[rlug] dnscache

Tue, 07 Aug 2001 04:30:23 -0700 



Hello, djbdns gurus....

Am capatat un problem la dnscache, poate aveti vreo idee sau ati mai
vazut. Povestea e lunga, pe scurt suna cam asa:

192.168.0.0/20 - 192.168.48.0/20 e un VPN (care merge bine mersi cu
CIPE).

$IP la dnscache e 192.168.49.2, $IPSEND este 0.0.0.0. Cand vreau sa
rezolv ceva adrese din VPN, dnscache trimite cu 192.168.48.1 (adresa
de pe cipcb0).

Problema e ca direct merge, reverse nu. Evident, in root/servers/ am
si domeniu.com si 0.168.192.in-addr.arpa, cu serverele
corespunzatoare (sunt diferite).

void:~ # host cvs.domeniu.com
cvs.domeniu.com is a nickname for nues.domeniu.com
nues.domeniu.com has address 192.168.0.12
nues.domeniu.com has address 192.168.0.12

void:~ # host 192.168.0.12
Host not found, try again.

Chestia cea mai dubioasa abia urmeaza:

void:~ # host cvs.domeniu.com

(tcpdump pe cipcb0)

14:54:31.083093 192.168.48.1.32769 > 192.168.10.1.53: 13560 A?
cvs.domeniu.com. (28)
14:54:31.147602 192.168.10.1.53 > 192.168.48.1.32769: 13560* 2/0/0
CNAME nues.domeniu.com., A 192.168.0.12 (72) 

void:~ # host 192.168.0.12

14:56:54.924513 192.168.48.1.54841 > 192.168.0.2.53: 27406 PTR?
12.0.168.192.IN-ADDR.ARPA. (43)
14:56:54.987637 192.168.10.1.53 > 192.168.48.1.54841: 27406* 1/0/0 PTR
nues.domeniu.com. (78)
14:56:54.987731 192.168.48.1 > 192.168.10.1: icmp: 192.168.48.1 udp
port 54841 unreachable [tos 0xc0]

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

14:56:55.952665 192.168.48.1.33432 > 192.168.0.2.53: 33991 PTR?
12.0.168.192.IN-ADDR.ARPA. (43)
14:56:56.028841 192.168.10.1.53 > 192.168.48.1.33432: 33991* 1/0/0 PTR
nues.domeniu.com. (78)
14:56:56.028895 192.168.48.1 > 192.168.10.1: icmp: 192.168.48.1 udp
port 33432 unreachable [tos 0xc0] 

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Daca dau un netstat -upan, dnscache pare sa fi facut bind pe porturile
cu pricina.

Si nu e de la firewall, ca pana la urma l-am dat jos si tot asa se
intampla :-)

Singura chestie in plus ar fi ca din cand in cand, la reverse dnscache
logheaza cate un servfail (da' dintr-o inspiratie deosebita a lu' djb,
mesajul de eroare e acelasi, indiferent de ce s-a intamplat: I/O
Error).

Any clues ?

Matei
---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to 
unsubscribe from this list.

Raspunde prin e-mail lui