>> Are you using "hosts" files on both the SRC and DST machines? > >Yes. At least, they are there, and I believe I am using them. >That is my intent anyway, and there is no named running anywhere >(though I do have bind-8.2.2 installed for its other utilities, >such as hostname and friends).
You can easily test this. Edit the /etc/hosts file on a machine in question and add an entry like:
1.2.3.4 www.yahoo.com
Save the file and close it. Then, try pinging www.yahoo.com. What IP does it
resolve to? If it resolves to 1.2.3.4, your system is using the /etc/hosts file. The question is.. if you let the PPPd link go down and you do a
"nslookup 1.2.3.4", does the PPP link come back up? I bet it does which is a problem.
>> To prove this to yourself, run TCPDUMP on eth1 of the MASQ server >> and then try the telnet from MASQ client #1 to client #2 by >> name. What does the MASQ server see? > >Ok, will do this. Question: When you say eth1, what are you >actually referring to? I have to network interfaces other than >lo: ppp0, which is the "external network", and wlan0, which is >the wireless NIC/access point. Are you saying run it on the NIC >that supports the internal net (in this case, wlan0), or somehow >attach it to some other interface that isn't already in use?
Ok, you would run tcpdump on the ppp0 interface.
>Well, I had that idea in mind; but I can't seem to find any guidance >on how to do that. Any pointers? Been all over the pppd included >docs, and done a bunch of web searching, but so far, finding nothing.
Well.. I've done Diald stuff in the past and it was an excellent tool but this was before the days of PPPd having it's own dial-on-demand support.
http://www.ecst.csuchico.edu/~dranch/PPP/linux-diald-optimal.txt
Googling around, all of the info is very OLD but it seems that people have had good luck with the PPPd stuff but it's no where as flexible as the Diald stuff. Demand filtering *IS* supported on Linux (2.4.2b3) [contrary to all the OLD info out on the Inet] but there weren't any good filtering examples. So, what I recommend is to take a Diald example and convert it to PPPd filtering syntax.
That or just use Diald.
>I stabbed at actually running bind on the MASQ machine, but started >getting very afraid with named.conf. After I had it about 90% set up, >I believe, I said "why am I enduring this when everything on earth >tells me I should be able to do this with /etc/hosts files?"
It's not that bad. Though it wouldn't be for a caching DNS setup, my TrinityOS Section-24 might be helpful:
http://www.ecst.csuchico.edu/~dranch/LINUX/TrinityOS/cHTML/TrinityOS-c-24.html
>I've only got the 5 machines (AP + 4), so scaling shouldn't produce >dreadfully poor results (and I don't plan to add any more machines).
The problem with /etc/hosts is that I don't think it works for REVERSE DNS requests. Because of this, the link MUST come up for the reverse request. Setting up a local DNS setup will fix that.
>Last item on this: When I have an /etc/resolv.conf that looks like: > >domain home.org >nameserver 127.0.0.1 >nameserver 206.246.194.10 (my ISP DNS) > >telnet and ftp go to ppp0. When I don't have the second nameserver >entry, they don't, but any name that ISN'T one on my local net >(say, ftp ftp.netscape.com) generates a name resolution error, as >I would expect it to do.
Yup.. that makes sense. If you had a local DNS server, all local DNS traffic would stay local and thus keep the PPP link down. But, if there was any non-local DNS requests, the link would come up as expected.
--David .----------------------------------------------------------------------------. | David A. Ranch - Linux/Networking/PC hardware [EMAIL PROTECTED] | !---- ----! `----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----'
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
