-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 A long time ago, in a galaxy far, far way, someone said...
> > Hello, > > I have a linux box (Debian 2.2, kernel 2.2.17) running as an ISDN dial-on- > demand gateway to my ISP. The ISP is assigning dynamic IP adresses, and I > have address rewriting enabled (echo 2 > /proc/sys/net/ipv4/ip_dynaddr). > UDP packets from my internal network arriving for port 53 of the NS of my > ISP are masqueraded and routed through the ippp device. > > On my main linux box (also Debian 2.2), I have a local caching-only > nameserver installed (bind8) which forwards to the NS of my IP. > > Now, when bind tries to resolve a domain name and wants to connect to the > forwarding NS, the UDP packet is masqueraded correctly and triggers the > PPP dial-out to my ISP. But finally, the UDP packet gets dropped out there > because no address rewriting is done for UDP packets to match the newly > assigned IP address of the ippp interface. If no address rewriting is done you need to check your ipchains rules. Can you post them here? - -- - ---------------------------------------------------------------------- Phil Brutsche [EMAIL PROTECTED] GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D 7E5E FD94 D264 50DE 1CFC GPG key id: 50DE1CFC GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE52enS/ZTSZFDeHPwRAg3QAJ9OGG7fOtYxWXvdodVrtsaSOk6Q9gCgrWV9 Yz4CRSGWI67G3RZwcl7/mF0= =zXY5 -----END PGP SIGNATURE-----