Hello, now more details:
----- PŮVODNÍ ZPRÁVA ----- Od: "Chuck Swiger" <cswi...@mac.com> Komu: "kapetr" <kap...@mizera.cz> Předmět: Re: BIND9 fails resolving after connecting to VPN Datum: 8.4.2011 - 23:57:10 > On Apr 8, 2011, at 2:23 PM, kapetr wrote: > >> What does: > >> > >> dig +short rs.dns-oarc.net txt > >> > >> ...do when your VPN tunnel is up? > > > > After VPN up and restart of BIND: > > > > hugo@duron650:~$ dig +short rs.dns-oarc.net txt > > ;; connection timed out; no servers could be > > reached > > > hugo@duron650:~$ > > Hmm. Your local nameservers probably are listed > in /etc/resolv.conf, otherwise consider adding > @localhost or whatever is needed to talk to them. > Something is blocking DNS traffic going via your > tunnel, presumably. > > tcpdump and traceroute might help diagnose. Or > try switching to hitting 4.2.2.2 or some other > well-known public nameserver via dig, and see > whether you can get a response from them. As I wrote before, if I change to DNS server in Internet - e.g. of my ISP, all works fine - reolving request goes over new route (== over VPN), ... I can surf, ... Just the local BIND get crazy . Details: I have changed my resolf.conf to point only to my ISPs DND servers (not 127.0.0.1 = my server). I run the VPN ... I run 2 dig questions - first over (default) server of my ISP (OK) and second over 127.0.0.1 (FAIL). see cmd.txt in attachment. This communication is also in Wireshark libpcap. see wirsh.libcap in attachment. The route -n gives: - see also cmd.txt (the 2. is after VPN shut down) FYI: The 217.114.215.250 is the VPN server The 172.31.156.57 is the IP of TAP The 194.228.2.1 is my ISPs DNS server (in my resolf.conf) The 10.6.6.138 is my ADSL modem/router I hope You will find the problem. Thanks --kapetr
wirsh.libpcap
Description: Binary data
cmd.txt
Description: Binary data
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
