Good day, Thanks for your reply!
I'll have to try out a WINS server, then. This should suffice for the Windows clients, and any non-WINS using machines will probably have open source clients that one could change if they didn't work. I actually tried to block the DNS requests to the external servers already. The Windows client didn't actually make its way down to the ppp-provided servers, and just gave up trying to resolve the name after trying the first two (external) servers. I think this is because the Windows resolver expects a reply from any server within a certain period of time, so it doesn't get that far in the list. Ugh. Unless there's some way for the users to manually rotate their DNS servers on the client-side (I recall this being possible back with WINIPCFG on 95/98/ME) I think I'll have to experiment with some iptables trickery to redirect DNS requests to the internal servers. Any other suggestions would be welcome. Thanks again, ============================ Darren Gamble Planner, Regional Services Shaw Cablesystems GP 630 - 3rd Avenue SW Calgary, Alberta, Canada T2P 4L4 (403) 781-4948 -----Original Message----- From: Alexandru Molodoi [mailto:[EMAIL PROTECTED] Sent: June 14, 2004 12:58 PM To: [EMAIL PROTECTED] Subject: RE: PPP DNS server preference? Yes, a WINS would solve your problem, but only for internal machines that are configured to use the WINS. Another silly way to force your XP clients to use only the DNS you offer through option.l2tpd is to discard packets (on the FreeSWAN gateway) with source address as your remote clients and to udp:53 going through external interface, so they will end up querying your internal DNS, after a short timeout. I would love to find a better way to solve this problem. Alexandru Molodoi IT CONSULTANT, Pointersoft ROMANIA Tel: +4021 337.02.60 Mobil: +4 0723.153.833 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Gamble Sent: Monday, June 14, 2004 8:00 PM To: '[EMAIL PROTECTED]' Subject: PPP DNS server preference? Good day, Thanks to some helpful suggestions on this list, I've managed to get l2tpd working with Fedora Core 2 and connected a Windows XP client with the native client. There's more work to be done on the server side, but, I'm having a DNS problem on the Windows XP client end. The problem is that the client needs to resolve names of machines that are on the internal LAN, which are only resolvable on the internal DNS servers. I've supplied these servers in my options.l2tpd file, and confirmed that the client gets them (I can see them listed on the client's PPP adapter configuration with "ipconfig"). The problem is that the client is still using its "Internet" DNS servers as its primary resolvers. If I try to resolve a name, it does not get as far as the PPP-supplied ones. If I ask the client to directly use the internal servers with nslookup the resolution works properly, of course, but, that does not help with other applications. I realize that l2tpd is (most likely) working properly, but, I was hoping that someone on the list might have some experience with this situation and would be willing to provide some help. I'm sure that I can't be the first person to encounter this issue. Would a WINS server help? What about some funky iptables packet redirection to send DNS packets at the right servers? Thanks in advance! ============================ Darren Gamble Planner, Regional Services Shaw Cablesystems GP 630 - 3rd Avenue SW Calgary, Alberta, Canada T2P 4L4 (403) 781-4948