 From:  "Fred Williams"
 To:  m0n0wall mailing list
 Subject:  Re: [m0n0wall] DNS forwarding issue
 Date:  Thu, 02 Sep 2004 16:22:42 -0500

I had a similar experience but it turns out the problem was self
inflicted (at least it appears to have been so far). I implemented a
poorly written rule set which prevented one of the machines behind m0n0
from successfully communicating with the external DNS server. I am
*guessing* (so please correct me if I am wrong/incomplete etc) that once
the offending rule took effect and the client sent an ICMP UNREACHABLE
message out, and the gateway got that message...that killed all DNS
queries from m0n0 as well...
So once I corrected the rule and rebooted m0n0 everything was ok


>>> "Brian Buys" <bbuys at tritel dot com> 9/1/2004 3:37:02 PM >>>
Hello all,

Recently I upgraded to the 1.1 version of m0n0 (cd-rom image) and I
have been very impressed.  An interesting thing has happend though, and
I was hoping to get some insight as to what might be going on.  

A couple of days ago, my dhcp clients lost DNS services.  I have DNS
forwarding enabled on m0n0, and am using it as my DHCP server.  I went
through a number of steps to regain the DNS functions through the DHCP,
but to no avial.  Rebooted the router (several times),
disabled/re-enabled DNS forwarding, deleted/re-entered DNS server
entries in the General setup page, ipconfig /release/renew/flushdns on
the clients, rebooted the clients, etc.  Currently, I have hardcoded the
DNS servers in each client as a work-around.  

I tried going back to 1.0 and restoring my old config, and that didn't
help either.  I even went so far as to build a new config.xml from the
ground-up last night, so now I'm not even sure it's a problem with m0n0.
 If it is not, then I apologize for being off-topic, but I would like to
be sure that m0n0 is doing what it is supposed to.

So I guess I have a two-part question, really.  First, how can I tell
if DNS forwarding is working properly in m0n0.  Second, is there
anything in the following config info that looks out-of-place?   

Below you will find the full text from my resolv.conf and dhcpd.conf
files, as well as related segments of the config.xml file.

Thanks in advance,


domain domain.com
nameserver option domain-name "domain.com";
default-lease-time 7200;
max-lease-time 86400;
log-facility local7;
ddns-update-style none;
subnet netmask {
	pool {
	option routers;
	option domain-name-servers;
	default-lease-time 72000;
	max-lease-time 86400;
} <system>


            <descr>DNS Entry for FTP Server</descr>
            <descr>DNS entry for Mail Server</descr>
            <descr>DNS Entry for WWW Server</descr>