Crist,

Please see output in-line below...

>On Sun, Jan 06, 2002 at 05:22:00PM -0800, Rachel Leising wrote:
>>
>>  --
>>  I can't seem to get name resolution working correctly.
>>
>>  According to sniffer output, the dns query goes out fine and the
>>  response comes back just fine. However, my machine then replies to
>>  the dns server with an ICMP "port unreachable message"... regardless
>>  of the ephemeral port used by my machine as the source port for the
>>  dns query.
>
>Could you post the actual tcpdump(1) output,
>
>   # tcpdump -vvvn 'udp && port 53'
>
>Just in case you are missing something.

# tcpdump -vvn 'udp && port 53'
tcpdump: listening on wi0
23:03:06.652249  10.0.1.14.1068 > 10.1.1.53: [ udp sum ok ] 26929+ A? 
www.yahoo.com. [ |domain ] (ttl 64, id 120, len 59)
23:03:06.674992  63.203.35.55.53 > 10.0.1.14.1068:   26929  q:  A? 
www.yahoo.com.  7/8/8  www.yahoo.com.  CNAME[ |domain ] (DF)
(ttl 249, id 16300, len 453)
23:03:11.660476  10.0.1.14.1068 > 10.1.1.53: [ udp sum ok ] 26929+ A? 
www.yahoo.com. [ |domain ] (ttl 64, id 122, len 59)
23:03:11.686633  63.203.35.55.53 > 10.0.1.14.1068:   26929  q:  A? 
www.yahoo.com.  7/8/8  www.yahoo.com.  CNAME[ |domain ] (DF)
(ttl 249, id 16301, len 453)
23:03:16.670665  10.0.1.14.1069 > 10.1.1.53: [ udp sum ok ] 26930+ 
MX? www.yahoo.com. [ |domain ] (ttl 64, id 124, len 59)
23:03:16.800894  63.203.35.55.53 > 10.0.1.14.1069:   26930  q:  MX? 
www.yahoo.com.  1/1/0  www.yahoo.com.  CNAME[ |domain ] (DF)
(ttl 249, id 16302, len 153)
23:03:21.680620  10.0.1.14.1069 > 10.1.1.53: [ udp sum ok ] 26930+ 
MX? www.yahoo.com. [ |domain ] (ttl 64, id 126, len 59)
23:03:21.703735  63.203.35.55.53 > 10.0.1.14.1069:   26930  q:  MX? 
www.yahoo.com.  1/1/0  www.yahoo.com.  CNAME[ |domain ] (DF)
(ttl 249, id 16303, len 153)


>
>>  nestat -s also shows the following udp counters incrementing:
>>
>>  "x dropped due to no socket"
>
>This is what I would expect for what you describe...
>
>>  "y dropped due to full socket buffers"
>
>Hmmmm...
>
>Could we double-check the firewall issue,
>
>   $ sysctl net.inet.ip.fw.enable net.inet.ipf.fr_running

# sysctl net.inet.ip.fw.enable
sysctl: unknown oid 'net.inet.ip.fw.enable'
# sysctl net.inet.ipf.fr_running
sysctl: unknown oid 'net.inet.ipf.fr_running'

>
>And see the full output of,
>
>   $ netstat -s -p udp

# netstat -s -p udp
udp:
        82 datagrams received
        0 with incomplete header
        0 with bad data length field
        0 with bad checksum
        0 with no checksum
        15 dropped due to no socket
        0 broadcast/multicast datagrams dropped due to no socket
        67 dropped due to full socket buffers
        0 not for hashed pcb
        0 delivered
        19 datagrams output

>   $ netstat -an -p udp

# netstat -an -p udp
Active Internet connections (including servers)
Proto  Recv-Q  Send-Q   Local Address      Foreign Address         (state)
udp4        0    0      *.68                *.*
udp4        0    0      *.*                 *.*
udp4        0    0      *.514       *.*
udp6        0             0      *.514      *.*

>   $ host testhost            # your DNS test here

# host www.yahoo.com      #the tcpdump command above was initiated 
immediately before this

>   $ netstat -s -p udp

# netstat -s -p udp
udp:
        289 datagrams received
        0 with incomplete header
        0 with bad data length field
        0 with bad checksum
        0 with no checksum
        48 dropped due to no socket
        0 broadcast/multicast datagrams dropped due to no socket
        241 dropped due to full socket buffers
        0 not for hashed pcb
        0 delivered
        52 datagrams output

>   $ netstat -an -p udp

# netstat -an -p udp
Active Internet connections (including servers)
Proto  Recv-Q  Send-Q   Local Address      Foreign Address         (state)
udp4             0       0     10.0.1.14.1068     10.0.1.1.53
udp4             0       0     10.0.1.14.1069     10.0.1.1.53
udp4        0    0      *.68                *.*
udp4        0    0      *.*                 *.*
udp4        0    0      *.514       *.*
udp6        0             0      *.514      *.*

thanks again,
Rach


>--
>"It's always funny until someone gets hurt. Then it's hilarious."
>
>Crist J. Clark                     |     [EMAIL PROTECTED]
>                                    |     [EMAIL PROTECTED]
>http://people.freebsd.org/~cjc/    |     [EMAIL PROTECTED]


-- 

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Reply via email to