Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a Linux server that uses exim to relay mail out via a dial-up connection.
Workstation mail clients send mail using SMTP via this server.
Recently outgoing mail has been failing from the workstations.
Using tethereal on the ppp0 interface, and running exim in -bh mode, I can think that the mail clients are timing out waiting for a DNS lookup going out to the internet for "localhost", which takes longer to time out than the client is prepared to wait for.
The exim configuration includes localhost as an err... local host. I can't see why it would try a DNS lookup when localhost is clearly in /etc/hosts as 127.0.0.1
I've seen some web pages that talk about using a bind to run a caching-only nameserver to take care of localhost lookups but I'm also running squid, which should be caching dns lookups but doesn't seem to be. I think.
Can you help me
a) why do we ever try a dns lookup out to the internet for localhost?
b) should i run a caching-only nameserver using bind or should squid being doing the same job?
Does your /etc/hosts.conf say "order hosts, bind" and
does your /etc/nsswitch.conf also have files first in "hosts: files dns <other> <other> <other>"?
I've installed bind since I posted the query and that seems to have fixed the problem, it was easier than I thought it would be to install it. Had to work out that pppconfig overwrites the resolv.conf file everytime, taking a per-provider skeleton where I put the localhost dns entry.
Doh, yes, I do have a host.conf. It does say "order hosts, bind". I guess that got there when I installed bind. So everything's ok now. Thank you for your help.
I still don't understand DNS stuff very well - haven't taken the time to learn which is obviously my fault. Is it easy to make bind cache dns lookups locally? At the moment I think my local bind is just using the static lookup for localhost=127.0.0.1 that's configured?
OK, I think part of the problem was my ipchains firewall blocking some of the DNS responses. If I bring down the firewall, my DNS lookups are cached and I don't see repetitive requests for the same addresses (as before - e.g. the ones from db.root).
The basic policy is to deny all traffic on the input of the ppp0 interface except
Allow to http, pop3, https ports from port above 1024 & vice versa
But now I'm running bind, I get replys from more than just the DNS ip addresses my ISP tells me about. How can I change the rules to make it work better? Thanks again!
What would be the rules to add to the rc.firewall for IPtables? I want to allow internal network DNS and I want to allow DNS from outside my network as well. Also how would I allow unrestricted from the computers with in my own lan? I want the computers on the IP's 192.168.1.0/7 to have n restrictions from the internal firewall. But I dont want them to pass through my extarnal my net sid of my network, just my lan.
Thanks
NegativeZERO
Last edited by NegativeZERO; 12-22-2002 at 02:30 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.