> /etc/resolv.conf contains: > > search cablenet-va.com /* correct, this is the DNS suffix that > shows up when I connect windoze directly to cable modem*/ > IP filters:firewall[IP Forwarding: ENABLED] > meserver 208.197.246.194 /* correct, this is second DNS server that > windoze gets via direct connect*/
OK, so your firewall is resolving names because it's talking to your ISP's DNS servers directly. > BTW, I notice that when I connect the windoze box through the firewall, > I get no DNS suffix. WOuld that matter? It shouldn't generally...only when trying to resolve unqualified host names like "mail" instead of "mail.myisp.com" > >If you're using an "out of the box" Dachstein release, and your ISP > >doesn't assign you a private IP, everything *should* work fine. Since > >you're having problems, you can either: > > > >- Configure DNSCache to do forward-only queries to your ISP (should help > >if your ISP is blocking DNS queries for some reason) > > > Hmm. How do you do this? I'm not sure, I just know you can :) Details should be on the http://cr.yp.to site. I think you've got some other sort of problem, however, so I doubt setting DNSCache to forward-only would help much. > >- Setup your internal machines to use your ISP's DNS servers (edit your > >dhcpd.conf file and switch the name-server entries), bypassing DNSCache > >entirely > > > I tried this. Under W2k pro, you can check "configure IP address > automatically" separate from "obtain DNS address automatically" > I set the DNS addrs to appropriate ones for the cable network, but still > no host resolution. This is very bad. Please *CAREFULLY* check how you tested. If your firewall can resolve names using the ISP's name servers, but your internal systems can't, it sounds like you're not getting internal traffic through the firewall to the internet, which shouldn't happen. It's fairly common these days for *NO* traffic to get out to the 'net if your ISP assigns you a private IP (blocked by default in the 'mountain' firewall rules), but you're reporting DNS traffic from the firewall working OK, and DNS traffic from the internal systems to the same DNS servers failing. Is this a correct interpretation of your several error reports? > >- Start crawling around with nslookup, dig, host, and other DNS > >debugging tools and try to find the problem. > > > Will try this later with firewall hooked back up. Film at 11. :) > >NOTE: If you re-worked *ANY* of the default configuation (ie > >re-numbered networks or similar), DNSCache could simply be > >mis-configured for your new environment... > > > Didn't do anything along these lines. Hmm...then as long as you've got a public IP from your ISP (looks like it if the two numbers you left intact on your posted IP are legit), you've got some sort of mystery problem :< What happens when you try to access the internet by IP from internal machines? Can you ping or browse to a website by IP? You can use 216.171.153.133, which is my LRP webserver...you should be able to ping this IP and typing it into your browser http://216.171.153.133 should bring up my site... Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
