Sherine wrote:
> > > > > I'm having the strangest problem. I am able to ping everything else in my
> > > > > ISP's LAN except their DNS from my firewall/proxy and hence users on my
> > > > > LAN cannot go out on the INTERNET...ANYBODY know what is happening?
> > > >
> > > > Your ISP probably does, but there's no reason to believe that anyone
> > > > else will.
> > > >
> > > > One possible reason is that their DNS server may have been configured
> > > > not to respond to pings. If you wish to test whether you can use their
> > > > DNS server, try using nslookup or dig. It only matters that it
> > > > responds to DNS requests; whether it responds to a ping is irrelevant.
> > >
> > > So you are saying that's probably not the reason why the users can't
> > > browse?
> >
> > It may be related, i.e. if the DNS server is completely unreachable,
> > you won't be able to ping it or send it DNS queries. However, it's
> > possible to disable replying to ping requests, but still reply to DNS
> > queries.
>
> I don't remember if I had already send this mail before but when I use the
> command "dig" I get the following "res_send to server
> default--aaa.bb.ccc.d: Connection timed out"
Then it appears that you can't communicate with it at all.
> P.S The DNS is up and running because as I said before, I pinged it from
> a windoze machine external to my LAN but uses an ip address in the same
> block as the external NIC of the firewall/proxy?
Maybe something is misconfigured on the firewall, e.g. routing tables
or firewall rules.
Does using nslookup with the `-vc' switch work?. In order to use
nslookup/dig via UDP, you have to allow inbound UDP packets for *all*
ephemeral ports.
Also, if you are running BIND-8.1.* from behind a firewall, you have
to configure named.conf to use a specific source port for DNS queries.
By default, it uses an ephemeral port (whereas 4.9.* used port 53).
--
Glynn Clements <[EMAIL PROTECTED]>
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
