[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: bind and address rewriting

Hash: SHA1

A long time ago, in a galaxy far, far way, someone said...

> Hello,
> I have a linux box (Debian 2.2, kernel 2.2.17) running as an ISDN dial-on-
> demand gateway to my ISP. The ISP is assigning dynamic IP adresses, and I
> have address rewriting enabled (echo 2 > /proc/sys/net/ipv4/ip_dynaddr).
> UDP packets from my internal network arriving for port 53 of the NS of my
> ISP are masqueraded and routed through the ippp device.
> On my main linux box (also Debian 2.2), I have a local caching-only
> nameserver installed (bind8) which forwards to the NS of my IP.
> Now, when bind tries to resolve a domain name and wants to connect to the
> forwarding NS, the UDP packet is masqueraded correctly and triggers the
> PPP dial-out to my ISP. But finally, the UDP packet gets dropped out there
> because no address rewriting is done for UDP packets to match the newly
> assigned IP address of the ippp interface.

If no address rewriting is done you need to check your ipchains rules.

Can you post them here?

- -- 
- ----------------------------------------------------------------------
Phil Brutsche				    pbrutsch@tux.creighton.edu

GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D  7E5E FD94 D264 50DE 1CFC
GPG key id: 50DE1CFC
GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org


Reply to: