Ray,
I was able to connect to the pop server using telnet it seemed to take quite a while
to get a response but I was able to retreive and read the test message sent to
lrpqmail.
>
>I don't know your setup well enough to tell you what is going on in
>the
>Shorewall DROP log, but since it involves ports 67 and 68, it has
>something
>to do with DHCP leases, not anything to do with POP3.
I was getting a lot of log entries from DHCP queries so I added the DROP to stop the
logging of the rejects.
>
>Last thing ... the tcpdump output you sent indicates that after the
>POP3
>connection is initiated, the POP3 server is trying to do a reverse
>lookup
>on the source IP address. Several packets indicate this, the first
>being --
>
>16:37:26.524013 192.168.10.1.59258 > 192.168.1.254.53: 28701+
>
>PTR? 1.10.168.192.in-addr.arpa. (43) (DF)
>
>The router responds with a "port unreachable" packet:
>
>16:37:29.547086 192.168.10.254 > 192.168.10.1: icmp:
>192.168.10.254 udp port 53 unreachable [tos 0xc0]
>
>This certainly indicates some sort of a configuration error, but not
>knowing the details of your setup, I can;t say what that error is.
>It does
>make me guess that the POP3 server does not reply, after the initial
>reply,
>because it cannot do a lookup on the IP address. Or ... a blue-sky
>thought
>here ... how long do you wait before giving up? DNS failures can, in
>some
>cases, cause delays of up to 3 minutes in responses.
>
What would be the proper way for the router to reply to this reverse lookup?
/etc/hosts on the router looks like this:
127.0.0.1 localhost.kroffts.home localhost
192.168.1.254 markii
192.168.1.1 coventry.kroffts.home coventry
192.168.10.1 www.kroffts.com dmz kroffts_web
/etc/resolv.conf on router:
domain kroffts.home
nameserver 127.0.0.1
nameserver 192.168.1.254
/etc/hosts on dmz:
127.0.0.1 localhost
192.168.1.254 markii
192.168.10.1 kroffts_web.kroffts.com kroffts_web mail.kroffts.com
191.168.1.1 coventry.kroffts.home coventry
/etc/resolv.conf on dmz:
domain kroffts.com
nameserver 127.0.0.1
nameserver 192.168.1.254
nameserver 192.168.10.254
What can you tell me about The /etc/tinydns-private/root/data file from the router?
Does this look correct?
kroffts.home::localhost
1.168.192.in-addr.arpa::localhost
+markii.kroffts.home:192.168.1.254 <the router>
=mail.kroffts.com:192.168.10.1 <the dmz host>
I am not running any DNS daemons on the dmz. Should I be? I had wanted to use DHCP to
configure the DMZ host but I could not get it to work on two separate networks. I know
it should, but it didn't so I set up the eth0 on the dmz host as static.
from the /etc/network/interfaces file on the dmz host:
auto eth0
iface eth0 inet static
address 192.168.10.1
masklen 24
broadcast 192.168.10.255
gateway 192.168.10.254
Thanks again,
Kory
-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id�78&alloc_id371&op=click
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
