Public IP, publish DNS

Jyge

Need to set up Zywall 110 with public IP-addresses, which we have.

-have two public DNS-server which must be publish to internet

-public IP:s have used also on LAN (dhcp)

What is the best way to configure fw and publish DNS servers? 

Firmware 4.32

Public address range:

xxx.65.126.1 - xxx.65.126.256

xxx.65.1267.1 - xxx.65.127.256

xxx.65.126.1 (router)

xxx.65.126.2 (fw)

xxx.65.126.7 (switch)

xxx.65.127.5 (NS1) - public DNS server

xxx.65.127.10 (NS2)  - public DNS server

xxx.65.126.10 - xxx.65.126.90 (dhcp)

Alfonso

Hi @Jyge

Only some recommendations:

- Your public DNS default gateway must be the Firewall's ip
- Your firewall Default gateway must be the router's ip
- remove the public ip address os the switch unless it is completely necessary.
- Add a policy rule:
 Source: ANY
 Destination: Public DNS
 Service: DNS
 Action: Allow
- Add another policy rule if your DNS are caching:
 Source: Public DNS
 Destination: ANY
 Service: DNS
 Action: Allow

I   hope it helps you,

Regards 

Zyxel_Stanley

Hi @Jyge

You can add a bridge interface for this requirement. 

Go to Configuration > Network > Interface > Bridge Click Add button.

(1) Setup interface, zone and member of interfaces.

(2) Set IP address for this interface

(3) Setup DHCP function for DHCP client.

(4) Add policy control rule for incoming DSN query.

Due to DNS server with public IP address, so port forwarding rule is unnecessary.

Jyge

Thanks Zyxel_Stanley!

Get it done. Was some issues with DCHP, but no it work.