Re: BIND won't resolve my IPs (not upstream or something?)
At 05:41 AM 8/9/2008, Redd Vinylene wrote: I got this FreeBSD server called mother (80.252.2.2). On it, I've made two jails, camel (80.252.2.3) and box (80.252.2.4 through to 80.252.2.127). The problem is that reverse lookups for any of the IPs preceding .4 on box fails. If I connect to IRC with .5 for instance, it times out and reverts back to .4, whose lookup works just fine. BIND runs on camel. Maybe the problem is that BIND is not upstream for all those IPs? (I don't know what that means, a friend just told me) Or that I haven't configured the reverse for any of the other IPs? I would really like to keep BIND running on camel, as its dedicated to all my vital network services, whereas box is the home of all my users, and thus expendable ;) Is there any way to modify BIND on camel, or must I set up an additional one on box? My (hopefully) relevant configuration files can be found here -- http://pastie.org/250469 -- much obliged, and thanks! You need to check that you have zone files for both forward and reverse lookups, and those zones are defined in named.conf -Derek -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BIND won't resolve my IPs (not upstream or something?)
Maybe mother's /etc/pf.conf could also be of relevance?
-
camel=80.252.2.3
box=80.252.2.4
ext_if=rl0
set block-policy return
set skip on { lo0 }
scrub in
pass out keep state
block in
pass in on $ext_if inet proto tcp from any to any port { 22 } keep state
pass in on $ext_if inet proto tcp from any to $camel port { 25, 80,
110 } keep state
pass in on $ext_if inet proto udp from any to $camel port 53 keep state
pass in on $ext_if inet proto tcp from any to $box port { 113,
6000: } keep state
pass in on $ext_if inet proto icmp from any to any keep state
-
Thanks.
On Sat, Aug 9, 2008 at 12:41 PM, Redd Vinylene [EMAIL PROTECTED] wrote:
I got this FreeBSD server called mother (80.252.2.2). On it, I've made
two jails, camel (80.252.2.3) and box (80.252.2.4 through to
80.252.2.127). The problem is that reverse lookups for any of the IPs
preceding .4 on box fails. If I connect to IRC with .5 for instance,
it times out and reverts back to .4, whose lookup works just fine.
BIND runs on camel. Maybe the problem is that BIND is not upstream for
all those IPs? (I don't know what that means, a friend just told me)
Or that I haven't configured the reverse for any of the other IPs? I
would really like to keep BIND running on camel, as its dedicated to
all my vital network services, whereas box is the home of all my
users, and thus expendable ;) Is there any way to modify BIND on
camel, or must I set up an additional one on box? My (hopefully)
relevant configuration files can be found here --
http://pastie.org/250469 -- much obliged, and thanks!
--
http://www.home.no/reddvinylene
--
http://www.home.no/reddvinylene
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BIND won't resolve my IPs (not upstream or something?)
I'm pretty sure I do, though my apologies if I'm wrong, did you check my pastie? On Sat, Aug 9, 2008 at 1:48 PM, Derek Ragona [EMAIL PROTECTED] wrote: At 05:41 AM 8/9/2008, Redd Vinylene wrote: I got this FreeBSD server called mother (80.252.2.2). On it, I've made two jails, camel (80.252.2.3) and box (80.252.2.4 through to 80.252.2.127). The problem is that reverse lookups for any of the IPs preceding .4 on box fails. If I connect to IRC with .5 for instance, it times out and reverts back to .4, whose lookup works just fine. BIND runs on camel. Maybe the problem is that BIND is not upstream for all those IPs? (I don't know what that means, a friend just told me) Or that I haven't configured the reverse for any of the other IPs? I would really like to keep BIND running on camel, as its dedicated to all my vital network services, whereas box is the home of all my users, and thus expendable ;) Is there any way to modify BIND on camel, or must I set up an additional one on box? My (hopefully) relevant configuration files can be found here -- http://pastie.org/250469 -- much obliged, and thanks! You need to check that you have zone files for both forward and reverse lookups, and those zones are defined in named.conf -Derek -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- http://www.home.no/reddvinylene ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BIND won't resolve my IPs (not upstream or something?)
At 06:55 AM 8/9/2008, Redd Vinylene wrote: I'm pretty sure I do, though my apologies if I'm wrong, did you check my pastie? On Sat, Aug 9, 2008 at 1:48 PM, Derek Ragona [EMAIL PROTECTED] wrote: At 05:41 AM 8/9/2008, Redd Vinylene wrote: I got this FreeBSD server called mother (80.252.2.2). On it, I've made two jails, camel (80.252.2.3) and box (80.252.2.4 through to 80.252.2.127). The problem is that reverse lookups for any of the IPs preceding .4 on box fails. If I connect to IRC with .5 for instance, it times out and reverts back to .4, whose lookup works just fine. BIND runs on camel. Maybe the problem is that BIND is not upstream for all those IPs? (I don't know what that means, a friend just told me) Or that I haven't configured the reverse for any of the other IPs? I would really like to keep BIND running on camel, as its dedicated to all my vital network services, whereas box is the home of all my users, and thus expendable ;) Is there any way to modify BIND on camel, or must I set up an additional one on box? My (hopefully) relevant configuration files can be found here -- http://pastie.org/250469 -- much obliged, and thanks! You need to check that you have zone files for both forward and reverse lookups, and those zones are defined in named.conf -Derek -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. Well, I never let my read of these files suffice. You should check them with the tools from bind: named-checkconf nemed-checkzone If they pass those tests, then check the resolution using just a single ip that is NOT jailed on this server using dig or nslookup. If those are working then adjust your jails. If you go step-by-step you will quickly get it working. -Derek -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
