Ubuntu 20.04 Bind9 - does not open a domain if you are not on your home network?

E

Evgeny Dolbanovsky2022-02-02 22:19:05

ubuntu

Evgeny Dolbanovsky, 2022-02-02 22:19:05

Deployed an Ubuntu 20.04 + IspConfig 3 (Apache+Bind9) server on a raspberry Pi that hangs on a lan wire and is located behind a router with a dedicated ip address. On the TP-Link router, ports 21,22,53,80, 443.8080 are open. I configured the server and the panel, added DNS records, created a zone. Created a site in the panel + ssl certificate. Everything works, but only from the home network. I found out when I had to install software from work.
Moreover, the panel opens from work through the address of the form https://sever.site.ru:8080
But the domain itself https://site.ru or other subdomains of the form https://test.site.ru - DO NOT OPEN.
From the house everything opens without problems.
That is, if I am inside the router's Lan or WiFi network, then everything works. I turn off Wifi on my smartphone, and that’s it, I can’t go to the site.

Disabled ufw.

I googled on the /etc/bind/named.conf.options settings - nothing came out, I configured both by default and with the rules, now the content, 192.168.0.2 is the address of the server on the router's local network:

acl "trusted" { 192.168.0.2; };
options {
        directory "/var/cache/bind";
        recursion yes;
        allow-recursion { trusted; };
        listen-on { 192.168.0.2; };
        allow-transfer { none; };
        forwarders { 8.8.8.8; 8.8.4.4; };
};

The contents of /etc/systemd/resolved.conf
DNS=192.168.0.2

But the resolver writes that the address is 192.168.0.1 - and this is the address of the router in LAN

Global
       LLMNR setting: no
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
  Current DNS Server: 192.168.0.2
         DNS Servers: 192.168.0.2
          DNSSEC NTA: 10.in-addr.arpa
                      16.172.in-addr.arpa
                      168.192.in-addr.arpa
                      17.172.in-addr.arpa
                      18.172.in-addr.arpa
                      19.172.in-addr.arpa
                      20.172.in-addr.arpa
                      21.172.in-addr.arpa
                      22.172.in-addr.arpa
                      23.172.in-addr.arpa
                      24.172.in-addr.arpa
                      25.172.in-addr.arpa
                      26.172.in-addr.arpa
                      27.172.in-addr.arpa
                      28.172.in-addr.arpa
                      29.172.in-addr.arpa
                      30.172.in-addr.arpa
                      31.172.in-addr.arpa
                      corp
                      d.f.ip6.arpa
                      home
                      internal
                      intranet
                      lan
                      local
                      private
                      test

Link 2 (eth0)
      Current Scopes: DNS
DefaultRoute setting: yes
       LLMNR setting: yes
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
  Current DNS Server: 192.168.0.1
         DNS Servers: 192.168.0.1
                      8.8.4.4

Contents of /etc/resolv.conf:

nameserver 127.0.0.1
nameserver 127.0.0.53

I don't understand what's wrong.

Reply

Answer the question

In order to leave comments, you need to log in

0 answer(s)