From owner-freebsd-stable@FreeBSD.ORG Fri Oct 29 17:48:01 2004 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4E29C16A4CE for ; Fri, 29 Oct 2004 17:48:01 +0000 (GMT) Received: from dsl-mail.kamp.net (mail.kamp-dsl.de [195.62.99.42]) by mx1.FreeBSD.org (Postfix) with SMTP id 657C743D39 for ; Fri, 29 Oct 2004 17:48:00 +0000 (GMT) (envelope-from root@pukruppa.de) Received: (qmail 9797 invoked by uid 513); 29 Oct 2004 17:48:04 -0000 Received: from root@pukruppa.de by dsl-mail by uid 89 with qmail-scanner-1.21 Clear:RC:1(213.146.114.24):SA:0(-4.9/5.0):. Processed in 0.61378 secs); 29 Oct 2004 17:48:04 -0000 X-Spam-Status: No, hits=-4.9 required=5.0 Received: from unknown (HELO reverse-213-146-114-24.dialin.kamp-dsl.de) (213.146.114.24) by dsl-mail.kamp.net with SMTP; 29 Oct 2004 17:48:04 -0000 Date: Fri, 29 Oct 2004 19:48:01 +0200 (CEST) From: Peter Ulrich Kruppa X-X-Sender: root@pukruppa.net To: cpghost@cordula.ws In-Reply-To: <20041029160255.GA783@bsdbox.farid-hajji.net> Message-ID: <20041029194604.G798@pukruppa.net> References: <20041026141721.X816@pukruppa.net> <20041029090017.I827@pukruppa.net> <20041029160255.GA783@bsdbox.farid-hajji.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed cc: freebsd-stable@freebsd.org Subject: Re: ppp -nat broken [solved] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Oct 2004 17:48:01 -0000 On Fri, 29 Oct 2004 cpghost@cordula.ws wrote: > On Fri, Oct 29, 2004 at 09:52:51AM +0200, Peter Ulrich Kruppa wrote: >> On Tue, 26 Oct 2004, Peter Ulrich Kruppa wrote: >> learn that named and BIND have changed. I did the respective >> changes and edited two entries in /var/named/etc/named/named.conf >> 1) I commented >> listen-on {127.0.0.1;}; > > Instead of opening a 53/tcp, 53/udp port to the world (ANYADDR), > you may prefer to restrict the address range to your internal LAN only, > with something like (replace 192.168.10.0/24 accordingly): > > listen-on { 127.0.0.1; 192.168.10.0/24; }; > > Check with 'sockstat -46' to be sure. > >> 2) I put my two nameserver IPs (from /etc/resolv.conf) into >> forwarders { >> 195.62.99.42; >> 195.62.97.177; >> }; > > They are not absolutely necessary: named is perfectly able to > query root and other servers itself. You could experiment with > or without forwarders, and pick the configuration that is faster > for you. As a general rule of thumb: Forwarders are good for > recursive queries, because only one query will travel through > your ADSL link, other queries being done by your ISPs nameservers. > They are also good, because you can profit from your ISPs nameservers' > cache. But they can hinder performance, should one or both of those > nameservers be down for whatever reason. Both works perfectly well, another thanks! Uli. > > Cheers, > cpghost. > > -- > Cordula's Web. http://www.cordula.ws/ > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > +---------------------------+ | Peter Ulrich Kruppa | | Wuppertal | | Germany | +---------------------------+