[ previous ] [ next ] [ threads ]
 
 From:  "Lee Sharp" <leesharp at hal dash pc dot org>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] DNS not forwarding
 Date:  Tue, 24 Jan 2006 21:41:50 -0600
From: "Jack Pivac" <email at delphinus dot co dot nz>
> Lee Sharp wrote:
>> From: "Jack Pivac" <email at delphinus dot co dot nz>
>>> Lee Sharp wrote:

>>>> Did you try the "net stop" above?  I know it seems wrong, but did you 
>>>> make sure?  Another way is to try "nslookup" and see if changing DNS 
>>>> within nslookup works.  When you change DNS in the IP properties, it 
>>>> flushes the DNS cache, and I think that is what's actually fixing it. 
>>>> And if you have a occasional problem that breaks the cache on one 
>>>> windows machine, it will also do it to others.

>>> Yeah I did try that, and also tried changing DNS within nslookup with 
>>> 'server x.x.x.x'

>> And this did not fix (even temporarily) the problem?  Then try pointing 
>> the m0n0wall DNS manually at 198.6.1.1 and 4.2.2.2 and overriding the 
>> ones provided by DHCP.  This will insure that your m0n0wall is getting a 
>> good lookup.

> My IP is static, so the monowall should always be getting a good lookup... 
> and the lookup actually "works" for monowall.
> example:

> from monowall admin page > ping
> try to ping google.com, it resolves the IP perfectly.

> PING google.com (64.233.187.99) from 202.27.186.18: 56 data bytes
> 64 bytes from 64.233.187.99: icmp_seq=0 ttl=245 time=348.544 ms

> ***Now on my client linux pc***
> from konsole > nslookup
> server set to monowall IP
> google.com - request times out

> cale (one of my pc names manually added to list to override)
> Name:   cale.delphinus.co.nz
> Address: 192.168.10.100
> (all correct - resolving local names but not outside names)

> so i change dns server to my ISP's
> > server 202.37.101.1
> Default server: 202.37.101.1
> Address: 202.37.101.1#53
> > google.com
> Server:         202.37.101.1
> Address:        202.37.101.1#53

> Non-authoritative answer:
> Name:   google.com
> Address: 72.14.207.99
> Name:   google.com
> Address: 64.233.187.99

I take it all back.  This is not on the client. :-)  Check in the m0n0wall 
http://your.server.address/status_interfaces.php and see if you have any 
errors in/out or collisions.  If that is clean, get the ultimate boot cd 
http://ubcd.sourceforge.net/ and boot it on the m0n0wall to test ram and 
cpu.  If all that tests good, do a test just like above, and save a 
status.php and we can look.  This is the first time I have seen this problem 
be the m0n0 box.

>>> Do you know _why_ it breaks it on other computers as well? i'm 
>>> curious....

>> This one is easy.  The DNS cache in Windows is about as stable as my 
>> ex-girlfriend.  If a lookup fails, it falls over to the secondary.  It 
>> will never fall back to primary unless the secondary fails.  If you get a 
>> corrupted lookup, it will stay in the cache.  If you get a failed lookup 
>> back from your DNS server, it will STAY failed in the cache, unless there 
>> is a flush or a timeout.  In general, when my internet connection is 
>> poor, the first thing I do is turn off the DNS cache.  It just saves 
>> headaches.

> But would this cause _all_ pc's on the network to stop DNS requests 
> working?

If they are active at the time? Yes.  And with Automatic Updates, e-mail, 
and other stuff, idle machines are often "active."

                        Lee