Hi! I wonder if userland ppp's nat option is broken or if I missed something new. I am using my freebsd (5.3-STABLE) machine as internet gateway. Everything works all-right from the gateway itself.>From my workstations I can ping any IP in the internet, butdomain names won't be resolved ("unknown host"). These are my rc.conf lines: kern_securelevel_enable="NO" inetd_enable="YES" gateway_enable="YES" named_enable="YES" ppp_enable="YES" ppp_mode="ddial" ppp_nat="YES" ppp_profile="my-profile" Thanks for any hints, Uli. +---------------------------+ | Peter Ulrich Kruppa | | Wuppertal | | Germany | +---------------------------+
Hello, It has something to do with your DNS. Do the following: - show us your /etc/resolv.conf - are you really sure named is configured correctly? greets, Samuel Trommel <quote who="Peter Ulrich Kruppa">> > Hi! > > I wonder if userland ppp's nat option is broken or if I missed > something new. > > I am using my freebsd (5.3-STABLE) machine as internet gateway. > Everything works all-right from the gateway itself. >>From my workstations I can ping any IP in the internet, but > domain names won't be resolved ("unknown host"). > > These are my rc.conf lines: > > kern_securelevel_enable="NO" > inetd_enable="YES" > gateway_enable="YES" > named_enable="YES" > ppp_enable="YES" > ppp_mode="ddial" > ppp_nat="YES" > ppp_profile="my-profile" > > > Thanks for any hints, > > Uli. > > > +---------------------------+ > | Peter Ulrich Kruppa | > | Wuppertal | > | Germany | > +---------------------------+ > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >
Hello Peter, Oke, if you are using windows clients show me ipconfig /all. And in the case of linux/unix /etc/resolv.conf. So if you don't using named(!?:) turn it off? You really need to give us some more information.. Samuel Trommel -----Oorspronkelijk bericht----- Van: Peter Ulrich Kruppa [mailto:root@pukruppa.de] Verzonden: dinsdag 26 oktober 2004 15:22 Aan: Samuel Trommel CC: freebsd-stable@freebsd.org Onderwerp: Re: ppp -nat broken??? On Tue, 26 Oct 2004, Samuel Trommel wrote:> Hello, > > It has something to do with your DNS. Do the following: > > - show us your /etc/resolv.confdomain pukruppa.de nameserver 195.62.99.42 nameserver 195.62.97.177> - are you really sure named is configured correctly?No, until now I never had to configure anything there. Uli.> greets, > > Samuel Trommel > > <quote who="Peter Ulrich Kruppa"> >> >> Hi! >> >> I wonder if userland ppp's nat option is broken or if I missed >> something new. >> >> I am using my freebsd (5.3-STABLE) machine as internet gateway. >> Everything works all-right from the gateway itself. >>> From my workstations I can ping any IP in the internet, but >> domain names won't be resolved ("unknown host"). >> >> These are my rc.conf lines: >> >> kern_securelevel_enable="NO" >> inetd_enable="YES" >> gateway_enable="YES" >> named_enable="YES" >> ppp_enable="YES" >> ppp_mode="ddial" >> ppp_nat="YES" >> ppp_profile="my-profile" >> >> >> Thanks for any hints, >> >> Uli. >> >> >> +---------------------------+ >> | Peter Ulrich Kruppa | >> | Wuppertal | >> | Germany | >> +---------------------------+ >> _______________________________________________ >> freebsd-stable@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >> > > > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >+---------------------------+ | Peter Ulrich Kruppa | | Wuppertal | | Germany | +---------------------------+ -- Deze email is gecontroleerd door CAIWAY Internet Virusvrij. Voor meer informatie, zie http://www.caiway.nl/
Oke.. are you using DHCP or static. I suppose you are using dhcp?? So i will
give you a example of my dhcpd.conf:
option domain-name "sam.intern";
option domain-name-servers 192.168.0.2, 192.168.0.1;
option subnet-mask 255.255.255.240;
option broadcast-address 192.168.0.15;
default-lease-time 600;
max-lease-time 7200;
authoritative;
ddns-update-style none;
log-facility local7;
Look at these "option domain-name-servers 192.168.0.2, 192.168.0.1;"
this are the dns-server my clients get when they ask for a dhcp-lease. You
should check if your dns-servers has something like:
forwarders {
195.62.99.42; 195.62.97.177;
};
If i'm not right. Give us some more information about your setup.. i'm
just guessing around now..
greets,
Samuel Trommel
Van: Peter Ulrich Kruppa [mailto:root@pukruppa.de]
Verzonden: dinsdag 26 oktober 2004 17:20
Aan: Samuel Trommel
CC: Samuel Trommel; freebsd-stable@freebsd.org
Onderwerp: RE: ppp -nat broken???
