LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Why does 12.170.16.134 route to the wrong box?? (https://www.linuxquestions.org/questions/linux-networking-3/why-does-12-170-16-134-route-to-the-wrong-box-93911/)

registering 09-17-2003 03:51 PM
Why does 12.170.16.134 route to the wrong box??
 
Howdy all,
I have a computer inside our LAN that uses 192.168.0.134 as its static IP. I can ssh, view webpages, etcetera, with no trouble when using this internal IP address. What I would like is for any and all traffic for 12.170.16.134 to be routed to 192.168.0.134.

I thought I could do that by adding these 2 lines to my firewall:

$IPTABLES -t nat -A POSTROUTING -s 192.168.0.134 -o $EXTIF -j SNAT --to 12.170.16.134
$IPTABLES -t nat -A PREROUTING -s 12.170.16.134 -i $EXTIF -j DNAT --to 192.168.0.134

However if you web-browse to 12.170.16.134, you actually see our gateway's webpage (marisys.com), not the internal computer's (NERR data tables webpage). :( I thought the above command says for anything coming FROM 192.168.0.134, change its source to 12.170.16.134, and anything going TO 12.170.16.134, send it to 192.168.0.134. What am I doing wrong??

It seems 12.170.16.134 gets routed TO the gateway, rather than THROUGH the gateway. This is the output of ifconfig on the gateway:


eth0 Link encap:Ethernet HWaddr 00:01:02:CA:D1:33
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2644 errors:0 dropped:0 overruns:0 frame:0
TX packets:2809 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:401745 (392.3 Kb) TX bytes:2184116 (2.0 Mb)
Interrupt:15 Base address:0xfc80

eth1 Link encap:Ethernet HWaddr 00:02:E3:0C:70:80
inet addr:12.170.16.130 Bcast:12.170.16.143 Mask:255.255.255.240
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3443 errors:0 dropped:0 overruns:5269 frame:0
TX packets:2948 errors:0 dropped:0 overruns:5269 carrier:0
collisions:0 txqueuelen:100
RX bytes:1752739 (1.6 Mb) TX bytes:390657 (381.5 Kb)
Interrupt:9 Base address:0x6000

eth1:0 Link encap:Ethernet HWaddr 00:02:E3:0C:70:80
inet addr:12.170.16.131 Bcast:12.170.16.143 Mask:255.255.255.240
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:9 Base address:0x6000

eth1:1 Link encap:Ethernet HWaddr 00:02:E3:0C:70:80
inet addr:12.170.16.132 Bcast:12.170.16.143 Mask:255.255.255.240
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:9 Base address:0x6000

eth1:2 Link encap:Ethernet HWaddr 00:02:E3:0C:70:80
inet addr:12.170.16.134 Bcast:12.170.16.143 Mask:255.255.255.240
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:9 Base address:0x6000

eth1:3 Link encap:Ethernet HWaddr 00:02:E3:0C:70:80
inet addr:12.170.16.135 Bcast:12.170.16.143 Mask:255.255.255.240
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:9 Base address:0x6000

eth1:4 Link encap:Ethernet HWaddr 00:02:E3:0C:70:80
inet addr:12.170.16.136 Bcast:12.170.16.143 Mask:255.255.255.240
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:9 Base address:0x6000

eth1:5 Link encap:Ethernet HWaddr 00:02:E3:0C:70:80
inet addr:12.170.16.137 Bcast:12.170.16.143 Mask:255.255.255.240
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:9 Base address:0x6000

eth1:6 Link encap:Ethernet HWaddr 00:02:E3:0C:70:80
inet addr:12.170.16.138 Bcast:12.170.16.143 Mask:255.255.255.240
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:9 Base address:0x6000

eth1:7 Link encap:Ethernet HWaddr 00:02:E3:0C:70:80
inet addr:12.170.16.139 Bcast:12.170.16.143 Mask:255.255.255.240
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:9 Base address:0x6000

eth1:8 Link encap:Ethernet HWaddr 00:02:E3:0C:70:80
inet addr:12.170.16.140 Bcast:12.170.16.143 Mask:255.255.255.240
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:9 Base address:0x6000

eth1:9 Link encap:Ethernet HWaddr 00:02:E3:0C:70:80
inet addr:12.170.16.141 Bcast:12.170.16.143 Mask:255.255.255.240
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:9 Base address:0x6000

eth1:10 Link encap:Ethernet HWaddr 00:02:E3:0C:70:80
inet addr:12.170.16.142 Bcast:12.170.16.143 Mask:255.255.255.240
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:9 Base address:0x6000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:125 errors:0 dropped:0 overruns:0 frame:0
TX packets:125 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:15121 (14.7 Kb) TX bytes:15121 (14.7 Kb)




