note: I just added nine hosts in this file; it allow DHCP to give a name to each machine in your network. So you could ping to host4.example.com machine witch IP is 10.0.1.4 . But you could add more hosts.

  3. Create hostname-to-address lookup database file db.example.com
     % sudo vi /var/named/db.example.com
    Paste this content:

    ------ Copy Below This Line --------
    $TTL 86401
    ; db.example.com
    ;
    example.com. IN SOA ns.example.com. admin.ns.example.com. (
    10 ; Serial
    10800 ; Refresh after 3 hours
    3600 ; Retry after 1 hour
    604800 ; Expire after 1 week
    86400 ) ; Minimum TTL of 1 day
    ; Name servers

    example.com. IN NS ns.example.com.

    ; Primary Addresses

    localhost.example.com. IN A 127.0.0.1

    ns.example.com. IN A 10.0.1.2
    example.com IN A 10.0.1.2
    www.example.com IN CNAME 10.0.1.2
    host3.example.com. IN A 10.0.1.3
    host4.example.com. IN A 10.0.1.4
    host5.example.com. IN A 10.0.1.5
    host6.example.com. IN A 10.0.1.6
    host7.example.com. IN A 10.0.1.7
    host8.example.com. IN A 10.0.1.8
    host9.example.com. IN A 10.0.1.9
    ------ Copy Above This Line --------

  4. Copy some files
     % sudo cp /var/named/named.ca /var/named/db.cache
    % sudo cp /var/named/named.local /var/named/db.127.0.0
  5. Last step: modify hostconfig and start BIND service:
    Edit /etc/hostconfig file and enable bind:
     % sudo vi /etc/hostconfig
    Change "DNSSERVER=-NO-" to "DNSSERVER=-YES-", and then save and start bind:
     % sudo /System/Library/StartupItems/BIND/BIND start
Then change your dns server for your machine in network preferences and airport with Airport Admin Utility (Internet tab). Restart your airport base station. Now you can ping your own domain and access it with your browser without problem.

If you want to know more go here:

Apple Support Document
Linux DNS HOWTO

Comments (20)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20021203063409206