DNS

• Previous message (by thread): BGP Homing Question
• Next message (by thread): DNS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have a friend whom has a problem with we believe DNS.  In this case the
ISP is NTL.  He has a stateful firewall and is running NAT you can see from
the tcp dump below that he sends the query to one DNS server but another
responds thus breaking the firewall state and therefore it never resolves.
Should the provider have the forwarding option on there servers or does he
need to punch another hole in his firewall.

 

cheers

 

 

09:23:01.216136 80.2.189.69.53 > 194.168.8.100.53:  54051+ [1au][|domain]

(DF)

09:23:01.534353 194.168.4.100.53 > 80.2.189.69.53:  54051[|domain] (DF)
09:23:01.534618 80.2.189.69 > 194.168.4.100: icmp: 80.2.189.69 udp port 53 

unreachable [tos 0xc0]

09:23:11.238123 80.2.189.69.53 > 194.168.8.100.53:  12113+ [1au][|domain]

(DF)

09:23:11.414372 194.168.4.100.53 > 80.2.189.69.53:  12113[|domain] (DF)
09:23:11.414606 80.2.189.69 > 194.168.4.100: icmp: 80.2.189.69 udp port 53 

unreachable [tos 0xc0]

09:23:19.634810 80.2.189.69.53 > 194.168.8.100.53:  9737+ [1au][|domain]

(DF)

09:23:19.643883 194.168.4.100.53 > 80.2.189.69.53:  9737[|domain] (DF)
09:23:19.644127 80.2.189.69 > 194.168.4.100: icmp: 80.2.189.69 udp port 53 

unreachable [tos 0xc0]

 

 

 

Paul Gilbert 

Router Management Solutions, Inc.

www.routermanagement.com

work:   5167666068

mobile: 5164564983

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20040827/eb830e12/attachment.html>

• Previous message (by thread): BGP Homing Question
• Next message (by thread): DNS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]