On Tue, 26 Oct 2004, Samuel Trommel wrote:
> Hello Peter,
>
> Oke, if you are using windows clients show me ipconfig /all.
Windows-IP-Konfiguration
Hostname : tiny
Prim?res DNS-Suffix :
Knotentyp : Hybrid
IP-Routing aktiviert : Nein
WINS-Proxy aktiviert : Nein
Ethernetadapter LAN-Verbindung
Verbindungsspezifisches DNS-Suffix :
Beschreibung : 00-80-88-03-C4-
3A
DHCP aktiviert : Nein
IP-Adresse : 192.168.10.4
Subnetzmaske : 255.255.255.0
Standardgateway : 192.168.10.1
DNS-Server : 192.168.10.1
prim?rer WINS-Server : 192.168.10.1
> And in the case of linux/unix /etc/resolv.conf.
nameserver 192.168.10.1
>
> So if you don't using named(!?:) turn it off?
Doesn't work either.
> Samuel Trommel
>
> -----Oorspronkelijk bericht-----
> Van: Peter Ulrich Kruppa [mailto:root@pukruppa.de]
> Verzonden: dinsdag 26 oktober 2004 15:22
> Aan: Samuel Trommel
> CC: freebsd-stable@freebsd.org
> Onderwerp: Re: ppp -nat broken???
>
>
> On Tue, 26 Oct 2004, Samuel Trommel wrote:
>
>> Hello,
>>
>> It has something to do with your DNS. Do the following:
>>
>> - show us your /etc/resolv.conf
> domain pukruppa.de
> nameserver 195.62.99.42
> nameserver 195.62.97.177
>
>
>> - are you really sure named is configured correctly?
> No, until now I never had to configure anything there.
>
>
> Uli.
>
>> greets,
>>
>> Samuel Trommel
>>
>> <quote who="Peter Ulrich Kruppa">
>>>
>>> Hi!
>>>
>>> I wonder if userland ppp's nat option is broken or if I missed
>>> something new.
>>>
>>> I am using my freebsd (5.3-STABLE) machine as internet gateway.
>>> Everything works all-right from the gateway itself.
>>>> From my workstations I can ping any IP in the internet, but
>>> domain names won't be resolved ("unknown host").
>>>
>>> These are my rc.conf lines:
>>>
>>> kern_securelevel_enable="NO"
>>> inetd_enable="YES"
>>> gateway_enable="YES"
>>> named_enable="YES"
>>> ppp_enable="YES"
>>> ppp_mode="ddial"
>>> ppp_nat="YES"
>>> ppp_profile="my-profile"
>>>
>>>
>>> Thanks for any hints,
>>>
>>> Uli.
>>>
>>>
>>> +---------------------------+
>>> | Peter Ulrich Kruppa |
>>> | Wuppertal |
>>> | Germany |
>>> +---------------------------+
>>> _______________________________________________
>>> freebsd-stable@freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
>>> To unsubscribe, send any mail to
"freebsd-stable-unsubscribe@freebsd.org"
>>>
>>
>>
>>
>> _______________________________________________
>> freebsd-stable@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
>> To unsubscribe, send any mail to
"freebsd-stable-unsubscribe@freebsd.org"
>>
>
> +---------------------------+
> | Peter Ulrich Kruppa |
> | Wuppertal |
> | Germany |
> +---------------------------+
> --
> Deze email is gecontroleerd door CAIWAY Internet Virusvrij.
> Voor meer informatie, zie http://www.caiway.nl/
> _______________________________________________
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to
"freebsd-stable-unsubscribe@freebsd.org"
>
>
+---------------------------+
| Peter Ulrich Kruppa |
| Wuppertal |
| Germany |
+---------------------------+
--
Deze email is gecontroleerd door CAIWAY Internet Virusvrij.
