[ previous ] [ next ] [ threads ]
 
 From:  "Brian Buys" <bbuys at tritel dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] DNS forwarding issue
 Date:  Tue, 7 Sep 2004 13:25:49 -0600
I double-checked my firewall rules, and went through line after line of
firewall logs.  I can't see any dns blocks occuring that have anything to do
with any machines on my lan.

I was looking more closely at the config.xml file, and as I enabled/disabled
the DNS Forwarder option in m0n0 (services_dnsmasq.php) I went to the
status.php page and could not find any changes occuring in the config.xml,
dhcpd.conf or resolve.conf files.  Shouldn't some kind of change occur in
some configuration file when the DNS forwarder is turned on or off?  Could
someone correct me if I am looking in the wrong place to see this change
happen?

TIA

Brian

----- Original Message ----- 
From: "Fred Williams" <A20FBW1 at wpo dot cso dot niu dot edu>
To: <m0n0wall at lists dot m0n0 dot ch>; <bbuys at tritel dot com>
Sent: Thursday, September 02, 2004 3:22 PM
Subject: Re: [m0n0wall] DNS forwarding issue


> Hello,
>
> I had a similar experience but it turns out the problem was self
> inflicted (at least it appears to have been so far). I implemented a
> poorly written rule set which prevented one of the machines behind m0n0
> from successfully communicating with the external DNS server. I am
> *guessing* (so please correct me if I am wrong/incomplete etc) that once
> the offending rule took effect and the client sent an ICMP UNREACHABLE
> message out, and the gateway got that message...that killed all DNS
> queries from m0n0 as well...
> So once I corrected the rule and rebooted m0n0 everything was ok
> again.
>
> Fred
>
> >>> "Brian Buys" <bbuys at tritel dot com> 9/1/2004 3:37:02 PM >>>
> Hello all,
>
> Recently I upgraded to the 1.1 version of m0n0 (cd-rom image) and I
> have been very impressed.  An interesting thing has happend though, and
> I was hoping to get some insight as to what might be going on.
>
> A couple of days ago, my dhcp clients lost DNS services.  I have DNS
> forwarding enabled on m0n0, and am using it as my DHCP server.  I went
> through a number of steps to regain the DNS functions through the DHCP,
> but to no avial.  Rebooted the router (several times),
> disabled/re-enabled DNS forwarding, deleted/re-entered DNS server
> entries in the General setup page, ipconfig /release/renew/flushdns on
> the clients, rebooted the clients, etc.  Currently, I have hardcoded the
> DNS servers in each client as a work-around.
>
> I tried going back to 1.0 and restoring my old config, and that didn't
> help either.  I even went so far as to build a new config.xml from the
> ground-up last night, so now I'm not even sure it's a problem with m0n0.
>  If it is not, then I apologize for being off-topic, but I would like to
> be sure that m0n0 is doing what it is supposed to.
>
> So I guess I have a two-part question, really.  First, how can I tell
> if DNS forwarding is working properly in m0n0.  Second, is there
> anything in the following config info that looks out-of-place?
>
> Below you will find the full text from my resolv.conf and dhcpd.conf
> files, as well as related segments of the config.xml file.
>
> Thanks in advance,
>
> Brian
>
>       resolv.conf
> domain domain.com
> nameserver 206.81.128.1
> nameserver 204.147.80.5dhcpd.conf option domain-name "domain.com";
> default-lease-time 7200;
> max-lease-time 86400;
> authoritative;
> log-facility local7;
> ddns-update-style none;
> subnet 192.168.150.0 netmask 255.255.255.0 {
> pool {
> range 192.168.10.51 192.168.150.150;
> }
> option routers 192.168.150.1;
> option domain-name-servers 192.168.150.1;
> default-lease-time 72000;
> max-lease-time 86400;
> } <system>
>               <hostname>host</hostname>
>               <domain>domain.com</domain>
>               <dnsallowoverride/>
>               <username>user</username>
>               <password>xxxxx</password>
>               <timezone>MST</timezone>
>               <time-update-interval>300</time-update-interval>
>               <timeservers>pool.ntp.org</timeservers>
>               <webgui>
>                   <protocol>http</protocol>
>                   <port/>
>               </webgui>
>               <dnsserver>206.81.128.1</dnsserver>
>               <dnsserver>204.147.80.5</dnsserver>
>           </system>
>
>
> <dhcpd>
>         <lan>
>             <enable/>
>             <range>
>                 <from>192.168.150.51</from>
>                 <to>192.168.150.150</to>
>             </range>
>             <defaultleasetime>72000</defaultleasetime>
>             <maxleasetime>86400</maxleasetime>
>         </lan>
>     </dhcpd>
>
> <dnsmasq>
>         <enable/>
>         <hosts>
>             <host>ftp</host>
>             <domain>domain.com</domain>
>             <ip>192.168.150.250</ip>
>             <descr>DNS Entry for FTP Server</descr>
>         </hosts>
>         <hosts>
>             <host>mail</host>
>             <domain>domain.com</domain>
>             <ip>192.168.150.250</ip>
>             <descr>DNS entry for Mail Server</descr>
>         </hosts>
>         <hosts>
>             <host>www</host>
>             <domain>domain.com</domain>
>             <ip>192.168.150.250</ip>
>             <descr>DNS Entry for WWW Server</descr>
>         </hosts>
>     </dnsmasq>
>