>>> I need m0n0 to respond to TCP DNS queries. Does anyone know if
>>> possible or if there's a workaround to permit this functionality?
>> Just checked on mine and it does respond to TCP queries (with the
>> default LAN can access anything rule):
>> [root]# host -T www.google.com 192.168.1.1
>> Using domain server:
>> Name: 192.168.1.1
>> Address: 192.168.1.1#53
>> www.google.com is an alias for www.l.google.com.
>> www.l.google.com has address 220.127.116.11
>> www.l.google.com has address 18.104.22.168
>> Confirmed this with a packet capture, too. This is on 1.2b9.
>I can nslookup just fine; it's the MS SMTP service that's won't talk
>UDP for me. Or so it seems. If on these W2K boxes I use an upstream
>DNS, it works fine. Switching to m0n0 DNS breaks only the SMTP
>lookups; all other services are fine.
The -T forces host to use a TCP connection, not UDP. I have verified
that m0n0wall responds to a TCP query with a packet capture using
You may like to suggest to Microsoft that they fix their broken
software. It should use UDP queries to start with and it would seem
that its TCP queries are broken, too.
I'd suggest that you get a packet capture (install ethereal on the
server - doesn't need a reboot or anything) and see exactly what's going
on and whether you're getting a SYN-ACK, RST or nothing at all from
You haven't stated which version of m0n0wall you're using.
Neil A. Hillard E-Mail: neil at dana dot org dot uk