> > >does anybody have a proxy-arp dmz and also running tinydns & dnscache? > > > > > >thought that I'd resolved this sometime ago; but, tonight, for life of > > >me, I cannot get dmz hosts to resolve addresses for remote internet > > >sites solely via tinydns-public and dnscache ;< tinydns tries to > > >resolve the name and gives up, without so much as asking dnscache. as a > > >test, I do same query from the internal network and dnscache answers > > >immediately. > > > > > >actually, if I add other remote dns servers to /etc/resolv.conf on dmz > > >hosts, then it works. > > > > > >oddly enough, netware servers on the dmz do not exhibit this problem . . > > > > You may want to give us information about your resolv.conf file on the > > failing DMZ machine, then try to debug with nslookup or the more recent > > bind tools (dig, hosts...). > > This does *not* work: > > nameserver 64.4.197.65 > search PlatinumAire.net > > > This does work: > > nameserver 64.4.197.65 > nameserver 207.7.4.66 > nameserver 207.7.4.67 > nameserver 207.112.196.69 > nameserver 206.54.244.3 > nameserver 206.54.244.2 > search PlatinumAire.net > > > Remember, 64.4.197.65 resolves the tinydns-public domain > (PlatinumAire.net) properly; but, will not goto dnscache to resolve > remote domains . . .
You have to point the DMZ systems at the IP of dnscache, *NOT* tinydns, as tinydns does not do recursive queries. I think that's the root of your problem. Switch the IP in your non-working DMZ resolv.conf to the IP used by hosts on your internal network, and the DMZ systems should be able to resolve names. NOTE: You also need to tell dnscache it's OK to answer queries from the DMZ address space, if you haven't already. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