Voor meer informatie, zie http://www.caiway.nl/
Just set named="NO" instead of "YES" reboot you server and(rc.conf). Change the DNS-Server of you clients in: Primary nameserver 195.62.99.42 Secundary nameserver 195.62.97.177 greets, Samuel Trommel -----Oorspronkelijk bericht----- Van: Peter Ulrich Kruppa [mailto:root@pukruppa.de] Verzonden: dinsdag 26 oktober 2004 17:55 Aan: Samuel Trommel CC: Samuel Trommel; freebsd-stable@freebsd.org Onderwerp: RE: ppp -nat broken??? On Tue, 26 Oct 2004, Samuel Trommel wrote:> Oke.. are you using DHCP or static.No, I am using static.> If i'm not right. Give us some more information about your > setup.. i'm just guessing around now..Really sorry about this, I set this up long ago and never thought about it again. Uli.> > greets, > > Samuel Trommel > > Van: Peter Ulrich Kruppa [mailto:root@pukruppa.de] > Verzonden: dinsdag 26 oktober 2004 17:20 > Aan: Samuel Trommel > CC: Samuel Trommel; freebsd-stable@freebsd.org > Onderwerp: RE: ppp -nat broken??? > > > On Tue, 26 Oct 2004, Samuel Trommel wrote: > >> Hello Peter, >> >> Oke, if you are using windows clients show me ipconfig /all. > Windows-IP-Konfiguration > > Hostname : tiny > Prim?res DNS-Suffix : > Knotentyp : Hybrid > IP-Routing aktiviert : Nein > WINS-Proxy aktiviert : Nein > > Ethernetadapter LAN-Verbindung > > Verbindungsspezifisches DNS-Suffix : > Beschreibung : 00-80-88-03-C4- > 3A > DHCP aktiviert : Nein > IP-Adresse : 192.168.10.4 > Subnetzmaske : 255.255.255.0 > Standardgateway : 192.168.10.1 > DNS-Server : 192.168.10.1 > prim?rer WINS-Server : 192.168.10.1 > > >> And in the case of linux/unix /etc/resolv.conf. > > nameserver 192.168.10.1 > >> >> So if you don't using named(!?:) turn it off? > Doesn't work either. > > > > > >> Samuel Trommel >> >> -----Oorspronkelijk bericht----- >> Van: Peter Ulrich Kruppa [mailto:root@pukruppa.de] >> Verzonden: dinsdag 26 oktober 2004 15:22 >> Aan: Samuel Trommel >> CC: freebsd-stable@freebsd.org >> Onderwerp: Re: ppp -nat broken??? >> >> >> On Tue, 26 Oct 2004, Samuel Trommel wrote: >> >>> Hello, >>> >>> It has something to do with your DNS. Do the following: >>> >>> - show us your /etc/resolv.conf >> domain pukruppa.de >> nameserver 195.62.99.42 >> nameserver 195.62.97.177 >> >> >>> - are you really sure named is configured correctly? >> No, until now I never had to configure anything there. >> >> >> Uli. >> >>> greets, >>> >>> Samuel Trommel >>> >>> <quote who="Peter Ulrich Kruppa"> >>>> >>>> Hi! >>>> >>>> I wonder if userland ppp's nat option is broken or if I missed >>>> something new. >>>> >>>> I am using my freebsd (5.3-STABLE) machine as internet gateway. >>>> Everything works all-right from the gateway itself. >>>>> From my workstations I can ping any IP in the internet, but >>>> domain names won't be resolved ("unknown host"). >>>> >>>> These are my rc.conf lines: >>>> >>>> kern_securelevel_enable="NO" >>>> inetd_enable="YES" >>>> gateway_enable="YES" >>>> named_enable="YES" >>>> ppp_enable="YES" >>>> ppp_mode="ddial" >>>> ppp_nat="YES" >>>> ppp_profile="my-profile" >>>> >>>> >>>> Thanks for any hints, >>>> >>>> Uli. >>>> >>>> >>>> +---------------------------+ >>>> | Peter Ulrich Kruppa | >>>> | Wuppertal | >>>> | Germany | >>>> +---------------------------+ >>>> _______________________________________________ >>>> freebsd-stable@freebsd.org mailing list >>>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >>>> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >>>> >>> >>> >>> >>> _______________________________________________ >>> freebsd-stable@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >>> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >>> >> >> +---------------------------+ >> | Peter Ulrich Kruppa | >> | Wuppertal | >> | Germany | >> +---------------------------+ >> -- >> Deze email is gecontroleerd door CAIWAY Internet Virusvrij. >> Voor meer informatie, zie http://www.caiway.nl/ >> _______________________________________________ >> freebsd-stable@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >> >> > > +---------------------------+ > | Peter Ulrich Kruppa | > | Wuppertal | > | Germany | > +---------------------------+ > -- > Deze email is gecontroleerd door CAIWAY Internet Virusvrij. > Voor meer informatie, zie http://www.caiway.nl/ > >+---------------------------+ | Peter Ulrich Kruppa | | Wuppertal | | Germany | +---------------------------+ -- Deze email is gecontroleerd door CAIWAY Internet Virusvrij. Voor meer informatie, zie http://www.caiway.nl/
