www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

dns forwarder not working when target server restarts

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Linux and Networking
View previous topic :: View next topic  
Author Message
matiasurbieta



Joined: 06 Jul 2010
Posts: 4

PostPosted: Thu Sep 30, 2010 4:12 pm    Post subject: dns forwarder not working when target server restarts Reply with quote

Hi, i have set a vpn gateway (192.168.0.3) using vpnc (cisco client) in a linux box that has also running dnsmasq for resolving vpn's hosts from my intranet.
In the other hand, i have running ZS as my main router y default gateway (192.168.0.2) of the intranet which also has configured the target domain,in example vpndomain.com, as a forwarder thats point to the vpngateway and routing rules for forwarding request.
Every thing works well in such a way i can resolve vpndomain from my intranet and also access hosts. For example, i can resolve the by invoking from intranet:
Code:
dig host.vpndomain.com

The request goes to the ZS router, and the name resolution is forwarder to the vpn gateway where dnsmasq daemon forward to the vpn the request.
The problem arises when the vpn gateway is rebooted and the dns forwarder at ZS stop working but the vpngateway does. For instance:
Code:
dig host.vpndomain.com #doesn't work
dig @192.168.0.3 host.vpndomain.com #it does!


Thanks in advance
Back to top
View user's profile Send private message
ppalias



Joined: 17 Dec 2008
Posts: 1151
Location: Athens, Greece

PostPosted: Fri Oct 01, 2010 1:50 pm    Post subject: Reply with quote

From which client are you querying the dns? What is the sequense of dns servers it uses?
Back to top
View user's profile Send private message Yahoo Messenger MSN Messenger
matiasurbieta



Joined: 06 Jul 2010
Posts: 4

PostPosted: Mon Oct 04, 2010 3:58 pm    Post subject: Reply with quote

Hi, thanks for the quick response. Each host in the intranet has as default gateway and nameserver a zeroshell router which(192.168.0.2). If t any resolution request matches with a registered forwarder, it forwards the dns requirement to my vpngateway (192.168.0.3). There, dnsmask forward the request thru vpn where it is finally resolved. The dnsmask uses vpn configuration that is automatically set by vpnc (cisco client.) For example an scenario can be:
A hosts (192.168.0.111) request a dns resolution
ZS router check if it matches with a forwarder
The request is forwarded to the vpn gateway(192.168.0.3)
It is finally resolved

Regards
Back to top
View user's profile Send private message
ppalias



Joined: 17 Dec 2008
Posts: 1151
Location: Athens, Greece

PostPosted: Wed Oct 13, 2010 9:46 am    Post subject: Reply with quote

It sounds like a problem of sending interesting traffic for the vpn to come up so that the DNS gets resolved. It is for sure an unorthodox approach of resolving Very Happy
Back to top
View user's profile Send private message Yahoo Messenger MSN Messenger
matiasurbieta



Joined: 06 Jul 2010
Posts: 4

PostPosted: Wed Oct 13, 2010 11:31 am    Post subject: Reply with quote

Hi Fulvio, i noticed that when i make a minor change to bind configuration using the web frontend, forwarders start working due to bind service is rebooted. May be there is a way to reboot bind remotelly using ssh when the forwarder is rebooted.
Which is the command-line for rebooting bind?
if a make a call remotely using ssh , will console frontend (that is shown when login) be a problem? and how can i disable it?
regards
Back to top
View user's profile Send private message
ppalias



Joined: 17 Dec 2008
Posts: 1151
Location: Athens, Greece

PostPosted: Wed Oct 13, 2010 12:52 pm    Post subject: Reply with quote

You can restart dns from command line with the command
Code:
/etc/init.d/dns restart
Back to top
View user's profile Send private message Yahoo Messenger MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Linux and Networking All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group