Re: [m0n0wall] Are TCP DNS queries possible?

From:	"Neil A. Hillard" <m0n0 at dana dot org dot uk>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Are TCP DNS queries possible?
Date:	Tue, 13 Sep 2005 23:12:15 +0100

Hi,

>>> I need m0n0 to respond to TCP DNS queries. Does anyone know if
>>>this  is
>>> possible or if there's a workaround to permit this functionality?
>>>
>> Just checked on mine and it does respond to TCP queries (with the
>> default LAN can access anything rule):
>>
>> [root]# host -T www.google.com 192.168.1.1
>> Using domain server:
>> Name: 192.168.1.1
>> Address: 192.168.1.1#53
>> Aliases:
>>
>> www.google.com is an alias for www.l.google.com.
>> www.l.google.com has address 66.249.93.104
>> www.l.google.com has address 66.249.93.99
>>
>>
>> Confirmed this with a packet capture, too.  This is on 1.2b9.
>
>I can nslookup just fine; it's the MS SMTP service that's won't talk
>UDP for me. Or so it seems. If on these W2K boxes I use an upstream
>DNS, it works fine. Switching to m0n0 DNS breaks only the SMTP
>lookups; all other services are fine.

The -T forces host to use a TCP connection, not UDP.  I have verified
that m0n0wall responds to a TCP query with a packet capture using
ethereal.

You may like to suggest to Microsoft that they fix their broken
software.  It should use UDP queries to start with and it would seem
that its TCP queries are broken, too.

I'd suggest that you get a packet capture (install ethereal on the
server - doesn't need a reboot or anything) and see exactly what's going
on and whether you're getting a SYN-ACK, RST or nothing at all from
m0n0wall.

You haven't stated which version of m0n0wall you're using.


                                Neil.

-- 
Neil A. Hillard                E-Mail:   neil at dana dot org dot uk
                               Web:      http://www.dana.org.uk/