On Sat, Sep 25, 1999 at 10:10:32AM -0500, Lance Hoffmeyer wrote: > > I have a server that dials into the internet with a client attached on a home > network. My IP MASQ is working and the > client can connect to the internet, but only using IP Addresses. The client > cannot connect using domain names.
Hi Lance, that means your DNS isn't working at all (its work is precisely to convert domain names to real IPs!) > So , the connection is 10.254.2.2 --eth0---> 10.254.2.1----ppp----> internet > > If I type nslookup from the server I get: > > Default Server: ns2.us.prserv.net > Address: 165.87.201.244 Perhaps you said your DNS that its (first) forwarder is ns2.us.prserv.net. A forwarder is generaly the ISP's DNS, which, because of the great amount of request it gets, contains most of the regular IPs you need; so if you use a forwarder, it will first look to its records to see if it has the right IP within; and if not, it will query the ROOT.SERVERS, which are the source of *all* correspondances between names & IPs. > I'm really not sure where this comes from but I know that if I remove it and > put something else in it's place I am not > able to browse the web or fetch email. What can I try so that the client can > connect via domain names and not just > IP Addresses? First, DNS is acting under UDP protool, second you need to let it pass through the firewall (and return too ;). MY firewall says: let anything, any protocols pass within the LAN; then, for the INPUT from WEB, it says: let ALL UDP packets on ports [1024-5999] & [6011-65535] pass (hole is to secure X Window). The OUTPUT chains says: let ALL UDP packets, external destination port = domain (port 53), PASS. Then, then MASQuerade says: MASQuerade from LAN to WEB, source LAN, DEST anywhere, UDP/domain(53) PASS. Hope it will help JY -- Jean-Yves F. Barbier <[EMAIL PROTECTED]> %DCL-MEM-BAD, bad memory VMS-F-PDGERS, pudding between the ears
