Search results for "dnsmasq" - users

Re: IPV6 stuck on, F11

by Jim

On 07/21/2009 12:29 PM, Bruno Wolff III wrote: > On Tue, Jul 21, 2009 at 10:28:46 +0200, > Bill Murray<william.john.murray(a)gmail.com> wrote: > >> Ideas anyone please? >> > Are you using x86_64 with just the i586 version of nss-mdns installed? > If so install the x64_64 version and that will likely fix your problem. > > I had the IPV6 on installs for FC10, FC11 and here is what I did to fix the problem. 1. Q: Networking (or DNS) seems really slow and fails often (Updated 2 January 2009) A: If Fedora 10's networking seems slow or you get frequent network connection failures (when other Fedoras or other OSes were working just fine on your machine), then you're probably hitting this bug. Here's how you can work around it: 1. Open a Terminal. 2. Become root: su - 3. Make sure that the "dnsmasq" program is installed (it usually is, by default, in Fedora 10): rpm -q dnsmasq If that says "package dnsmasq is not installed", then you need to install dnsmasq, by running the following command: yum install dnsmasq 4. Now, you have to find out which network interface your machine is using: route -n You'll see some output that looks like this: Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0 The eth0 there (the furthest bottom-right text in the output) is the name of the network interface I'm using. Yours might be eth1 or something totally different. Just remember it for the next step. 5. Now create a file called /etc/dhclient-<your network interface>.conf. For example, if your network interface is eth0, the file would be called /etc/dhclient-eth0.conf. You can create the file with this command (assuming your network interface is eth0): nano /etc/dhclient-eth0.conf Then make this the only line in the file: prepend domain-name-servers 127.0.0.1; And then save the file and close it (Ctrl-X then Y). If you have both a wireless and a wired network connection, you will have to do this step once for each of them. 6. Now start dnsmasq: service dnsmasq start And make sure that it will start every time your computer starts: chkconfig dnsmasq on 7. Now restart your network connection: service NetworkManager restart And now things should be as fast as normal again. You might have to restart the programs that you're running for them to pick up the changes that NetworkManager made when it restarted. 2. * IPv6 You might notice that your browsing through Firefox is a little slow on Fedora 10. This is because Firefox 3 has enabled by default IPv6 which causes Firefox to first resolve an IPv6 address and after the connection fails it switches to IPv4. To change this setting type: about:config and in Filter box type: network.dns.disableIPv6 Right click on it, select Toggle and change its value to true. Restart Firefox and you are ready!

14 years, 10 months

Can't resolv in NEW FC11 Install

by Jim

Having problems resolving rpmfusion.org in FC11, NEW INSTALL. rpmfusion-free-release-11-1.noarch rpmfusion-nonfree-release-11-1.noarch , rpm's are installed, but yum update is having problems of resolving rpmfusion.org Firefox couldn't resolve rpmfusion.org until I disabled IPV6 I'm sure that it is IPV6 problem, Firefox has IPV6 Disabled and it can resolve http://download1.rpmfusion.org/free/fedora/releases/11/Everything/i386/os... But if I feed it a command from terminal like below, it can't resolve the rpmfusion site. [root@dorsett Larry]# rpm -ivh http://download1.rpmfusion.org/free/fedora/releases/11/Everything/i386/os... Retrieving http://download1.rpmfusion.org/free/fedora/releases/11/Everything/i386/os... curl: (6) Couldn't resolve host 'download1.rpmfusion.org' error: skipping http://download1.rpmfusion.org/free/fedora/releases/11/Everything/i386/os... - transfer failed I made a text file in /etc/dhclient-eth0.conf and added the below line prepend domain-name-servers 127.0.0.1; And check Services and dnsmasq is running. This is the same procedure I followed in the last 12 FC11 Installs and had no troubles in resolving rpmfusion.org. /etc/resolv.conf is setup as gateway is nameserver and Firefox has no problems of Surfing the web.

