DNS I can use

Rich Ernst rernst at rernst.com
Thu Jun 24 07:01:18 PDT 2004


Thank, Emile!

We'd forgotten to open UDP port 53 as well as TCP, that was the fix!

Rich

Emile Aben wrote:

> Hi Rich,
> 
> Hard to tell from a distance what the exact problem
> is,
> maybe some troubleshooting tips might help you
> further:
> * Is your machine really using DNS to resolve
> hostnames?
> Resolving is configurable through /etc/nsswitch.conf
> (Linux, HP-UX) or /etc/host.conf (FreeBSD)
> * Is your /etc/resolv.conf working?
> Just type 'nslookup' on the cmd-prompt -> you should
> see the first nameserver you have configured in
> resolv.conf
> * Is resolving working
> 'nslookup www.linux.org' should give you the
> IP-address for www.linux.org
> 
> For the first 2 steps -> check your configfiles
> For step 3: Use tools like 'tcpdump' to see if actual
> traffic is going out of the external interface and
> check if you have firewall-rules that might block DNS
> traffic (both UDP/53 and TCP/53 are used in DNS).
> 
> Another thing you could try is implementing a
> caching-only DNS server on this machine. Plenty of
> HOWTO's available on how to do that.
> 
> hope this helps,
> Emile
> 
> --- rernst at san.rr.com wrote:
> 
>>Thanks, somethings blocking me still.
>>
>>This is a dedicated port outside our network so I
>>can do updates and/or virus scans on computers
>>without risking infecting our LAN.
>>
>>I can go to a website via IP address, but not name. 
>>I tried the qualcomm ones but no luck, perhaps
>>something else is amiss here, I'll keep at it.
>>
>>Thanks,
>>
>>Rich
>>
>>----- Original Message -----
>>From: Michael J McCafferty
>><mike at m5computersecurity.com>
>>Date: Tuesday, June 22, 2004 9:54 am
>>Subject: Re: DNS I can use
>>
>>
>>>You can find the addresses with nslookup of course
>>
>>(or dig) !!!
>>
>>>... But, you might find you can't do recursive
>>
>>lookups if you are 
>>
>>>not on 
>>>their network.
>>>ns1.san.rr.com
>>>ns2.san.rr.com
>>>ns.west.cox.net
>>>ns.east.cox.net
>>>
>>>Why not use the resolver that you get with your
>>
>>Internet 
>>
>>>connection. For 
>>>example: If you have a T1 from Qwest you can use
>>
>>ns.qwest.com
>>
>>>When I need to do something like that from my
>>
>>colo, I use the 
>>
>>>colo's name 
>>>servers.
>>>
>>>Here are a few that I just found for you that seem
>>
>>to do recursive 
>>
>>>from 
>>>anywhere.
>>>signals.qualcomm.com            192.35.156.212
>>>ns2-west.qualcomm.com   192.35.156.19
>>>
>>>
>>>At 09:21 AM 6/22/2004 -0700, you wrote:
>>>
>>>>I need an external DNS I can use for occasional
>>
>>lookups outside 
>>
>>>my site.
>>>
>>>>I think someone recommended either Cox's or 
>>>
>>>TimeWarner/Roadrunner's, but 
>>>
>>>>haven't found their addresses.
>>>>
>>>>Thanks,
>>>>
>>>>Rich
>>>>
>>>>
>>>>--
>>>>  http://www.kernel-panic.org
>>>>  list archives
>>
>>http://www.kernel-panic.org/cgi-bin/ezmlm-cgi?4
>>
>>>>  To unsubscribe, send a message to the address
>>
>>shown in the 
>>
>>>list-unsubscribe
>>>
>>>>  header of this message.
>>>
>>>
> ************************************************************
> 
>>>Michael J. McCafferty
>>>Principal, Security Engineer
>>>M5 Hosting
>>>858-576-7325 Voice
>>>http://www.m5hosting.com
>>>
>>
> ************************************************************
> 
>>>
>>>-- 
>>> http://www.kernel-panic.org
>>> list archives
>>
>>http://www.kernel-panic.org/cgi-bin/ezmlm-cgi?4
>>
>>> To unsubscribe, send a message to the address
>>
>>shown in the list-
>>
>>>unsubscribe  header of this message.
>>>
>>>
>>
>>
>>-- 
>>  http://www.kernel-panic.org
>>  list archives
>>http://www.kernel-panic.org/cgi-bin/ezmlm-cgi?4
>>  To unsubscribe, send a message to the address
>>shown in the list-unsubscribe
>>  header of this message.
>>
>>
> 
> 
> 
> 
> 		
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail is new and improved - Check it out!
> http://promotions.yahoo.com/new_mail
> 



More information about the KPLUG-List mailing list