Re: [m0n0wall] Setting Authoritative DNS Server to Server across VPN

From:	Mat Murdock <mmurdock underscore lists at kimballequipment dot com>
To:	Chris Buechler <cbuechler at gmail dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Setting Authoritative DNS Server to Server across VPN
Date:	Wed, 19 Apr 2006 20:47:42 -0600

I will try this.  I was wondering if you could educate me a little bit 
on what this means, and what it might affect.

There's an annoying but mostly harmless side-effect to this - every LAN
packet to the tunnel elicits a no-change ICMP Redirect.

Thanks,

Mat

Chris Buechler wrote:
> On 4/19/06, Mat Murdock <mmurdock underscore lists at kimballequipment dot com> wrote:
>   
>>    I have two m0n0wall's setup with a vpn connecting the two.  This is
>> up and running just fine.  What I would like to do, using DNS forwarder,
>> is set the authoritative DNS server for a specific domain  This DNS
>> server would be a machine that is on the other side of the VPN Tunnel.
>> What I think is happening is that m0n0wall cannot access the server
>> because it can't reach that server because it doesn't know how to route
>> that DNS request through the vpn.  However from a client connected to
>> that very m0n0wall I can ping the server just fine.  In other words I
>> think it's sending the request directly out of the WAN port and not
>> thought the LAN port which would then direct it over the vpn tunnel.
>>
>>     
>
> Yeah, see this:
> http://doc.m0n0.ch/handbook/faq-snmpovervpn.html
>
> should fix this as well.
>
> -Chris
>