From owner-freebsd-questions@FreeBSD.ORG Wed Jan 19 12:26:38 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8956816A4CE for ; Wed, 19 Jan 2005 12:26:38 +0000 (GMT) Received: from top.daemonsecurity.com (FW-182-254.go.retevision.es [62.174.254.182]) by mx1.FreeBSD.org (Postfix) with ESMTP id 77EEC43D5E for ; Wed, 19 Jan 2005 12:26:35 +0000 (GMT) (envelope-from norgaard@locolomo.org) Received: from [IPv6???1] (localhost.daemonsecurity.com [127.0.0.1]) by top.daemonsecurity.com (Postfix) with ESMTP id 20D23FD01F; Wed, 19 Jan 2005 13:26:33 +0100 (CET) Message-ID: <41EE51F3.8090501@locolomo.org> Date: Wed, 19 Jan 2005 13:26:27 +0100 From: Erik Norgaard User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.2) Gecko/20041114 X-Accept-Language: en, en-us, da, it, es MIME-Version: 1.0 To: Tom Huppi References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-questions@freebsd.org Subject: Re: NAT/DNS question/recommendation? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Jan 2005 12:26:38 -0000 Tom Huppi wrote: > I have a FreeBSD 5.3 workstation connected to the net via user-ppp > with a dynamic IP. I have user-ppp doing both NAT and simple > firewall. > > I have a headless server box, also 5.3, set up as a NAT client. > I run it only when I need the horsepower since it's loud and sucks > power. > > My problem is that the NAT client acts funny. It makes the > gateway/workstation box dial up when I attempt to automount from > it for example. Also I've had troubles with ssh delays. I'm > pretty sure that what is happening is that it wants to use DNS to > resolve names sometime even though all that it needs _should_ be > in the /etc/hosts file (and nsswitch.conf lists files first.) > > On the NAT client, I have my defaultrouter set to the NAT server's > IP (in the 172.16 range.) Also I have my ISP's dns server in > /etc/resolv.conf. I can't seem to make things work well any other > way. > > Can someone recommend a better setup to aviod my problems, or > suggest that I should _not_ be having these problems with this > setup and that something else in my setup must be wrong? > > A long, long time ago, I set up a caching-only DNS server on a > gateway box 'for the fun of it.' If there is not a simpler > solution, I'll do it again (though the fun has worn off), but I > thought I'de ask here first. > > BTW, I have done some research on this, but really didn't find > that many specific details about NAT client > configuration...possibly I just didn't look hard enough. Maybe you are searching for the wrong keywords. I simply haven't heard of anyone speak of a "NAT client" or "NAT Server" before. Secondly you haven't told us anything about how things are setup: Are you using ipfw, ipf or pf? What are your nat-rules? what are your filter rules? You are trying to automount what? nfs, smbfs? ssh delays? did you try to type in the ip to see if it was faster? I think I get the picture of your network but sometimes it helps a lot if you scetch the network with a ascii-diagram, add ip's etc. Cheers, Erik -- Ph: +34.666334818 web: www.locolomo.org S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9 Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2