0

I have a Mac Mini running Mac OS 10.6.6 Server that will be part of a local network, and a static IP from my ISP. I'd like to set up DNS for the Mini with a FQDN as the hostname (example.com) properly. The Mini is behind a router (Apple Airport Extreme) and is given a private, static IP address. I can't assign it the public static IP directly because it's behind a router with DHCP/NAT for other machines on the local net.

My end goal here is for services to resolve to the server properly from outside and inside the local network to users via example.com (and subdomains like mail.example.com, www.example.com), which will point to the public static IP assigned to the router.

Will DNS work/resolve properly (for mail services and other subdomains) if it has a private ip address, but the necessary services are forwarded properly through NAT?

I'm open to any (hopefully better) suggestions, as my current setup doesn't seem like it's the best way. Currently, more hardware or another public static IP is not possible. With the current setup, it seems as though one static IP is not necessary anyway. Thanks in advance for any insight.

thechriskelley
  • 3
  • 3

1 Answers1

1

External entities will work correctly when passed through NAT.

Your problem will be clients local to that server attempting to use the public IP address to talk to the Mini. Your router will have to support NAT hairpinning (described well in this question: No-ip works for non-internal clients, pinging works internally). Since few SOHO routers support that, you may have to run a second zone for local client so they'll get local IP addresses.

Community
  • 1
sysadmin1138
  • 133,124
  • 18
  • 176
  • 300
  • Thank you, this helps. NAT Hairpinning is definitely what I need, and I believe that the Airport Extreme supports it, but can't find any documentation on it. In looking at http://superuser.com/questions/135366/unable-to-outside-access-service-from-inside-lan, It looks like my solution could be to add the local IP to the /etc/hosts on each _local only_ machine for a quick and dirty, or as you said, setting up a zone for the local clients. For machines on the local net, I suppose I'll set the mini as the primary DNS and my standard external server for secondary. – thechriskelley Feb 22 '11 at 17:45