On Fri, 5 Jul 2002, Brock Nanson wrote: > > Date: Thu, 04 Jul 2002 20:45:32 -0700 > > From: Alan Silvester <[EMAIL PROTECTED]> > > To: [EMAIL PROTECTED] > > Subject: [leaf-user] DNS problem > > > > Hi > > > > I've got my Bering firewall working, but there's a small > > problem with DNS lookups. My ISP's mail and news servers are > > "shawmail" and "shawnews". When I ping these from the > > firewall, they are resolved to shawmail.cg.shawcable.net and > > shawnews.ok.shawcable.net. However, if I ping shawmail / > > shawnews from a LAN computer, I get an unknown host error > > (pinging the fqdn works). How do I get this to work? I'm > > running tinydns (private only) and dnscache on the firewall. > > > > Thanks, > > --Alan > > Hi Alan, > > I'm on the Shaw network as well. I don't have tinydns going on my box, > so there may be (likely is) a more elegant way to fix this with tinydns. > What I did was simply put the long 'shawmail.cg.shawcable.net' name in > my email client and the equivalent news name in the newsreader. You > were almost there with your ping tests! > > I suspect (and others can correct if I'm wrong) that dnscache adds > whatever your 'network' is called to the shawmail or shawnews names > before querying the dns server. So it's likely looking for > 'shawmail.private.domain' or 'shawmail.localhost.localdomain' and > failing as expected. I imagine that you could add these entries to > tinydns and have it work the 'right' way. > > This is something I've been curious about but never needed to resolve. > This, and the relationship with resolv.conf (specifically the 'search' > entry).
See my email yesterday, "Re: [leaf-user] Re: [Leaf-devel] problem with bering host lookups" for a discussion of how resolv.conf fits into the name lookup process on the router. Alan: You need your client computers to use the same "search" list as the router (because you are happy with the behavior of the router). If you are using static IPs on your LAN, you can modify your client machines' configurations to have the same domain "search" order (in Linux with /etc/resolv.conf, in Windows using the DNS tab of the TCP/IP properties for the ethernet card). If you use dhcp on your LAN, things are tougher because th DCHP spec doesn't currently support telling the clients what domain search order to use.[1] There are hacks to get around this, but you are probably better off using the full domain names of these sites. Note that it is probably not a good idea to tell the clients that their network name is "shawcable.net", since they are actually on an internal network that should have its own private name. [1] http://arsinfo.cit.buffalo.edu/FAQ/faq.cgi?pkg=ISC%20DHCP&cat=Configuration#115 --------------------------------------------------------------------------- Jeff Newmiller The ..... ..... Go Live... DCN:<[EMAIL PROTECTED]> Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/Batteries O.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --------------------------------------------------------------------------- ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Bringing you mounds of caffeinated joy. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