And this is ifconfig on the internal computer:
eth0 Link encap:Ethernet HWaddr 00:07:32:00:40:56
inet addr:192.168.0.134 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:217 errors:0 dropped:0 overruns:0 frame:0
TX packets:82 errors:0 dropped:0 overruns:0 carrier:0
collisions:17 txqueuelen:100
RX bytes:29349 (28.6 Kb) TX bytes:43325 (42.3 Kb)
Interrupt:12 Base address:0xd400 Memory:e2100000-e2100038

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:16 errors:0 dropped:0 overruns:0 frame:0
TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1000 (1000.0 b) TX bytes:1000 (1000.0 b)



Our gateway hosts other pages etc., so I can't just masquerade everything on port 80, for example, I want to send all traffic for 12.170.16.134 and send it to 192.168.0.134.

The internal computer used to be proxy-hosted, but that's not an option anymore.

This is the firewall -- superfluous stuff removed -- on the gateway:

EXTIF="eth1"
INTIF="eth0"
echo " External Interface: $EXTIF"
echo " Internal Interface: $INTIF"

#load modules
.........................


echo " enabling forwarding.."
echo "1" > /proc/sys/net/ipv4/ip_forward


echo " clearing any existing rules and setting default policy.."
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -t nat -F

echo " FWD: Allow all connections OUT and IN " #only existing and related ones IN"
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
$IPTABLES -A FORWARD -j LOG

echo " Enabling SNAT functionality for selected hosts on $EXTIF"

$IPTABLES -t nat -A POSTROUTING -s 192.168.0.134 -o $EXTIF -j SNAT --to 12.170.16.134
$IPTABLES -t nat -A PREROUTING -s 12.170.16.134 -i $EXTIF -j DNAT --to 192.168.0.134

echo " Enabling NPAT (MASQUERADE) functionality on $EXTIF"
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE



Any ideas?? Any help is greatly appreciated.

peter_robb 09-20-2003 05:19 PM
Quote:
$IPTABLES -t nat -A PREROUTING -s 12.170.16.134 -i $EXTIF -j DNAT --to 192.168.0.134
This will pass traffic that came from 12.170.16.134 ...
I think you meant to 12.170.16.134 = -d 12.170.16.134


You can only do SNAT once in Netfilter, so the first matching rule wins...
Quote:
$IPTABLES -t nat -A POSTROUTING -s 192.168.0.134 -o $EXTIF -j SNAT --to 12.170.16.134
would precede the MASQ rule and is unnecessary anyway.
Best remove it and rely on just the MASQ rule. This one covers all possibilities.

registering 09-22-2003 09:36 PM
Thanks for taking the time to help peter_robb, it's really appreciated. This is what I've got now:

echo " Accept all connections in and out"
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $INTIF -j ACCEPT
$IPTABLES -A FORWARD -j LOG

echo " Routing internet address to intranet address for CDMO"
# the next block was added when making the CDMO non-proxied
$IPTABLES -t nat -A PREROUTING -i $INTIF -d 12.170.16.134 -j DNAT --to-destination 192.168.0.134
$IPTABLES -t nat -A PREROUTING -i $EXTIF -d 12.170.16.134 -j DNAT --to-destination 192.168.0.134

$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -d 192.168.0.134 -m state --state NEW -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -d 192.168.0.134 -m state --state NEW -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $INTIF -d 192.168.0.134 -m state --state NEW -j ACCEPT

$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT

echo " Spoofing intranet address to internet address..."
#now spoof our intranet IP to our internet IP if we're leaving our intranet
$IPTABLES -t nat -A POSTROUTING -s 192.168.0.134 -j SNAT --to-source 12.170.16.134

echo " Enabling NPAT (MASQUERADE) functionality both internal and external"
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
$IPTABLES -t nat -A POSTROUTING -o $INTIF -j MASQUERADE



Now the outside world can see www.nerrenvirons.org (registered to 12.170.16.134 and actually hosted on 192.168.0.134) just fine, but nobody INSIDE my LAN can. I don't know if this is a firewall issue, or some DNS issue. :(


From inside my LAN I get these results from dig:

[root@grampus root]# dig www.nerrenvirons.org

; <<>> DiG 9.2.1 <<>> www.nerrenvirons.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 47687
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.nerrenvirons.org. IN A

;; Query time: 109 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Sep 22 17:07:36 2003
;; MSG SIZE rcvd: 38



However from the computer where everything actually resides (192.168.0.134) I get this:
root@CDMO-blowfish root]# dig www.nerrenvirons.org

; <<>> DiG 9.2.1 <<>> www.nerrenvirons.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63966
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;www.nerrenvirons.org. IN A

;; ANSWER SECTION:
www.nerrenvirons.org. 10800 IN CNAME ns3.nerrenvirons.org.
ns3.nerrenvirons.org. 10800 IN A 12.170.16.134

;; AUTHORITY SECTION:
nerrenvirons.org. 10800 IN NS ns3.nerrenvirons.org.

