Marc Thomas <[EMAIL PROTECTED]> wrote:
>
> My point is that the machines on my masqueraded subnet were *NOT*
> receiving network unreachable messages when the PPP link was down.
Are you sure about that? Have you watched with tcpdump and verified
that no such messages are being sent?
> However - I now think this is because the DNS server the masqueraded
> machines are using is in the "real" internet, and the apps on the
> masqueraded machines just time out DNS requests when the link is down.
That's right. They send messages to the remote DNS server, and they
probably receive a network-unreachable reply, but that doesn't help them
to get any sort of usefule name-lookup resonse, so they just keep
trying. The assumption is that routing problems might be temporary, so
they just keep sending DNS packets and remain hopeful.
> What I think I need is to set up the Linux box as a cacheing DNS server.
That will only help a little bit. If the DNS answer is in the cache,
the Linux box can respond, then the Windows app can attempt the
connection and fail immediately with a "host unreachable" error. But if
the DNS answer is not in the cache, the Linux box itself will become the
"hopeful" one, trying to send packets to the internet and ignoring the
fact that it can't be reached. Meanwhile, the Windows client waits
hopefully from an answer from the Linux box, which never replies.
> I eventually want to get diald working as well, its just a case of
> finding the time!
I find that PPP with demand-dial works extremely well. Who needs diald?
--
[EMAIL PROTECTED] (Fuzzy Fox) || "Nothing takes the taste out of peanut
sometimes known as David DeSimone || butter quite like unrequited love."
http://www.dallas.net/~fox/ || -- Charlie Brown
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
