Date: Sun, 17 Sep 2000 22:33:40 -0400 From: Jan Knepper <jan@smartsoft.cc> To: mgruver@reveregroup.com, freebsd-questions@freebsd.org Subject: Re: I think I have a DNS caching problem... Message-ID: <39C57F04.6C6AD2E9@smartsoft.cc> References: <8625695E.00095491.00@main.reveregroup.com>
next in thread | previous in thread | raw e-mail | index | archive | help
mgruver@reveregroup.com wrote: > Thank you so much for your response. Actually I have Greg Lehey's excellent > book (I bought the whole BSDi Powerpak). And believe me, it gets better by the > day (the more I understand it's wisdom). In fact, I attempted the road you > suggested first (before I went the tinyproxy route), however when I rebooted > after recompiling and Kernel and adding the rc.conf natd and firewall variables, > all IP communication to and from the server ceased. I could not ping it, and I > could not ping out by DNS name or IP. The old "unknown host" deal. If that happens the FIREWALL is denying everything. try: # ipfw list to see what the firewall is doing. Also you might try in your kernel config file: options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default Which will make that everthing goes right through the filewall as default. I personally don't use this options and rather prefer to "allow" things. > Now, one thing I did not try was the custom firewall_type=/etc/ipfw.conf you > suggested. I had already tried direct rules in the rc.conf and passing the > "open" parm to the firewall_type. No joy. That's not enought, because that does not setup NAT by itself. > I agree with your first statement though. The more I work with this thing the > less and less it appears to be a DNS thing. And you are right, I do want to use > my ISPs DNS server and not my own (I think). The problem you are having is that you have a dual homed machine that you use as a router. Your windows client forward the IP packets to the FreeBSD box via one interface and the FreeBSD box forwards them to the Internet over the other interface. So far everything probably goes fine, however... When the internet responds with it sends it to the interface of the FreeBSD box which in turn has to send it through the interface of the local network to get to your windows clients. I am suspecting that this last part is were the problem is. To solve this properly you need NAT because you windows clients have different IP's and you probably have only one (or two) static IP that come with the cable modem connection. Read the mentioned pages of the The Complete FreeBSD book and follow the setup as Greg tells you to. It should work, but don't leave out any steps! I am that sure that it works because I just set it up TODAY! Hope this help more! Don't worry, be Kneppie! Jan -- Jan Knepper Smartsoft, LLC 88 Petersburg Road Petersburg, NJ 08270 U.S.A. http://www.smartsoft.cc/ http://www.mp3.com/pianoprincess Phone : 609-628-4260 FAX : 609-628-1267 FAX : 303-845-6415 http://www.fax4free.com/ Phone : 020-873-3837 http://www.xoip.nl/ (Dutch) FAX : 020-873-3837 http://www.xoip.nl/ (Dutch) In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe <forsythe@alum.mit.edu> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39C57F04.6C6AD2E9>