Just to avoid the spread of misinformation ... ident and reverse DNS have
NOTHING to do with each other. They are two different ways of verifying (or
trying to) that a connecting host is what it says it is. Making the changes
that Phillip suggests will not address Troy's problem.
As to the proposed fixes themselves ...
Deleting an entry from /etc/nsswitch.conf (I assume Phillip means on the
LEAF router) will not "fix" a reverse DNS problem. In general, it will
create one *on the router*, since it will now not know how to do reverse
lookups. If you make this change alone, look for 3-minute delays during
boot/init for some apps as the symptom of the problem you introduced.
Adding an entry to /etc/hosts will usually (but not always - lookups by MTAs
are the common exception) deal with both forward and reverse name-resolution
problems (it's not called DNS when done with a hosts file; DNS is a
service), but only for lookups done by the host that the /etc/hosts file is
on. Adding entries to the router's host table won't help the ftp server do
lookups.
Getting back to ident ... there was an extended discussion of ident (also
called auth) on the linux-router list about 18 months ago. Rick Onanian and
I, and I think others, spent some time actually generating common problems
and testing solutions using the then-current versions of LRP. Anyone who
wants the technical details should search the archives for that discussion.
As to getting ftp "working" ... that's too complicated a question to address
here, beyond noting that Troy's situation is (or appears to be) one in which
the LEAF system routes but does not NAT, and that getting an ftp *client* to
work is completely different from getting an ftp *server* to work.
For more details, I'd suggest downloading and reading
ftp://ftp.echogent.com/docs/FTP_and_Firewalls.pdf
At 11:53 AM 11/28/01 -0600, [EMAIL PROTECTED] wrote:
>
>
>I didn't understand any of that, but here is what I found.
> I was unable to get ftp working thru the router without the ports
>above 1024 open.
>
>As far as a slow connection, it seems reverse dns was causing
>this. Port 113, auth, has something do with reverse dns.
>Removing the dns entry in /etc/nsswitch.conf solved the
>problem.
>
>However, it seems that a proper entry in /etc/hosts like
> MyExternAddr MyDomain.private.network MyDomain mr rtr
>may also have cleared up the reverse dns problem
--
------------------------------------"Never tell me the odds!"---
Ray Olszewski -- Han Solo
Palo Alto, CA [EMAIL PROTECTED]
----------------------------------------------------------------
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
