Configuring LAN Gateway on Oracle Linux

I am working through the instructions in the video produced by @rcsoleng.

After setting up the remote router, I receive the following error when I run it.

FATAL edge/tunnel/dns.NewDnsServer: dns server failed to start: listen udp 10.0.0.121:53: bind: permission denied

What have I done to attempt to resolve this

Checked that port 53 on UDP is open on the firewall and VCN (checked)

Other tips?

I really feel like I am walking in the dark here…

I found this reference in the Oracle help documentation but are not 100% sure what it all means…

Are there other steps that I need to take?
What else can I do to troubleshoot?

https://docs.oracle.com/en/operating-systems/oracle-linux/8/network/network-ConfiguringtheNameService.html

@TheLumberjack

@gooseleggs … any thoughts?

Hmm… I think I found the problem.

dig 10.0.0.121

When I run this command, the server could not be reached. However, I find this confusing as this is the output when I run ifconfig

ens3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 9000
        inet 10.0.0.121  netmask 255.255.255.0  broadcast 10.0.0.255
        inet6 fe80::17ff:fe00:2dc7  prefixlen 64  scopeid 0x20<link>
        ether 02:00:17:00:2d:c7  txqueuelen 1000  (Ethernet)
        RX packets 2703151  bytes 3031719249 (2.8 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2941664  bytes 2971859794 (2.7 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

My understanding is that you need to use the local private IP address for the server… that is attached to the network nic. Is this correct?

PS… I just logged into the Oracle Cloud admin panel and confirmed the private IP address is 10.0.0.121

Did you run the router as sudo? Is something already listening on that IP on port 53? Unfortunately, there’s probably a bunch of reasons why that can happen. You need to figure out why the router wasn’t permitted to bind on UDP port 53. I don’t have any other great tips for you on this one.

1 Like

Thanks for your feedback. I tried sudo which generated the same error.

Maybe I am going down the wrong direction, as what I really wan to achieve is to configure a ZTNA. ie. I want to make a LAN connection between my laptop and a remote server that contains my private git repository… so that I can perform a push over a ziti network.

Is this how you normally configure this?

Or… is there another way to setup ZTNA that I could use?

Actually… I am not sure what I did… but I just realised that I have made some progress… as I am now getting a different error

FATAL edge/tunnel/dns.NewDnsServer: dns server failed to start: listen udp 168.138.10.79:53: bind: cannot assign requested address

Any ideas on what this means / where to investigate?

OK… I think I understand this message… is 168.138.10.79 is the external IP address… which is not included in the /etc/hosts file

So… I should probably use the local IP address… however… I think the reason for permission denied error is because I did not include the private IP address when I rebuilt the controller PKI.

Does this make sense?

Working… now… I am not 100% sure what specifically I did… but the key things were

  1. needs to run under sudo
  2. I think both TCP 53 and UDP 53 ports need to be opened
  3. resolver needs to use the local IP address: udp://10.0.0.121:53
  4. router CSR… needs to use same details as controller

Sounds like you got it working, nice!