Crist,
Please see output in-line below...
>On Sun, Jan 06, 2002 at 05:22:00PM -0800, Rachel Leising wrote:
>>
>> --
>> I can't seem to get name resolution working correctly.
>>
>> According to sniffer output, the dns query goes out fine and the
>> response comes back just fine. However, my machine then replies to
>> the dns server with an ICMP "port unreachable message"... regardless
>> of the ephemeral port used by my machine as the source port for the
>> dns query.
>
>Could you post the actual tcpdump(1) output,
>
> # tcpdump -vvvn 'udp && port 53'
>
>Just in case you are missing something.
# tcpdump -vvn 'udp && port 53'
tcpdump: listening on wi0
23:03:06.652249 10.0.1.14.1068 > 10.1.1.53: [ udp sum ok ] 26929+ A?
www.yahoo.com. [ |domain ] (ttl 64, id 120, len 59)
23:03:06.674992 63.203.35.55.53 > 10.0.1.14.1068: 26929 q: A?
www.yahoo.com. 7/8/8 www.yahoo.com. CNAME[ |domain ] (DF)
(ttl 249, id 16300, len 453)
23:03:11.660476 10.0.1.14.1068 > 10.1.1.53: [ udp sum ok ] 26929+ A?
www.yahoo.com. [ |domain ] (ttl 64, id 122, len 59)
23:03:11.686633 63.203.35.55.53 > 10.0.1.14.1068: 26929 q: A?
www.yahoo.com. 7/8/8 www.yahoo.com. CNAME[ |domain ] (DF)
(ttl 249, id 16301, len 453)
23:03:16.670665 10.0.1.14.1069 > 10.1.1.53: [ udp sum ok ] 26930+
MX? www.yahoo.com. [ |domain ] (ttl 64, id 124, len 59)
23:03:16.800894 63.203.35.55.53 > 10.0.1.14.1069: 26930 q: MX?
www.yahoo.com. 1/1/0 www.yahoo.com. CNAME[ |domain ] (DF)
(ttl 249, id 16302, len 153)
23:03:21.680620 10.0.1.14.1069 > 10.1.1.53: [ udp sum ok ] 26930+
MX? www.yahoo.com. [ |domain ] (ttl 64, id 126, len 59)
23:03:21.703735 63.203.35.55.53 > 10.0.1.14.1069: 26930 q: MX?
www.yahoo.com. 1/1/0 www.yahoo.com. CNAME[ |domain ] (DF)
(ttl 249, id 16303, len 153)
>
>> nestat -s also shows the following udp counters incrementing:
>>
>> "x dropped due to no socket"
>
>This is what I would expect for what you describe...
>
>> "y dropped due to full socket buffers"
>
>Hmmmm...
>
>Could we double-check the firewall issue,
>
> $ sysctl net.inet.ip.fw.enable net.inet.ipf.fr_running
# sysctl net.inet.ip.fw.enable
sysctl: unknown oid 'net.inet.ip.fw.enable'
# sysctl net.inet.ipf.fr_running
sysctl: unknown oid 'net.inet.ipf.fr_running'
>
>And see the full output of,
>
> $ netstat -s -p udp
# netstat -s -p udp
udp:
82 datagrams received
0 with incomplete header
0 with bad data length field
0 with bad checksum
0 with no checksum
15 dropped due to no socket
0 broadcast/multicast datagrams dropped due to no socket
67 dropped due to full socket buffers
0 not for hashed pcb
0 delivered
19 datagrams output
> $ netstat -an -p udp
# netstat -an -p udp
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
udp4 0 0 *.68 *.*
udp4 0 0 *.* *.*
udp4 0 0 *.514 *.*
udp6 0 0 *.514 *.*
> $ host testhost # your DNS test here
# host www.yahoo.com #the tcpdump command above was initiated
immediately before this
> $ netstat -s -p udp
# netstat -s -p udp
udp:
289 datagrams received
0 with incomplete header
0 with bad data length field
0 with bad checksum
0 with no checksum
48 dropped due to no socket
0 broadcast/multicast datagrams dropped due to no socket
241 dropped due to full socket buffers
0 not for hashed pcb
0 delivered
52 datagrams output
> $ netstat -an -p udp
# netstat -an -p udp
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
udp4 0 0 10.0.1.14.1068 10.0.1.1.53
udp4 0 0 10.0.1.14.1069 10.0.1.1.53
udp4 0 0 *.68 *.*
udp4 0 0 *.* *.*
udp4 0 0 *.514 *.*
udp6 0 0 *.514 *.*
thanks again,
Rach
>--
>"It's always funny until someone gets hurt. Then it's hilarious."
>
>Crist J. Clark | [EMAIL PROTECTED]
> | [EMAIL PROTECTED]
>http://people.freebsd.org/~cjc/ | [EMAIL PROTECTED]
--
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
