192.168.2.64と192.168.2.65が同じマシン(housyou)に刺さっている。
192.168.2.64上では124.155.113.117で公開するサービスを走らせて、192.168.2.65上ではLAN上に公開したいものを走らせる。
というのも、LAN上で124.155.113.117を返されてもrouterがNATできないらしく、つながらないためだ。したがって、tonic-water.comを192.168.2.65のDNSと192.168.2.64のDNSに問い合わせると結果が異なる。それらを決めているfileも/etc/maradns/{local|pub}とdiffを使って検証しやすい範囲にあり、ありがたい。
[nori@umikaze]~% dig @192.168.2.64 tonic-water.com
; <<>> DiG 9.3.4-P1 <<>> @192.168.2.64 tonic-water.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57135
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;tonic-water.com. IN A
;; ANSWER SECTION:
tonic-water.com. 86400 IN A 124.155.113.117
;; AUTHORITY SECTION:
tonic-water.com. 86400 IN NS ns.tonic-water.com.
;; ADDITIONAL SECTION:
ns.tonic-water.com. 86400 IN A 124.155.113.117
;; Query time: 1 msec
;; SERVER: 192.168.2.64#53(192.168.2.64)
;; WHEN: Tue Mar 31 09:39:28 2009
;; MSG SIZE rcvd: 82
[nori@umikaze]~% dig @192.168.2.65 tonic-water.com
; <<>> DiG 9.3.4-P1 <<>> @192.168.2.65 tonic-water.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51269
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;tonic-water.com. IN A
;; ANSWER SECTION:
tonic-water.com. 86400 IN A 192.168.2.64
;; AUTHORITY SECTION:
tonic-water.com. 86400 IN NS ns.tonic-water.com.
;; ADDITIONAL SECTION:
ns.tonic-water.com. 86400 IN A 192.168.2.64
;; Query time: 1 msec
;; SERVER: 192.168.2.65#53(192.168.2.65)
;; WHEN: Tue Mar 31 09:39:32 2009
;; MSG SIZE rcvd: 82
[nori@umikaze]~% dig @192.168.2.65 google.com
; <<>> DiG 9.3.4-P1 <<>> @192.168.2.65 google.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37585
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 300 IN A 74.125.45.100
google.com. 300 IN A 209.85.171.100
google.com. 300 IN A 74.125.67.100
;; Query time: 411 msec
;; SERVER: 192.168.2.65#53(192.168.2.65)
;; WHEN: Tue Mar 31 09:39:51 2009
;; MSG SIZE rcvd: 76
当たり前だが、192.168.2.64はcontent serverなのでrecursiveなresolveを許していない。
[nori@housyou]~% dig @192.168.2.64 google.com
; <<>> DiG 9.3.4-P1 <<>> @192.168.2.64 google.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 16782
;; flags: qr rd; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; Query time: 0 msec
;; SERVER: 192.168.2.64#53(192.168.2.64)
;; WHEN: Tue Mar 31 10:06:49 2009
;; MSG SIZE rcvd: 12
次はhttpです。
0 件のコメント:
コメントを投稿