Re: Help with IP masquerading

To: "Benjamin T. White" <bewhite@bgsm.edu>
Cc: debian-user@lists.debian.org
Subject: Re: Help with IP masquerading
From: Craig Sanders <cas@taz.net.au>
Date: Wed, 21 May 1997 09:50:07 +1000 (EST)
Message-id: <Pine.LNX.3.96.970521091316.2604M-100000@siva.taz.net.au>
In-reply-to: <v01530500afa75bf84c77@[152.11.185.23]>

On Tue, 20 May 1997, Benjamin T. White wrote:

> **I can not do domain name resolution with my new setup** The ip
> masquerading seems to work with most network traffic. Packets sent by
> IP number are forwarded appropriately. I can telnet and use my web
> browser on my macs if I use IP numbers. DNS resolution works great on
> the linux box, and I have triple checked the nameserver addresses on
> the macs. When I do a name lookup on the mac I can see the modem SD
> light periodicly lighting up, so I assume that DNS queries are being
> sent, but now replys. I can do a name lookup on the linux system
> without difficulty. The nameservers on both machines are configured
> identically.
>
> The kicker: booting with my old slackware setup fixes this problem,
> without changing anything on the macs.

DNS is one of the limitations of masquerading.  It doesn't work.

The solution is to install bind on your linux machine (make it use your
ISP as a forwarder). It's actually pretty easy with debian - the install
script asks a few simple questions and configures it for you. For just a
forwarding name server you wont need to ever do any more configuration
of bind.

Most Linux documentation advises against running bind, saying that it's
way too difficult to configure. Nothing could be further from the truth.
It was true that a few years ago (when much of the Linux net docco was
first being written) that bind was quite unstable, but it's never been
terribly difficult to get running. Nowadays, it's very stable and,
with the debian package, is probably one of the easiest things to get
working....it only takes a few minutes at most.

IMO, the benefits of having a local caching name server far outweigh the
"difficulty" of installing it.

once that's done, configure the Macs to use the Linux machine.

BTW, if you're using diald you'll probably want to configure it so that
it doesn't bring up the link every time you want to resolve a name. But
you'll want to do that whether you're running bind or not.

craig

--
craig sanders
networking consultant                  Available for casual or contract
temporary autonomous zone              system administration tasks.

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Follow-Ups:
- Re: Help with IP masquerading
  - From: Ben White <bewhite@bgsm.edu>
- Re: Help with IP masquerading
  - From: Francois Gouget <fgouget@club-internet.fr>
- Re: Help with IP masquerading
  - From: Lars Hallberg <lah@micropp.se>

References:
- Help with IP masquerading
  - From: bewhite@bgsm.edu (Benjamin T. White)

Prev by Date: loadkey problem after upgrade
Next by Date: Re: Metrolink Motif
Previous by thread: Help with IP masquerading
Next by thread: Re: Help with IP masquerading
Index(es):
- Date
- Thread