14 years, 10 months

Re: F11 libvirt / KVM (or virt-manager) iptables firewall setup

by Ian Pilcher

Patrick Mansfield wrote: > How do I modify the libvirt iptables/firewall setup? My personal preference is to simply delete any symlinks under /etc/libvirt/qemu/networks/autostart. You will have to set up all of your virtual networks (/etc/sysconfig/network-scripts/ifcfg-... files), firewall rules, and dnsmasq configuration manually. -- ======================================================================== Ian Pilcher arequipeno(a)gmail.com ========================================================================

14 years, 11 months

Re: OT - Success! - The new Palm Pre, Google Calendar and Kontact

by Christopher A Williams

On Wed, 2009-06-17 at 13:15 -0430, Patrick O'Callaghan wrote: > >> But on this point I must agree: The Pre absolutely does > >> rock!!! Based on > >> having used mine for just a few days now, I can confidently > >> say that > >> Apple and the iPhone have some serious, formidable competition > >> on their > >> hands - including the new iPhone 3Gs. > >> > >> Not while it's only available for CDMA networks. > > > > That's a matter of opinion and taste as opposed to fact. > > > > http://www.hardwaresecrets.com/article/151 > > Well, no. The pros and cons of GSM vs CDMA as *technologies* are largely > irrelevant in this discussion. The fact is that that most of the world > uses GSM and only a GSM phone is of interest to it. The same applies to > those Americans who want to use their phone while travelling abroad. The > Palm Pre will become competitive in these markets only when a GSM > version is released. I hope it's soon as the phone itself looks gorgeous. Umm... If you actually read the article, you would know that it specifically states the technology is not the issue, but market is, and that even here the "war" is likely to continue ad-infinitum. If I were living outside the USA, I might tend to think the way you are too. But actually, I *am* one of those Americans who uses their phone while traveling abroad. I'm based in the USA and travel internationally (mostly Western Europe right now) on a regular basis, and I have a different perspective than you might realize. I will use GSM when I have no other alternative - which actually is surprisingly less than I thought. Also, international roaming rates being what they are, I can vouch for that most people's preference is to try to use a locally based mobile phone, so the network compatibility issue is even smaller - regardless of preference. I've personally paid some of those international roaming charges. It's not a pretty sight... CDMA is also growing in several places outside of the USA, and we're not planning to replace that infrastructure in the USA anytime soon. The GSM tide here seems to be shrinking more than growing. But all of that said, I would be shocked if we don't see a GSM version of the Pre by early next year when AT&T and Verizon are supposed to pick it up. Other Topic: > "Most of the pundits" live in a huge echo chamber so they reinforce each > other a lot (e.g. they think Linux is only for geeks). The article I'm > talking about is > http://arstechnica.com/gadgets/news/2009/06/ars-reviews-the-palm-pre-part... Well, I would say that depends on which pundits you are talking about. Since I am entering the world of "Punditry" myself for my employer (hosting an Information Week webinar next month - online interview and white paper on virtualization this month), I sincerely hope not to just be echoing everyone else. ...At least, I don't think Linux is just for geeks. I've got both my parents and several non-geek friends using F10 and F11 right now. :) The article is an interesting read though. I like the comments best. Especially the one: The entire Pre WebOS is pretty much just a set of proprietary applications running on a pretty standard Linux distro... Alsa, Pulseaudio, Gstreamer, Upstart, GNU C, Busybox, Apache Harmony, dnsmasq, DBus, Webkit, etc etc. Its basically what you get when you take people good at usability and you give them a Arm-based Linux distro. Pretty neat stuff, actually. But I also would agree with the one who wrote: This review sure did not start off well. The iPhone does a lot more things extremely well than media. The Palm Pre is very obviously targeted at consumers not the Blackberry world at all. I guess its one way to look original and get pageviews though. Then again, this comment underscores my original point... -- ==================================================== "Patriotism is when love of your own people comes first; nationalism, when hate for people other than your own comes first." --Charles de Gaulle

