Thank you, for your participation . . .
Ray Olszewski wrote:
>
> Sorry to jump into this late.
>
> You say:
>
> >[4] I need help understanding what is going on in lines like this:
> >
> > 64.4.197.69 > 64.4.197.65: icmp: 64.4.197.69 udp port 32868
> > unreachable [tos 0xc0]
> >
> > I am confused with both icmp and udp specified on same line ???
>
> I believe what this reports is an icmp "Destination unreachable" packet.
> The rest of it -- "64.4.197.69 udp port 32868" -- is part of the *content*
> of the icmp packet and tells you what (a udp port on a host) is unreachable.
>
> Since the message is coming from 64.4.197.69, which you identify as your
> SuSE server, to your LEAF router (64.4.197.65), I'd *guess* that either the
> SuSE host has nothing listening on port 32868 -OR- it is running a firewall
> that causes (some) packets to that port to be REJECT'ed. But that comment
> comes without looking at the context of the packet.
64.4.197.69 (SuSE server) is not running any firewall software. tcpdump
is running on that same box listening on eth0.
> In the context of the actual tcpdump output you linked to ... since the DNS
> request is coming *from* port 32868 on the SuSE server, it (the requesting
> app, that is) should be listening on that port for a reply. And whenyou run
> "nslookup", indeed it does listen. But not when you run "host". So it's
> probably not the firewall; more likely a problem with "host".
To keep things simple, I used host; but, same behaviour with dig . . .
> I confess to a bit of confusion about what does and does not work. From the
> tcpdump file you link us to, I see that --
>
> "host" does not work
> "nslookup" does work
> "ping" does work
> "dig" is not tested.
>
> But below, you say that ping does NOT work. Which is it?
Sorry. ping works using ip address; but, fails with fqdn. Everything
appears to function properly on this network, except name resolution --
except for nslookup, which somehow works in spite of else . . .
I have updated
<http://www.helices.org/tmP/bluetrout.tcpdump.txt>
to illustrate this. I have also included from same server:
netstat -lnp
> From what you provided, I don't see why nslookup would work but not host.
> Perhaps now you will be able to spot the problem, with your question about
> the interpretation of the icmp packet addressed. Good luck.
Hence my confusion.
This all started with my desire to use one (1) instance of dnscache to
service both an internal and dmz network. This appears to be working,
except for the answer dnscache returns to the dmz is not _always_
getting through ;<
What do you think?
--
Best Regards,
mds
mds resource
888.250.3987
Dare to fix things before they break . . .
Our capacity for understanding is inversely proportional to how much we
think we know. The more I know, the more I know I don't know . . .
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
