Re: [leaf-user] dnscache vs. dmz ???

Sat, 12 Oct 2002 15:10:45 -0700 

OK, it gets more interesting ;>

[1] As you know, here is a summary of the dcd:

    root@bluetrout:/etc
    # ip addr
     . . .
    7: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
        link/ether 00:a0:c9:9e:57:70 brd ff:ff:ff:ff:ff:ff
        inet 192.168.1.254/24 brd 192.168.1.255 scope global eth0
    8: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
        link/ether 00:a0:c9:9e:64:83 brd ff:ff:ff:ff:ff:ff
        inet 64.4.197.65/26 brd 64.4.197.127 scope global eth1
    17: wan1: <POINTOPOINT,NOARP,UP> mtu 1500 qdisc pfifo_fast qlen 100
        link/ppp
        inet 64.4.222.157 peer 64.4.222.158/32 scope global wan1
        inet 64.4.197.99/32 scope global wan1
        inet 64.4.197.100/32 scope global wan1
        inet 64.4.197.101/32 scope global wan1
    
    # ip route
    64.4.222.158 dev ipsec0  proto kernel  scope link  src 64.4.222.157
    64.4.222.158 dev wan1  proto kernel  scope link  src 64.4.222.157
    64.4.197.64/26 dev eth1  proto kernel  scope link  src 64.4.197.65
    192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.254
    192.168.123.0/24 via 64.4.222.158 dev ipsec0
    default via 64.4.222.158 dev wan1

[2] This is czar, a SuSE server on the dmz:

    root@czar:~
    # ip addr
     . . .
    2: eth0: <BROADCAST,PROMISC,NOTRAILERS,UP> mtu 1500 qdisc pfifo_fast qlen 100
        link/ether 00:10:4b:af:ae:e2 brd ff:ff:ff:ff:ff:ff
        inet 64.4.197.69/26 brd 64.4.197.127 scope global eth0
        inet6 fe80::210:4bff:feaf:aee2/10 scope link
    
    # ip route
    64.4.197.64/26 dev eth0  proto kernel  scope link  src 64.4.197.69
    default via 64.4.197.65 dev eth0

    # cat /etc/resolv.conf
    nameserver 192.168.1.254
    search PlatinumAire.net

[3] As it turns out, some name resolution stuff works (e.g., nslookup);
    but, other stuff does *NOT* work (e.g., host, dig, ping).  tcpdump
    output is here:

    <http://www.helices.org/tmP/bluetrout.tcpdump.txt>

[4] I need help understanding what is going on in lines like this:

       64.4.197.69 > 64.4.197.65: icmp: 64.4.197.69 udp port 32868 unreachable [tos 
0xc0]

    I am confused with both icmp and udp specified on same line ???

Clearly, I am very close to accomplishing my task!

What do you think?

-- 

Best Regards,

mds
mds resource
888.250.3987

Dare to fix things before they break . . .

Our capacity for understanding is inversely proportional to how much we think we know. 
 The more I know, the more I know
I don't know . . .


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Reply via email to