At 07:09 PM 9/25/99 +0200, Jean-Yves BARBIER wrote: >On Sat, Sep 25, 1999 at 10:10:32AM -0500, Lance Hoffmeyer wrote: >> >> I have a server that dials into the internet with a client attached on a home network. My IP MASQ is working and the >> client can connect to the internet, but only using IP Addresses. The client cannot connect using domain names. > >Hi Lance, >that means your DNS isn't working at all (its work is precisely to convert domain names to real IPs!) > >> So , the connection is 10.254.2.2 --eth0---> 10.254.2.1----ppp----> internet >> >> If I type nslookup from the server I get: >> >> Default Server: ns2.us.prserv.net >> Address: 165.87.201.244 > >Perhaps you said your DNS that its (first) forwarder is ns2.us.prserv.net. >A forwarder is generaly the ISP's DNS, which, because of the great amount of request it gets, contains >most of the regular IPs you need; so if you use a forwarder, it will first look to its records to see >if it has the right IP within; and if not, it will query the ROOT.SERVERS, which are the source of >*all* correspondances between names & IPs. > >> I'm really not sure where this comes from but I know that if I remove it and put something else in it's place I am not >> able to browse the web or fetch email. What can I try so that the client can connect via domain names and not just >> IP Addresses? > >First, DNS is acting under UDP protool, second you need to let it pass through the firewall (and return too ;). > >MY firewall says: let anything, any protocols pass within the LAN; then, for the INPUT from WEB, it says: >let ALL UDP packets on ports [1024-5999] & [6011-65535] pass (hole is to secure X Window). >The OUTPUT chains says: let ALL UDP packets, external destination port = domain (port 53), PASS. >Then, then MASQuerade says: MASQuerade from LAN to WEB, source LAN, DEST anywhere, UDP/domain(53) PASS. > >Hope it will help > >JY > >-- Try setting up a caching-only DNS on your firewall that uses your ISP's DNS as its forwarder. Then configure all of your clients to point to your DNS.
Install the bind package and read the DNS-HowTo. Ed