;; Query time: 2 msec
;; SERVER: 192.168.0.134#53(192.168.0.134)
;; WHEN: Mon Sep 22 17:06:50 2003
;; MSG SIZE rcvd: 86



I can http to www.nerrenvirons.org from the actual system no problem, which is really weird. That made me think there's some recursion problem at work, so I tried the following from my gateway (12.170.16.134) (inside my LAN but not on actual system serving the webpages):

[root@grampus root]# dig +trace www.nerrenvirons.org

; <<>> DiG 9.2.1 <<>> +trace www.nerrenvirons.org
;; global options: printcmd
. 509244 IN NS F.ROOT-SERVERS.NET.
. 509244 IN NS G.ROOT-SERVERS.NET.
. 509244 IN NS H.ROOT-SERVERS.NET.
. 509244 IN NS I.ROOT-SERVERS.NET.
. 509244 IN NS J.ROOT-SERVERS.NET.
. 509244 IN NS K.ROOT-SERVERS.NET.
. 509244 IN NS L.ROOT-SERVERS.NET.
. 509244 IN NS M.ROOT-SERVERS.NET.
. 509244 IN NS A.ROOT-SERVERS.NET.
. 509244 IN NS B.ROOT-SERVERS.NET.
. 509244 IN NS C.ROOT-SERVERS.NET.
. 509244 IN NS D.ROOT-SERVERS.NET.
. 509244 IN NS E.ROOT-SERVERS.NET.
;; Received 244 bytes from 127.0.0.1#53(127.0.0.1) in 75 ms

org. 172800 IN NS TLD1.ULTRADNS.NET.
org. 172800 IN NS TLD2.ULTRADNS.NET.
;; Received 120 bytes from 192.5.5.241#53(F.ROOT-SERVERS.NET) in 97 ms

nerrenvirons.org. 86400 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 86400 IN NS ns2.marisys.net.
;; Received 101 bytes from 204.74.112.1#53(TLD1.ULTRADNS.NET) in 55 ms

nerrenvirons.org. 77257 IN NS ns2.marisys.net.
nerrenvirons.org. 77257 IN NS ns3.nerrenvirons.org.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 13 ms

nerrenvirons.org. 77257 IN NS ns2.marisys.net.
nerrenvirons.org. 77257 IN NS ns3.nerrenvirons.org.
;; Received 101 bytes from 12.170.16.131#53(ns2.marisys.net) in 14 ms

nerrenvirons.org. 77257 IN NS ns2.marisys.net.
nerrenvirons.org. 77257 IN NS ns3.nerrenvirons.org.
;; Received 101 bytes from 12.170.16.131#53(ns2.marisys.net) in 13 ms

nerrenvirons.org. 77257 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77257 IN NS ns2.marisys.net.
;; Received 101 bytes from 12.170.16.131#53(ns2.marisys.net) in 12 ms

nerrenvirons.org. 77257 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77257 IN NS ns2.marisys.net.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 13 ms

nerrenvirons.org. 77257 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77257 IN NS ns2.marisys.net.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 18 ms

nerrenvirons.org. 77257 IN NS ns2.marisys.net.
nerrenvirons.org. 77257 IN NS ns3.nerrenvirons.org.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 13 ms

nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77256 IN NS ns2.marisys.net.
;; Received 101 bytes from 12.170.16.131#53(ns2.marisys.net) in 13 ms

nerrenvirons.org. 77256 IN NS ns2.marisys.net.
nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 13 ms

nerrenvirons.org. 77256 IN NS ns2.marisys.net.
nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
;; Received 101 bytes from 12.170.16.131#53(ns2.marisys.net) in 13 ms

nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77256 IN NS ns2.marisys.net.
;; Received 101 bytes from 12.170.16.131#53(ns2.marisys.net) in 13 ms

nerrenvirons.org. 77256 IN NS ns2.marisys.net.
nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 12 ms

nerrenvirons.org. 77256 IN NS ns2.marisys.net.
nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
;; Received 101 bytes from 12.170.16.131#53(ns2.marisys.net) in 11 ms

nerrenvirons.org. 77256 IN NS ns2.marisys.net.
nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
;; Received 101 bytes from 12.170.16.131#53(ns2.marisys.net) in 28 ms

