Hello again, Earlier (On Sat, May 14, 2016 at 01:38:18PM -0400) I wrote: > ... > > On the freedombox: > > $ sudo netstat -anp | egrep :53 > udp 0 0 0.0.0.0:5353 0.0.0.0:* > 354/avahi-daemon: r > udp6 0 0 :::5353 :::* > 354/avahi-daemon: r > > So it looks like the freedombox is not listening to port 53. What do I need > to do to the internal machines so that dns queries are forwarded to the > freedombox and are propagated from there to the intenet?
Upon further research. I find in the manual (https://wiki.debian.org/FreedomBox/Manual) that the dns ports should be enabled. The file /usr/lib/freedombox/first-run.d/90_firewall contains this: firewall-cmd --zone=internal --permanent --add-service=dns So to make sure that this was actually executed I did it again from the shell. I got a warning that dns was already running, so why doesn't netstat show port 53? Might this have something to do with the fact that when I first booted the apu1d4 it was not in the final configuration? (at the time it was only connected to a standalone computer via one internal interface and there was nothing on the other 2) Is this what first-run means? But then, dns is apparently running already. Where else can I look? Might this be related to dhcp and since I don't run dhcp on the internal network, dns is not quite set up properly? All interfaces have been assigned static IP numbers. I've even gone back to the interface configuration screen and added the address of the router at the external interface as the "DNS server" but netstat returns the same 2 lines shown above. Interestingly, this does not add a default route, which is probably as it should be, as when ppp is started, it adds a default route, but will not do so if one exists already. In any case, whether the external (whichever one it is) is up or down should make the dns queries fail at that level, but I suspect that as far as the internal interfaces go, port 53 should be listening. That way, when a proper route is set up (say by ppp) with proper dns servers set up, the packets would go where they're supposed to. This brings a bigger issue: has it been considered how to set up the external interfaces if there can be more than one? If say, the primary external interface (in my case the Ubiquiti router) is not available (as it is not right now) and I wish to use the ppp connection as a backup, how is/should the routing be handled? Should external interfaces be deactivated manually so that only one is available at any time? Should smart routing be implemented based on available bandwidth if more than one external interface is up? Bonding for more bandwidth? Yes, I know that these questions are refinements for further down the road and that I'm spoiled with hardware that has 3 ethernet interfaces and 2 usb ones. What I would really like to know how to do now is to have the dns packets from the internal network go through. I suspect that something is not quite configured right since netstat doesn't show port 53 as listening. > I've tried to keep is simple on the internal network by not using dhcp (I use > the /etc/hosts file) and pointing the resolver to the NAT router, now the > freedombox. The internal machines run Debian wheezy and jessie. Can anyone help? Any hints as to what else to try? Thanks. _______________________________________________ Freedombox-discuss mailing list Freedombox-discuss@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss