Re: bind and address rewriting
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
A long time ago, in a galaxy far, far way, someone said...
>
> Hello,
>
> I have a linux box (Debian 2.2, kernel 2.2.17) running as an ISDN dial-on-
> demand gateway to my ISP. The ISP is assigning dynamic IP adresses, and I
> have address rewriting enabled (echo 2 > /proc/sys/net/ipv4/ip_dynaddr).
> UDP packets from my internal network arriving for port 53 of the NS of my
> ISP are masqueraded and routed through the ippp device.
>
> On my main linux box (also Debian 2.2), I have a local caching-only
> nameserver installed (bind8) which forwards to the NS of my IP.
>
> Now, when bind tries to resolve a domain name and wants to connect to the
> forwarding NS, the UDP packet is masqueraded correctly and triggers the
> PPP dial-out to my ISP. But finally, the UDP packet gets dropped out there
> because no address rewriting is done for UDP packets to match the newly
> assigned IP address of the ippp interface.
If no address rewriting is done you need to check your ipchains rules.
Can you post them here?
- --
- ----------------------------------------------------------------------
Phil Brutsche pbrutsch@tux.creighton.edu
GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D 7E5E FD94 D264 50DE 1CFC
GPG key id: 50DE1CFC
GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE52enS/ZTSZFDeHPwRAg3QAJ9OGG7fOtYxWXvdodVrtsaSOk6Q9gCgrWV9
Yz4CRSGWI67G3RZwcl7/mF0=
=zXY5
-----END PGP SIGNATURE-----
Reply to: