Hi,
I'm currently trying to debug a network problem which i noted at the url
http://docs.google.com/View?id=dfmqnmjq_8863d6sxcd and i paste it down.
Network config
1 machine, running pfsense
* [wan ip 158] assigned to wan interface
* [wip155] assigned as virtual ip to wan interface, proxy arp
* [wip156] assigned as virtual ip to wan interface, proxy arp
* [wip157] assigned as virtual ip to wan interface, proxy arp
1 machine, running debian
* [lan ip 155] assigned statically (eth1)
* [lip 156] assigned statically (eth1:1)
* [lip 157] assigned statically (eth1:2)
* (eth0 is down)
1:1 Nat of all wips to lips
* [wip155] <-> [lip155]
* [wip156] <-> [lip156]
* [wip157] <-> [lip157]
Other
* A single packet filter rule, accept all
* No shaping rule
* powerdns running on debian, bound to 0.0.0.0
The problem
when I try to resolve a domain name from outside with
host www.mydomain.com [wip156]
I cannot get an answer, but,
host www.mydomain.com [wip155]
is working.
Diagnosis
I shut down pdns, and,
* I use netcat to transfer a file over UDP, to port 53 of [wip155],
file being transferred successfully
* I use netcat to transfer a file over UDP, to port 53 of [wip156],
file is NOT transferred successfully (stops after some random
number of bytes)
* I use netcat to transfer a file over UDP, to port 54 of [wip156],
file IS transferred successfully
I added a rule for [wip156]:53 -> [lip156:54] to further test, still
netcat test fails
Teporarily I solved it by adding a rule for [wip156]:53 -> [lip155]:53.
Notes
* these tests fail regardless of the proto is UDP or TCP
* I tried both with dns forwarder on and off
I appreciate all kind suggestions,
Thanks.
--
Can Burak Cilingir
