DNS and Time Warner Cable

Gerald Combs gerald at ethereal.com
Wed Dec 5 02:24:53 CST 2001 

My /var/db/dhclient.leases says:

lease {
  interface "rl1";
  fixed-address 65.26.108.252;
  option subnet-mask 255.255.254.0;
  option routers 65.26.108.1;
  option domain-name-servers 24.94.163.165,24.94.163.113,24.94.163.33;
  option host-name "dhcp-291-59";
  option domain-name "kc.rr.com";
  option broadcast-address 255.255.255.255;
  option dhcp-lease-time 86400;
  option dhcp-message-type 5;
  option dhcp-server-identifier 24.94.163.113;
  renew 3 2001/12/5 08:10:55;
  rebind 3 2001/12/5 17:10:55;
  expire 3 2001/12/5 20:10:55;
}

I have

pass in  quick on rl1 proto udp from 24.0.0.0/8 to any port = bootpc

in my ipf.rules.  I'm also running a DNS server on my firewall, so my
inside machines don't have to worry about Road Runner's DNS server
addresses.

On Tue, 4 Dec 2001, Marvin Bellamy wrote:

> Might be my ipf.rules are blocking  DHCP/UDP packets which wouldn't have 
> been a problem with DSL.  I'll have to confirm this.  Anyone know the IP 
> of the RR DHCP server?
> 
> Marvin Bellamy wrote:
> 
> > In-line comments...
> >
> > ndr wrote:
> >
> >>
> >> On Tue, 4 Dec 2001, Marvin Bellamy wrote:
> >>
> >>> Setup:
> >>> OpenBSD firewall on a Pentium 133, running IPF and IPNAT
> >>> RedHat 7.2 on my desktop, Pentium 500
> >>>
> >>
> >> Which version of OpenBSD? I have the same setup with RR and it works 
> >> fine.
> >>
> >
> >
> > OpenBSD 2.8.  How did you configure your external hostname.if file?  I 
> > just have "dhcp" in mine since I wasn't aware of any other options 
> > that I'd need.
> >
> >>
> >>
> >>> Hey all.  I just moved to Praire Village, but with no DSL access I 
> >>> switched to Road Runner.  I reconfigured my external NIC to use DHCP 
> >>> and the session appears to open successfully.  The problem is DNS 
> >>> isn't working.  The resolv.conf file is rewritten  with  a "search" 
> >>> on the kc.rr.com domain and the three RR DNS servers as 
> >>> "nameserver"s.  I can ping external IPs, but I just can't resolve 
> >>> names.  I even tried reconfiguring my desktop to use the old DSL 
> >>> nameservers to no avail. Any suggestions?
> >>>
> >>
> >> Try doing a tcpdump on the external NIC. Are you seeing the DNS traffic
> >> getting out? How do you have your NAT setup? Any IPF rules? Does an
> >> nslookup timeout or does it return an error immediately?
> >
> >
> > Running tcpdump produced practically no output, and that output did 
> > not appear to be related to my DNS queries.  I saw a few dumps with 
> > ...arp who-has... that usually referenced my gateway address or 
> > 24.163.154.160, whatever that is.  It isn't one of the DNS servers.  
> > Are there any different types of packets that DHCP might use that 
> > would have been blocked by my ipf.rules?  My firewall is essentially 
> > unchanged.
> >
> >
> >
> >
> >
> 
> 
> 
> 
> 
>

More information about the Kclug mailing list