[ale] DNS woes w/Devil Linux
Joe Knapka
jknapka at kneuro.net
Mon Feb 16 13:48:36 EST 2004
Hi everyone,
As I reported recently, I've started using Devil Linux to route
between my home LAN, wireless net, and cable connection. All is going
well, but I've discovered a strange issue that may or may not be
Devil-Linux-specific; maybe someone here has a clue.
Devil runs a cache-only DNS server (BIND 9) that is, by default,
visible only to machines on the internal network. I want that DNS
server to service the wireless network as well (which I've configured
as the "DMZ" net, making appropriate changes to the firewall rules to
have the "DMZ" actually be treated as a distinct internal network).
I have changed the firewall rules to allow connections on the wireless
interface at port 53 (both TCP and UDP), and I've also changed BIND's
configuration to make it listen on both the internal and the wireless
interfaces. "lsof" reveals that named is in fact listening on both
interfaces. From the internal net, "nslookup" et al can successfully
resolve names using the router's named. Furthermore, from a machine on
the wireless net I can telnet to port 53 on the router and get
connected. (I know DNS uses UDP, but this fact seems to validate
that the firewall rules are opening the correct ports.)
Still, DNS lookups from the wireless network to the router fail with
"timeout, no servers could be reached". Iptables doesn't log
any rejects during a lookup attempt, but named just won't
answer the phone.
Can anyone suggest other things I might need to check/reconfigure?
Thanks,
-- Joe Knapka
More information about the Ale
mailing list