And that is where dhcpd comes in to play:D Just setup a DHCP-server and you are done.. greets, Samuel Trommel -----Oorspronkelijk bericht----- Van: Peter Ulrich Kruppa [mailto:root@pukruppa.de] Verzonden: woensdag 27 oktober 2004 17:06 Aan: Samuel Trommel CC: Samuel Trommel; freebsd-stable@freebsd.org Onderwerp: RE: ppp -nat broken??? On Tue, 26 Oct 2004, Samuel Trommel wrote:> Just set named="NO" instead of "YES" reboot you server > and(rc.conf). Change the DNS-Server of you clients in: > > Primary nameserver 195.62.99.42 > Secundary nameserver 195.62.97.177Yes, that works, thank you so far, but ... I never had to do this before this way. I always simply set my gateway as name-server and I wonder what has changed the last week or so. Just imagine, I had to upgrade our school's gateway/proxy (which runs on 4.7) one day: I would have to run around and change 40x2 nameserver addresses. Uli.> > greets, > > Samuel Trommel > > -----Oorspronkelijk bericht----- > Van: Peter Ulrich Kruppa [mailto:root@pukruppa.de] > Verzonden: dinsdag 26 oktober 2004 17:55 > Aan: Samuel Trommel > CC: Samuel Trommel; freebsd-stable@freebsd.org > Onderwerp: RE: ppp -nat broken??? > > > On Tue, 26 Oct 2004, Samuel Trommel wrote: > >> Oke.. are you using DHCP or static. > No, I am using static. > >> If i'm not right. Give us some more information about your >> setup.. i'm just guessing around now.. > > Really sorry about this, I set this up long ago and never thought > about it again. > > Uli. > >> >> greets, >> >> Samuel Trommel >> >> Van: Peter Ulrich Kruppa [mailto:root@pukruppa.de] >> Verzonden: dinsdag 26 oktober 2004 17:20 >> Aan: Samuel Trommel >> CC: Samuel Trommel; freebsd-stable@freebsd.org >> Onderwerp: RE: ppp -nat broken??? >> >> >> On Tue, 26 Oct 2004, Samuel Trommel wrote: >> >>> Hello Peter, >>> >>> Oke, if you are using windows clients show me ipconfig /all. >> Windows-IP-Konfiguration >> >> Hostname : tiny >> Prim?res DNS-Suffix : >> Knotentyp : Hybrid >> IP-Routing aktiviert : Nein >> WINS-Proxy aktiviert : Nein >> >> Ethernetadapter LAN-Verbindung >> >> Verbindungsspezifisches DNS-Suffix : >> Beschreibung : 00-80-88-03-C4- >> 3A >> DHCP aktiviert : Nein >> IP-Adresse : 192.168.10.4 >> Subnetzmaske : 255.255.255.0 >> Standardgateway : 192.168.10.1 >> DNS-Server : 192.168.10.1 >> prim?rer WINS-Server : 192.168.10.1 >> >> >>> And in the case of linux/unix /etc/resolv.conf. >> >> nameserver 192.168.10.1 >> >>> >>> So if you don't using named(!?:) turn it off? >> Doesn't work either. >> >> >> >> >> >>> Samuel Trommel >>> >>> -----Oorspronkelijk bericht----- >>> Van: Peter Ulrich Kruppa [mailto:root@pukruppa.de] >>> Verzonden: dinsdag 26 oktober 2004 15:22 >>> Aan: Samuel Trommel >>> CC: freebsd-stable@freebsd.org >>> Onderwerp: Re: ppp -nat broken??? >>> >>> >>> On Tue, 26 Oct 2004, Samuel Trommel wrote: >>> >>>> Hello, >>>> >>>> It has something to do with your DNS. Do the following: >>>> >>>> - show us your /etc/resolv.conf >>> domain pukruppa.de >>> nameserver 195.62.99.42 >>> nameserver 195.62.97.177 >>> >>> >>>> - are you really sure named is configured correctly? >>> No, until now I never had to configure anything there. >>> >>> >>> Uli. >>> >>>> greets, >>>> >>>> Samuel Trommel >>>> >>>> <quote who="Peter Ulrich Kruppa"> >>>>> >>>>> Hi! >>>>> >>>>> I wonder if userland ppp's nat option is broken or if I missed >>>>> something new. >>>>> >>>>> I am using my freebsd (5.3-STABLE) machine as internet gateway. >>>>> Everything works all-right from the gateway itself. >>>>>> From my workstations I can ping any IP in the internet, but >>>>> domain names won't be resolved ("unknown host"). >>>>> >>>>> These are my rc.conf lines: >>>>> >>>>> kern_securelevel_enable="NO" >>>>> inetd_enable="YES" >>>>> gateway_enable="YES" >>>>> named_enable="YES" >>>>> ppp_enable="YES" >>>>> ppp_mode="ddial" >>>>> ppp_nat="YES" >>>>> ppp_profile="my-profile" >>>>> >>>>> >>>>> Thanks for any hints, >>>>> >>>>> Uli. >>>>> >>>>> >>>>> +---------------------------+ >>>>> | Peter Ulrich Kruppa | >>>>> | Wuppertal | >>>>> | Germany | >>>>> +---------------------------+ >>>>> _______________________________________________ >>>>> freebsd-stable@freebsd.org mailing list >>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >>>>> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >>>>> >>>> >>>> >>>> >>>> _______________________________________________ >>>> freebsd-stable@freebsd.org mailing list >>>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >>>> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >>>> >>> >>> +---------------------------+ >>> | Peter Ulrich Kruppa | >>> | Wuppertal | >>> | Germany | >>> +---------------------------+ >>> -- >>> Deze email is gecontroleerd door CAIWAY Internet Virusvrij. >>> Voor meer informatie, zie http://www.caiway.nl/ >>> _______________________________________________ >>> freebsd-stable@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >>> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >>> >>> >> >> +---------------------------+ >> | Peter Ulrich Kruppa | >> | Wuppertal | >> | Germany | >> +---------------------------+ >> -- >> Deze email is gecontroleerd door CAIWAY Internet Virusvrij. >> Voor meer informatie, zie http://www.caiway.nl/ >> >> > > +---------------------------+ > | Peter Ulrich Kruppa | > | Wuppertal | > | Germany | > +---------------------------+ > -- > Deze email is gecontroleerd door CAIWAY Internet Virusvrij. > Voor meer informatie, zie http://www.caiway.nl/ > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > >+---------------------------+ | Peter Ulrich Kruppa | | Wuppertal | | Germany | +---------------------------+ -- Deze email is gecontroleerd door CAIWAY Internet Virusvrij. Voor meer informatie, zie http://www.caiway.nl/
On Tue, 26 Oct 2004, Peter Ulrich Kruppa wrote:> I wonder if userland ppp's nat option is broken or if I missed > something new.First of all: My humble apologies to everybody for setting you on the wrong track. Indeed -nat works all-right. My problems were caused by recent changes of named and BIND. Big thanks for all hints which helped me to analyze this. For details look further down.> I am using my freebsd (5.3-STABLE) machine as internet gateway. > Everything works all-right from the gateway itself. From my > workstations I can ping any IP in the internet, but domain > names won't be resolved ("unknown host"). > > These are my rc.conf lines: > > kern_securelevel_enable="NO" > inetd_enable="YES" > gateway_enable="YES" > named_enable="YES" > ppp_enable="YES" > ppp_mode="ddial" > ppp_nat="YES" > ppp_profile="my-profile"This configuration starts named as a local nameserver. I never had to do anything else. This stopped working "out of the box" some time ago. From /usr/src/UPDATING (20040928, 20040925) I learn that named and BIND have changed. I did the respective changes and edited two entries in /var/named/etc/named/named.conf 1) I commented listen-on {127.0.0.1;}; 2) I put my two nameserver IPs (from /etc/resolv.conf) into forwarders { 195.62.99.42; 195.62.97.177; }; After restarting named everything worked as before: my clients accept my gateway's IP as gateway *and* nameserver. Thanks and regards, Uli. +---------------------------+ | Peter Ulrich Kruppa | | Wuppertal | | Germany | +---------------------------+