On Thu, Dec 21, 2000 at 08:57:04AM -0600, Jason Watson <[EMAIL PROTECTED]> wrote:
> i did the "dig . soa" and this was the response:
>
> ; <<>> DiG 8.2 <<>> . soa
> ;; res options: init recurs defnam dnsrch
> ;; res_nsend to server default -- 127.0.0.1 connection timed out
>
> does this mean that my local dns server is unable to query the root dns
> servers ?
Yep, you should get something like below. I have a guess that your
external router is not NATing UDP packets. DNS uses UDP for queries
(and TCP for zone transfers, but you don't need to worry about these
in this case).
Now, if this is the case, you won't get any further with off-site DNS
primary/secondaries as your queries to them will suffer the same fate.
Could you try removing the external router and configuring e-smith to
use the external address which the router was using?
Here's what dig should return:
; <<>> DiG 8.2 <<>> . soa
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 13
;; QUERY SECTION:
;; ., type = SOA, class = IN
;; ANSWER SECTION:
. 18h27m50s IN SOA A.ROOT-SERVERS.NET.
hostmaster.nsiregistry.NET. (
2000122001 ; serial
30M ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
;; AUTHORITY SECTION:
. 3d22h3m53s IN NS L.ROOT-SERVERS.NET.
. 3d22h3m53s IN NS M.ROOT-SERVERS.NET.
[...]
Gordon
> -----Original Message-----
> From: Gordon Rowell [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, December 20, 2000 8:29 PM
> To: Jason Watson
> Cc: [EMAIL PROTECTED]
> Subject: Re: [e-smith-devinfo] Test internet connection - fails
>
>
> On Wed, Dec 20, 2000 at 03:56:39PM -0600, Jason Watson <[EMAIL PROTECTED]>
> wrote:
>
> > I am having a problem with e-smith 4.1 b2. I have the server setup
> > in server-gateway mode. One nic is in my local 10.x.x.x network and
> > the external nic is in a 172.16.x.x network that has an ip that is
> > NAT'd out to the internet as 208.x.x.x
>
> Sounds fair so far.
>
> > Now I am able to ping the box from the internet(but not brows to it), but
> > when I run the "Test internet connection" it fails. I think that this is
> > because it does not know what my dns servers are.
>
> Well, the caching DNS server knows about the root servers and that
> should be sufficient for it to start and resolve names.
>
> > is this correct or am I missing something else like being a NAT'd
> > address ?
>
> As long as your NAT is properly configured to NAT the UDP packets from
> DNS queries, you should be fine.
>
> > and what should I do to fix this ?
>
> Please try
>
> dig . soa
>
> and see what you get.
>
> > should i be running in server only mode since i am not trying to
> > protect my network ?
>
> That should not make a difference to this. I would suggest
> server-gateway and have your LAN clients on your "internal" interface.
>
> Gordon
> --
> Gordon Rowell [EMAIL PROTECTED]
> http://www.e-smith.org (development) http://www.e-smith.com (corporate)
> Phone: +1 (613) 564 8000 ext. 4378 Fax: +1 (613) 564 7739
> e-smith, inc. 1500-150 Metcalfe St, Ottawa, ON K2P 1P1 Canada
>
> --
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
> --
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
Gordon Rowell [EMAIL PROTECTED]
http://www.e-smith.org (development) http://www.e-smith.com (corporate)
Phone: +1 (613) 564 8000 ext. 4378 Fax: +1 (613) 564 7739
e-smith, inc. 1500-150 Metcalfe St, Ottawa, ON K2P 1P1 Canada
