Rick
this is possibly a shot in the dark...
At 14:54 29.06.2004, Tibbs, Richard wrote:
Dear List: Recently I had quite a difficult time getting dnscache to work in a campus network environment. In other applications, e.g. a SOHO environment using an ISP, the "stock" Bering 1.2 setup seems to work, that is, in lrcfg options as follows:
3(packages) 8(dnscache) 3(Set to YES to set DNScache log on, default=NO) = YES 3(packages) 8(dnscache) 4(Set to YES to set FORWARDONLY on, default=NO) = NO 3(packages) 8(dnscache) 5(ISP DNS addresses when FORWARDONLY is on) = empty file And /etc/resolv.conf contains the ISPs DNS servers.
But in the campus net, *only* the following worked, arrived at by trial and error:
AFAIK dnscache in _not_ forwarding mode uses the root servers to find suitable name servers. This may be blocked on your campus, so forwarding to the campus DNS server will solve this problem.
3(packages) 8(dnscache) 3 = NO 3(packages) 8(dnscache) 4 = YES 3(packages) 8(dnscache) 5 = campus DNS server(s)
My questions are: What is meant by "Dnscache log on" exactly? Is this a server-to-server or a client-server transaction? (Also, it seems the default is actually YES rather than NO.)
I guess its meaning is _dnscache_log_on_
Is FORWARDONLY the same as setting a forwarder on, say, Windows 2003 server DNS? Is this a server-to-server or a client-server transaction?
client-server server-server is on zone transfers.
If anyone knows, are the transactions above recursive, iterative, or something else?
Off-thread, but any help on how to set up Bind9 on a linux box on the external side of Bering to work with the FORWARDONLY option would be appreciated.
Bind is a completely different animal, rather complex and without knowledge _what_exactly it is you want to do I would frown on this. I guess you would find ample help at the IT staff on your campus to set up Bind.
Then, why set the Bind box _outside_ your LEAFed perimeter? DMZ might be a good idea.
HTH Erich
THINK P�ntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16
------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
