Learning BIND9 In A Hurry
(Note: This a part of my Adventures In Geekdom.)
It's early 2008 and I'm at Pulsar Aviation but temporarily working at the office of a partner of ours in Mojave, CA, a good hour and a half to the northwest. This partner's hours start at 7 AM, so I have to leave well before the sun comes up to get there on time. Around 4 PM, I'm wrapping up the day's work when I get a call from one of the office workers back in San Bernardino that the DSL modem had died. They had tried powercycling it due to slow internet (which was generally a problem with my boss's BitTorrent activities, but nevermind that) and it now showed no lights at all.
A short while later, I discover that the words "emergency" and "need this yesterday" mean nothing to Verizon. The soonest we can get a replacement is three days.
It's now about 4:30, so I pack up and hop in my car to head down to San Bernardino, stopping at Best Buy and Office Depot to try to find a replacement. The only replacement I can find is a Verizon-branded DSL Modem+Router. I don't need a router, but there it is. Now, this router is one of the worst pieces of equipment I've ever dealt with, and another story involves its replacement. But the first issue cropped up within minutes of having it installed.
I get into the office, get setup and start testing. Internet connectivity works fine, I verify that people can access our servers from the outside as before; all is well. So I start cleaning up the mess and then I notice an error message from my mail client. "Unable to connect to server."
This is rather odd, the server in question being a mere three feet from me and a single hop on the network. I netcat to port 25 on the server, get an SMTP server answer. 110? POP comes up fine. What's going on here?
Then it hits me. I try to netcat to the server via our external address, which would be the one specified in our MX entry. Total failure.
A little bit of testing later (it's after 7PM now, and I've been up since 5AM) and I determine that the new router is entirely incapable of routing back in through a NAT. It just drops the packets. Wonderful. I search futilely through the options on the router for a few more minutes then sit back to think about the problem.
Well, I can solve it by having people use the internal IP address with their mail clients in the office. But that won't work for our laptops and is a pretty crappy solution anyway. Having decided that, I figure that the only good answer is to set up a DNS server for local use, serving the internal addresses. This would be my first time touching a raw zone file, let alone setting up such a server from scratch.
I'd been up and working for far too long at this point, so it takes me a few hours of trial and error (mostly with the zone file) before I get a configuration working. I update our dhcpd configuration to instruct our systems to use it, run a quick test, then stumble back to my car, getting home around midnight.