nerrenvirons.org. 77256 IN NS ns2.marisys.net.
nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
;; Received 101 bytes from 12.170.16.131#53(ns2.marisys.net) in 11 ms

nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77256 IN NS ns2.marisys.net.
;; Received 101 bytes from 12.170.16.131#53(ns2.marisys.net) in 11 ms

nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77256 IN NS ns2.marisys.net.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 12 ms

nerrenvirons.org. 77256 IN NS ns2.marisys.net.
nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 12 ms

nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77256 IN NS ns2.marisys.net.
;; Received 101 bytes from 12.170.16.131#53(ns2.marisys.net) in 14 ms

nerrenvirons.org. 77256 IN NS ns2.marisys.net.
nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 13 ms

nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77256 IN NS ns2.marisys.net.
;; Received 101 bytes from 12.170.16.131#53(ns2.marisys.net) in 13 ms

nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77256 IN NS ns2.marisys.net.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 15 ms

nerrenvirons.org. 77256 IN NS ns2.marisys.net.
nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 14 ms

nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77256 IN NS ns2.marisys.net.
;; Received 101 bytes from 12.170.16.131#53(ns2.marisys.net) in 15 ms

nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77256 IN NS ns2.marisys.net.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 19 ms

nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77256 IN NS ns2.marisys.net.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 13 ms

nerrenvirons.org. 77256 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77256 IN NS ns2.marisys.net.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 13 ms

nerrenvirons.org. 77255 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77255 IN NS ns2.marisys.net.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 13 ms

nerrenvirons.org. 77255 IN NS ns2.marisys.net.
nerrenvirons.org. 77255 IN NS ns3.nerrenvirons.org.
;; Received 101 bytes from 12.170.16.134#53(ns3.nerrenvirons.org) in 20 ms

nerrenvirons.org. 77255 IN NS ns2.marisys.net.
nerrenvirons.org. 77255 IN NS ns3.nerrenvirons.org.
dig: Too many lookups
[root@grampus root]# dig +norecursion www.nerrenvirons.org

; <<>> DiG 9.2.1 <<>> +norecursion www.nerrenvirons.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17088
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1

;; QUESTION SECTION:
;www.nerrenvirons.org. IN A

;; AUTHORITY SECTION:
nerrenvirons.org. 77246 IN NS ns3.nerrenvirons.org.
nerrenvirons.org. 77246 IN NS ns2.marisys.net.

;; ADDITIONAL SECTION:
ns2.marisys.net. 10800 IN A 12.170.16.131

;; Query time: 26 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Sep 22 17:12:02 2003
;; MSG SIZE rcvd: 101


Does that mean I've got a loop somewhere?

registering 09-24-2003 10:04 AM
Okay, I don't think it's a looping problem. I can http to ns3.nerrenvirons.org from within my LAN, just not www.nerrenvirons.org, which is weird. On my gateway's /var/log/messages, I always get a "lame server" error whenever I try to access www.nerrenvirons.org. That means 192.168.0.134 doesn't even know it's hosting nerrenvirons.org?? But outside my LAN www.nerrenvirons.org can be reached so it must know something, and inside I can get to ns3.nerrenvirons.org so that's getting routed properly. I heard using aliases can lead to trouble, so I changed www to use CNAME. This is the zone file:

[root@cdmo root]# cat /var/named/db.nerrenvirons.org
$TTL 3h
nerrenvirons.org. IN SOA ns3.nerrenvirons.org. root.nerrenvirons.org. (
9 ; Serial
3h ; Reresh after 3 hours
1h ; Retry after 1 hour
1w ; Expire after 1 week
1h ) ; Negative caching TTL of 1 day
IN A 12.170.16.134
;
; Name servers
;
nerrenvirons.org. IN NS ns3.nerrenvirons.org.

;
; Addresses for the canonical names
;
localhost IN A 127.0.0.1
ns3 IN A 12.170.16.134

;
; Aliases
;
www.nerrenvirons.org. IN A 12.170.16.134


The error msgs in my gateway's /var/log/messages are all of this format:

Sep 24 10:59:33 grampus named[3082]: lame server resolving 'www.nerrenvirons.org' (in 'nerrenvirons.org'?): 12.170.16.131#53
Sep 24 10:59:33 grampus named[3082]: lame server resolving 'www.nerrenvirons.org' (in 'nerrenvirons.org'?): 12.170.16.134#53

It always tries my gateway first (12.170.16.131) which makes sense, then tries 12.170.16.134, which (according to my firewall) should route to 192.168.0.134, I don't know if 192.168.0.134 ever gets contacted though for www.nerrenvirons.org requests from within my LAN so I don't know if it's my gateway for my internal system.


All times are GMT -5. The time now is 10:24 AM.