14 years, 11 months

Re: Question(s) default firewall in Fedora

by Arthur Pemberton

On Tue, Apr 21, 2009 at 9:17 PM, Antonio Olivares <olivares14031(a)yahoo.com> wrote: > > Dear fellow Fedora users, > > According to some users, Fedora has a default firewall that adds basic protection. There is no service "firewall", but some users have pointed out that iptables takes care of this. > > [root@localhost ~]# service iptables status > Table: filter > Chain INPUT (policy ACCEPT) > num target prot opt source destination > 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED > 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 > 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 > 4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 > 5 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited > > Chain FORWARD (policy ACCEPT) > num target prot opt source destination > 1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited > > Chain OUTPUT (policy ACCEPT) > num target prot opt source destination > > [root@localhost ~]# > > services running at boot using chkconfig > > [root@localhost ~]# chkconfig --list > NetworkManager 0:off 1:off 2:on 3:on 4:on 5:on 6:off > acpid 0:off 1:off 2:on 3:on 4:on 5:on 6:off > akmods 0:off 1:off 2:on 3:on 4:on 5:on 6:off > anacron 0:off 1:off 2:on 3:off 4:on 5:on 6:off > atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off > auditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off > avahi-daemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off > bluetooth 0:off 1:off 2:off 3:on 4:on 5:on 6:off > btseed 0:off 1:off 2:off 3:off 4:off 5:off 6:off > bttrack 0:off 1:off 2:off 3:off 4:off 5:off 6:off > capi 0:off 1:off 2:off 3:off 4:off 5:off 6:off > cpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off > crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off > cups 0:off 1:off 2:on 3:on 4:on 5:on 6:off > dnsmasq 0:off 1:off 2:off 3:off 4:off 5:off 6:off > firstboot 0:off 1:off 2:off 3:off 4:off 5:off 6:off > gpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off > haldaemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off > httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off > iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off > irda 0:off 1:off 2:off 3:off 4:off 5:off 6:off > irqbalance 0:off 1:off 2:off 3:on 4:on 5:on 6:off > isdn 0:off 1:off 2:on 3:on 4:on 5:on 6:off > kerneloops 0:off 1:off 2:off 3:on 4:on 5:on 6:off > lm_sensors 0:off 1:off 2:off 3:off 4:off 5:off 6:off > mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off > messagebus 0:off 1:off 2:on 3:on 4:on 5:on 6:off > microcode_ctl 0:off 1:off 2:on 3:on 4:on 5:on 6:off > multipathd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > mysqld 0:off 1:off 2:off 3:off 4:off 5:off 6:off > netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off > netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off > netplugd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > network 0:off 1:off 2:off 3:off 4:off 5:off 6:off > nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off > nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off > nscd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > ntpdate 0:off 1:off 2:off 3:off 4:off 5:off 6:off > nvidia 0:off 1:off 2:on 3:on 4:on 5:on 6:off > pcscd 0:off 1:off 2:on 3:on 4:on 5:on 6:off > portreserve 0:off 1:off 2:on 3:on 4:on 5:on 6:off > psacct 0:off 1:off 2:off 3:off 4:off 5:off 6:off > rdisc 0:off 1:off 2:off 3:off 4:off 5:off 6:off > restorecond 0:off 1:off 2:off 3:off 4:off 5:off 6:off > rpcbind 0:off 1:off 2:on 3:on 4:on 5:on 6:off > rpcgssd 0:off 1:off 2:off 3:on 4:on 5:on 6:off > rpcidmapd 0:off 1:off 2:off 3:on 4:on 5:on 6:off > rpcsvcgssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off > saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off > setroubleshoot 0:off 1:off 2:off 3:on 4:on 5:on 6:off > slmodemd 0:off 1:off 2:on 3:on 4:on 5:on 6:off > smartd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > smolt 0:off 1:off 2:off 3:off 4:off 5:off 6:off > snmpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > snmptrapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off > udev-post 0:off 1:on 2:on 3:on 4:on 5:on 6:off > winbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off > wine 0:off 1:off 2:on 3:on 4:on 5:on 6:off > wpa_supplicant 0:off 1:off 2:off 3:off 4:off 5:off 6:off > ypbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off > > > Which traffic if any is allowed to come in to our computers if and when we do get on the internet? > > We can use system-config-??? to configure simple iptables to change stuff around and/or get webmin? > > I know that by default Fedora provides a good basic firewall, but are there any howto's/readme's as to how to learn more about Firewalls in Fedora. > > Thanks, > > Antonio You will want system-config-firewall (or system-config-secuirtylevel that used to be the name). I'm not sure how much i can tell you until you at least try that out. -- Fedora 9 : sulphur is good for the skin ( www.pembo13.com )

