Re: Problem with IPFilter/IPNAT

• Previous message: Aymeric MUNTZ: "bind CTRL-ALT+DEL action"
• In reply to: Alex de Kruijff: "Re: Problem with IPFilter/IPNAT"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Sat, 30 Jul 2005 22:10:57 +0300
To: freebsd-questions@freebsd.org

* On 30/07/05 15:20 +0200, Alex de Kruijff wrote:
> On Sat, Jul 30, 2005 at 01:41:52PM +0300, Odhiambo Washington wrote:
> > I am using IPFilter and IPNat on several FreeBSD boxes. They are mostly
> > configured the same.
> >
> > Each box has two interfaces, public and internal, and acts as a router
> > to the LAN which is 'behind' it. The LAN machines use the FreeBSD as the
> > gateway, as well as a DNS server. I run cache-only config.
> >
> > The problem I have is that when, for any reason, the public link goes
> > down, the machines on the LAN timeout when communicating.
>
> It sound like there tying to lookup hostnames via DNS or something like
> this.
>
> Are you able to ping them with there ip addresses?
> Are you able to ping them with there host names?

Ping by IP addresses works.
However, I have not tried ping by hostname since I have not setup any
DNS or host entries for the machines on the LAN. I did not think this is
a "REQUIREMENTS" at all. Is it??

So is this a DNS problem that I can resolve by just using /etc/hosts
entries, maybe?

Does my ipnat rules look okay?

-Wash

http://www.netmeister.org/news/learn2quote.html

--
+======================================================================+
    |\      _,,,---,,_     | Odhiambo Washington    <wash@wananchi.com>
Zzz /,`.-'`'    -.  ;-;;,_ | Wananchi Online Ltd.   www.wananchi.com
   |,4-  ) )-,_. ,\ (  `'-'| Tel: +254 20 313985-9  +254 20 313922
  '---''(_/--'  `-'\_)     | GSM: +254 722 743223   +254 733 744121
+======================================================================+
It is said that the lonely eagle flies to the mountain peaks while the
lowly ant crawls the ground, but cannot the soul of the ant soar as
high as the eagle?
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

• Previous message: Aymeric MUNTZ: "bind CTRL-ALT+DEL action"
• In reply to: Alex de Kruijff: "Re: Problem with IPFilter/IPNAT"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: Page cannot be found ... I have been trying to help someone with a similar problem, ping of yahoo ... line "Internet Explorer Q824145 size 1.23mb used occasionally last used ... > winsock getting corrupted by installation of software can be other ... > IP address automatically", click on the DNS tab, disable DNS here, click ... (microsoft.public.windows.inetexplorer.ie6.browser) Re: Cant see out to .co.uk from inside my .local domain (forward l ... Well I removed the entry from my hosts file and issued a ping command to both ... network only from the server which I changed the hosts file for. ... Indeed is it even a DNS issue. ... (microsoft.public.windows.server.sbs) Re: HTTP trouble in 2004 ... In this way, all DNS ... how does this server resolve external ... They are just HTTP ... > Ping in ALLOW PING protool from EXTERNAL to INTERNAL ... (microsoft.public.isaserver) Re: iptables udp and output ... Ping can be a nice tool to help troubleshoot the network with. ... If those are incoming connection requests, you could specify that they're ... DNS traffic is UDP. ... (comp.os.linux.security) Re: Multiple Domains and 1 is not working ... likely) in Internet Explore ... > If I ping either address: ALPHASITE.com points to the internal IP: ... but merely a DNS zone/domain name. ... You cannot have a DNS resolution point to both an internal ... (microsoft.public.windows.server.dns)