I think my network configuration is OK, and the fact that I can connect
to the internet from the 10 subnet if I use the IP address eg.
http://66.102.7.147 and I get the google page displayed, this means
that IP Masquerading is working OK.
So the problem is that my DNS is not resolving domain names on the 10
subnet (it works OK when I'm surfing on the DNS box itself).
I've attached my named.conf entry.
On Mon, 2004-08-23 at 21:50, Christopher Sawtell wrote:
> On Mon, 23 Aug 2004 21:46, David Upex wrote:
> > Because I've got two nics (plus a modem) on the my linux box, I thought
> > the two network cards they would have to be on seperate subnets. Is this
> > not correct?
> That is correct.
> The size of the sub-net is defined by the net's mask.
>
> so you could have your nets on ( say ) 192.168.10.xxx and 192.168.11.yyy
> and both nets would then have 24 bit masks. i.e. 255.255.255.0
>
> > I must say I'm no sys admin.
> >
> > On Mon, 2004-08-23 at 21:21, Rik Tindall wrote:
> > > modify your addresses to the same network:
> > >
> > > eg. 192.168.10.1 & ..10.2
> > >
> > > & let us know any change
> > >
> > > David Upex wrote:
> > > >Hi,
> > > >
> > > >I've set up a linux firewall (shorewall) running a DNS and I want to
> > > >allow a Win2K box to connect to the internet. The connection between my
> > > >XP box and my linux firewall is using wifi.
> > > >
> > > >My firewall has both a ethernet card (192.168.11) and a wifi card
> > > >(192.168.10) installed.
> > > >I've setup a nameserver on the linux box.
> > > >
> > > >I can connect to the internet from Windows if I type the IP address of
> > > >the website, but it won't resolve domain names.
> > > >
> > > >I think the problem is in my DNS configuration.
> > > >
> > > >Can anyone offer some suggestions?
> > > >
> > > >I get the following from /var/log/messages:
> > > >
> > > >Aug 23 20:36:02 basil named[6767]: listening on IPv4 interface lo,
> > > >127.0.0.1#53
> > > >Aug 23 20:36:02 basil named[6767]: listening on IPv4 interface eth0,
> > > >192.168.11.1#53
> > > >Aug 23 20:36:02 basil named[6767]: listening on IPv4 interface ra0,
> > > >192.168.10.1#53
> > > >Aug 23 20:36:02 basil named[6767]: listening on IPv4 interface ppp0,
> > > >218.101.97.66#53
> > > >Aug 23 20:36:02 basil named[6767]: command channel listening on
> > > >127.0.0.1#953
> > > >Aug 23 20:36:02 basil named[6767]: zone 0.0.127.in-addr.arpa/IN: loaded
> > > >serial 1
> > > >Aug 23 20:36:02 basil named[6767]: zone 10.168.192.in-addr.arpa/IN:
> > > >loaded serial 200408221
> > > >Aug 23 20:36:02 basil named[6767]: dns_master_load: revp.192.168.11:6:
> > > >ignoring out-of-zone data (10.168.192.in-addr.arpa)
> > > >Aug 23 20:36:02 basil named[6767]: dns_master_load: revp.192.168.11:18:
> > > >ignoring out-of-zone data (1.11.168.192.in-arpa)
> > > >Aug 23 20:36:02 basil named[6767]: dns_master_load: revp.192.168.11:19:
> > > >ignoring out-of-zone data (2.11.168.192.in-arpa)
> > > >Aug 23 20:36:02 basil named[6767]: zone 11.168.192.in-addr.arpa/IN:
> > > >could not find NS and/or SOA records
> > > >Aug 23 20:36:02 basil named[6767]: zone 11.168.192.in-addr.arpa/IN: has
> > > >0 SOA records
> > > >Aug 23 20:36:02 basil named[6767]: zone 11.168.192.in-addr.arpa/IN: has
> > > >no NS records
// Config file for caching only name server
//
// The version of the HOWTO you read may contain leading spaces
// (spaces in front of the characters on these lines ) in this and
// other files. You must remove them for things to work.
//
// Note that the filenames and directory names may differ, the
// ultimate contents of should be quite similar though.
options {
directory "/var/named";
allow-query {
192.168.10/24;
192.168.11/24;
localhost;
};
// forward only;
// forward first;
// forwarders {
// 210.55.24.14;
// 210.55.24.8;
// };
// Uncommenting this might help if you have to go through a
// firewall and things are not working out. But you probably
// need to talk to your firewall admin.
// query-source port 53;
};
controls {
inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
};
// Master DNS servers
zone "." IN {
type hint;
file "named.root";
};
// Localhost addresses
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "revp.127.0.0";
allow-update { none; };
};
zone "rebelchicken.net" IN {
// this is the authoritive server for
// rebelchicken.net info
type master;
file "zone.net.rebelchicken";
allow-update { none; };
};
zone "11.168.192.in-addr.arpa" {
// this is the authorative server for
// the 192.168.11.0 network
type master;
file "revp.192.168.11";
};
// Reverse name resolution for wireless link
zone "10.168.192.in-addr.arpa" {
// this is the authorative server for wireless net
// the 192.168.10.0 network
type master;
file "revp.192.168.10";
};