15 years

Question(s) default firewall in Fedora

by Antonio Olivares

Dear fellow Fedora users, According to some users, Fedora has a default firewall that adds basic protection. There is no service "firewall", but some users have pointed out that iptables takes care of this. [root@localhost ~]# service iptables status Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 5 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) num target prot opt source destination [root@localhost ~]# services running at boot using chkconfig [root@localhost ~]# chkconfig --list NetworkManager 0:off 1:off 2:on 3:on 4:on 5:on 6:off acpid 0:off 1:off 2:on 3:on 4:on 5:on 6:off akmods 0:off 1:off 2:on 3:on 4:on 5:on 6:off anacron 0:off 1:off 2:on 3:off 4:on 5:on 6:off atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off auditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off avahi-daemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off bluetooth 0:off 1:off 2:off 3:on 4:on 5:on 6:off btseed 0:off 1:off 2:off 3:off 4:off 5:off 6:off bttrack 0:off 1:off 2:off 3:off 4:off 5:off 6:off capi 0:off 1:off 2:off 3:off 4:off 5:off 6:off cpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off cups 0:off 1:off 2:on 3:on 4:on 5:on 6:off dnsmasq 0:off 1:off 2:off 3:off 4:off 5:off 6:off firstboot 0:off 1:off 2:off 3:off 4:off 5:off 6:off gpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off haldaemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off irda 0:off 1:off 2:off 3:off 4:off 5:off 6:off irqbalance 0:off 1:off 2:off 3:on 4:on 5:on 6:off isdn 0:off 1:off 2:on 3:on 4:on 5:on 6:off kerneloops 0:off 1:off 2:off 3:on 4:on 5:on 6:off lm_sensors 0:off 1:off 2:off 3:off 4:off 5:off 6:off mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off messagebus 0:off 1:off 2:on 3:on 4:on 5:on 6:off microcode_ctl 0:off 1:off 2:on 3:on 4:on 5:on 6:off multipathd 0:off 1:off 2:off 3:off 4:off 5:off 6:off mysqld 0:off 1:off 2:off 3:off 4:off 5:off 6:off netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off netplugd 0:off 1:off 2:off 3:off 4:off 5:off 6:off network 0:off 1:off 2:off 3:off 4:off 5:off 6:off nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off nscd 0:off 1:off 2:off 3:off 4:off 5:off 6:off ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off ntpdate 0:off 1:off 2:off 3:off 4:off 5:off 6:off nvidia 0:off 1:off 2:on 3:on 4:on 5:on 6:off pcscd 0:off 1:off 2:on 3:on 4:on 5:on 6:off portreserve 0:off 1:off 2:on 3:on 4:on 5:on 6:off psacct 0:off 1:off 2:off 3:off 4:off 5:off 6:off rdisc 0:off 1:off 2:off 3:off 4:off 5:off 6:off restorecond 0:off 1:off 2:off 3:off 4:off 5:off 6:off rpcbind 0:off 1:off 2:on 3:on 4:on 5:on 6:off rpcgssd 0:off 1:off 2:off 3:on 4:on 5:on 6:off rpcidmapd 0:off 1:off 2:off 3:on 4:on 5:on 6:off rpcsvcgssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off setroubleshoot 0:off 1:off 2:off 3:on 4:on 5:on 6:off slmodemd 0:off 1:off 2:on 3:on 4:on 5:on 6:off smartd 0:off 1:off 2:off 3:off 4:off 5:off 6:off smolt 0:off 1:off 2:off 3:off 4:off 5:off 6:off snmpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off snmptrapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off udev-post 0:off 1:on 2:on 3:on 4:on 5:on 6:off winbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off wine 0:off 1:off 2:on 3:on 4:on 5:on 6:off wpa_supplicant 0:off 1:off 2:off 3:off 4:off 5:off 6:off ypbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off Which traffic if any is allowed to come in to our computers if and when we do get on the internet? We can use system-config-??? to configure simple iptables to change stuff around and/or get webmin? I know that by default Fedora provides a good basic firewall, but are there any howto's/readme's as to how to learn more about Firewalls in Fedora. Thanks, Antonio

