I have shorewall installed, everything works fine but the only problem is that is doesn''t pass the dns server information unto the client workstations on the network. I have dhcp server setup on the Unix box. I called road runner and asked for the DNS info but they said that all ther dns server ip numbers are dynamic. The actual Unix box can resolve dns, but the only problem is the other computers that connect through the Unix box router. The way i went around it was to get a dns server ip address for verizon dsl and input into the client computers and it worked, but i am not sure how long the verizon dns server stays the same ip number. Is there a way to get the Unix box to pass its dns reslolver to the client computers using dns. Thanks for any help in advance. -- Chris Diori
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Since you are running a unix box, have you considered usering your unix box as a DNS server? - --- Aaron Axelsen AIM: AAAK2 Email: axelseaa@amadmax.com Want reliable web hosting at affordable prices? www.modevia.com - -----Original Message----- From: shorewall-users-bounces@lists.shorewall.net [mailto:shorewall-users-bounces@lists.shorewall.net] On Behalf Of Chris Diori Sent: Thursday, February 13, 2003 12:13 PM To: shorewall-users@lists.shorewall.net Subject: [Shorewall-users] Problem on Road Runner I have shorewall installed, everything works fine but the only problem is that is doesn''t pass the dns server information unto the client workstations on the network. I have dhcp server setup on the Unix box. I called road runner and asked for the DNS info but they said that all ther dns server ip numbers are dynamic. The actual Unix box can resolve dns, but the only problem is the other computers that connect through the Unix box router. The way i went around it was to get a dns server ip address for verizon dsl and input into the client computers and it worked, but i am not sure how long the verizon dns server stays the same ip number. Is there a way to get the Unix box to pass its dns reslolver to the client computers using dns. Thanks for any help in advance. - -- Chris Diori _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.shorewall.net http://lists.shorewall.net/mailman/listinfo/shorewall-users -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBPkvg0brnDjSLw9ADEQJZAQCglyG1QbmACFHsNiuSYCbYjR52g10An3HF zLl19MpDEgRpEAgrnwYPvpzO =YhN7 -----END PGP SIGNATURE-----
Chris Diori wrote:> I have shorewall installed, everything works fine but the only problem is that > is doesn''t pass the dns server information unto the client workstations on the > network. I have dhcp server setup on the Unix box. I called road runner and > asked for the DNS info but they said that all ther dns server ip numbers are > dynamic. The actual Unix box can resolve dns, but the only problem is the > other computers that connect through the Unix box router. The way i went > around it was to get a dns server ip address for verizon dsl and input into > the client computers and it worked, but i am not sure how long the verizon dns > server stays the same ip number. Is there a way to get the Unix box to pass > its dns reslolver to the client computers using dns. Thanks for any help in > advance. >This really isn''t a Shorewall question but my recommendation would be to run a caching name server on your firewall system. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
On 13 Feb 2003 at 13:12, Chris Diori wrote:> The actual Unix box > can resolve dns, but the only problem is the other computers that > connect through the Unix box router. The way i went around it wasto> get a dns server ip address for verizon dsl and input into theclient> computers and it worked, but i am not sure how long the verizon dnsIts unlikely you got the (whole) true story here. Hopping your dns servers ip all over the place is guarenteed to piss of your end users because different leases expire at different times, and you can''t move the name server''s IP and expect any kind of decent service. More likely, the assign one or two dns server IPs to your linux box when they give it an IP, just to spread the load. But ANY dns server given is likely to be around for years, because its a major hassel to change these things. So you could just take a look at /etc/resolv.conf and add those numbers to /etc/dhcpd.conf and even if you do get different dns servers next time it should continue to work. Still, a chaching name server would be best. It is my understanding that the latest bind will do just that if you give it no configuration changes at all, so this should be fairly simple. ______________________________________ John Andersen NORCOM / Juneau, Alaska http://www.screenio.com/ (907) 790-3386_______________________________________ John S. Andersen NORCOM mailto:JAndersen@norcomsoftware.com Juneau, Alaska http://www.screenio.com/