-----Original Message-----
From: Lourdes Jones <[EMAIL PROTECTED]>
To: 'Wilson Fletcher' <[EMAIL PROTECTED]>; 'linux-diald'
<[EMAIL PROTECTED]>
Date: Sunday, March 19, 2000 10:21 AM
Subject: RE: Just looking at my filters and wanted your opinions
>
>People typically want diald to close as soon possible after traffic stops
>crossing the link.
Unless they pay for the connection rather than the time. In which case they
want it to come up and stay for what they think is the expected usage on
average.
For example: It would be a nuisance if someone checked their email and then
when finished that did some browsing but that in between checking email and
beginning browsing the link dropped and required a redial just because the
timeout for pop was less that the tim eit takes to close email & open www.
>1. http 1.1 keeps the connection open (it doesn't automatically close the
>connection after a single item is downloaded).
>
>2. http is typically a series of different connections that open and close
>all the time. So !tcp.live does not mean you've stopped using http.
>
>Therefore the rule for matching http connections appears before the rule
for
>!tcp.live packets (the first rule to match is the one that is used).
>
>> In that case I have changed my catch all to be 10 minutes
>> which I would
>> guess is a waste of time since once it's finished the drop
>> off rule will
>> supercede it.
>>
>> If I am right I guess the only solution if I want POP to keep
>> the link up
>> for 10 minutes, say, would be to specifically add it. Correct ?
>
>Correct if you want pop traffic to keep the link up for 10 minutes then you
>need to add a rule for it before the keepup tcp 5 !tcp.live rule.
>
>If you don't want the drop off rule to apply to any traffic then comment it
>out.
hmmm, OK well that's cleared that up. Thanks.
>> My link comes up initailly on bootup with a domain packet
>> such as this:
>> Trigger: udp 192.168.3.49/1024 128.63.2.53/53
>
>is 192.168.3.49 the machine running diald or another machine?
>I'll assume it's the address for the diald machine in my comments below.
correct
>
>The number of possibilities is too great to count.
>
>1. if you are using bind as a caching name server it will immediately
>attempt to reach the root servers. this is normal and expected for bind.
>(just don't boot very often, or move diald so it starts long after bind has
>timed out, this may not be possible with a new fast processor, it's easily
>done with an old 486-33)
Yes I think it is bind. The number (128.63.2.53) is in fact a root domain
server (I checked it). But I do use a 486-50 for the gateway so I might look
into timing it out
BUT !!!!! Why did it go out on port 1024 ? I thought it should be 53 to 53
or is that only for Xfers ?
>
>2. if you are running sendmail and/or apache (and possibly even more
no (qmail) / yes
>daemons) they try and lookup the name of the machine they are running on.
>make sure you either have a nameserver with forward and reverse zones setup
yes
>for the machine (and the local network) or you list all the addresses the
>machine will use in the /etc/hosts file. This includes the diald proxy
>addresses.
>
>3. if you are running samba, it may try and resolve the workgroup name in
>addition to the names of the interfaces.
They are all defined in the local zone
>
>4. if you defined any firewall rules using names rather than ip addresses
>the names will need to be resolved.
No ips only.
thanks,
Wilson
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
