I'm having a tough time figuring this one out.
I have the following network:
(Internet)--(firewall) -- (PC1 (Ubuntu 20.04)) -- (PC2 (Fedora, 192.168.0.2))
PC1 has two NICs, faces(enp4s0) faces the firewall, faces(eno0) faces PC2
The firewall shown is blocking all outgoing DNS requests and I cannot change that. PC2 needs access to 8.8.8.8 and I also can't change that. However PC1 does have internet access so long as it uses an internal DNS server, let's call it 192.169.100.100, and is running the following UFW configuration. Note that
# Nat table rules *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] # Forward traffic from eno1 through enp4s0 -A PREROUTING -i enp4s0 -p udp --dport 53 -j DNAT --to-destination 192.169.100.100 -A POSTROUTING -s 192.168.0.0/24 -o enp4s0 -j MASQUERADE # process the nat table rules COMMIT As you can see all traffic gets forwarded from PC2 through PC1. That works fine. PC2 can ping 8.8.8.8 without issue. However since PC2 attempts to resolve addresses with 8.8.8.8 and those get blocked by the firewall I'm not able to use PC2 as required. What I'd like to do is route any DNS requests for 8.8.8.8 to 192.169.100.100 so that they resolve.
Is that possible? If so, any ideas of what I'm doing wrong as I'm rather stumped. I've been staring at wireshark and watching the packets try to reach 8.8.8.8 for a while now.
Thanks!