15 years

Re: dnsmasq configuration

by Simon Slater

On Fri, 2009-04-03 at 02:10 +1030, Tim wrote: > On Thu, 2009-04-02 at 17:37 +1100, Simon Slater wrote: > > netstat -antuevp > > > > Now this shows that dnsmasq is using 192.168.122.1:53 with tcp and > > udp. > > This is the link local address on a port for dns. Also udp on > > 0.0.0.0:67 which is one of the dhcp ports but for all networks? > > 0.0.0.0 means different things in different circumstances. In this > case, yes, it means it's listening to port 67 on any and all interfaces > that computer has alive. > > > Does dnsmasq need to use 192.168.122.1? > > No idea, though I'd be surprised if it did. What do you want it to use? > > For what it's worth, I don't use dnsmasq, I use the BIND DNS server, and > the ISC DHCP server (Fedora has packages for both), and integrate them > together. I know the processes for DNS and DHCP serving, but not the > specifics to making dnsmasq do them. > > > The first aim is to get dhcp going. Would 0.0.0.0:67 help or get in > > the way? > > In what way do you mean "0.0.0.0:67"? > > If you're setting up your modem/router to be just a modem, and let the > PC do the rest, then you want configure your DHCP server to only service > your LAN. You don't want it trying to assign addresses out to the ISP. > You should probably find how to configure it to only bind to the LAN > interface. > Thanks Tim, I went back to a fresh dnsmasq.conf (must have missed something amongst all the comments in the example file) with the bare basics, now with the correct references to interfaces and addresses, and dhcp worked straight away. Clients are connecting fine, printing is working, all good. I'll check out how well the dns and caching is working over the weekend. The initial thought was to use bind and ISC dhcp, but after reviewing old posts to this list, many advocated dnsmasq for small setups like this. Although their website says it can scale up to service a thousand or so boxes. So simplicity for now. -- Hooroo, Simon Registered Linux User #463789. Be counted at: http://counter.li.org/

15 years, 1 month

Re: dnsmasq configuration

by Tim

On Thu, 2009-04-02 at 17:37 +1100, Simon Slater wrote: > netstat -antuevp > > Now this shows that dnsmasq is using 192.168.122.1:53 with tcp and > udp. > This is the link local address on a port for dns. Also udp on > 0.0.0.0:67 which is one of the dhcp ports but for all networks? 0.0.0.0 means different things in different circumstances. In this case, yes, it means it's listening to port 67 on any and all interfaces that computer has alive. > Does dnsmasq need to use 192.168.122.1? No idea, though I'd be surprised if it did. What do you want it to use? For what it's worth, I don't use dnsmasq, I use the BIND DNS server, and the ISC DHCP server (Fedora has packages for both), and integrate them together. I know the processes for DNS and DHCP serving, but not the specifics to making dnsmasq do them. > The first aim is to get dhcp going. Would 0.0.0.0:67 help or get in > the way? In what way do you mean "0.0.0.0:67"? If you're setting up your modem/router to be just a modem, and let the PC do the rest, then you want configure your DHCP server to only service your LAN. You don't want it trying to assign addresses out to the ISP. You should probably find how to configure it to only bind to the LAN interface. -- [tim@localhost ~]$ uname -r 2.6.27.19-78.2.30.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.

15 years, 1 month

Re: dnsmasq configuration

by Simon Slater

On Thu, 2009-04-02 at 15:51 +1030, Tim wrote: > On Thu, 2009-04-02 at 09:27 +1100, Simon Slater wrote: > > After a reboot I got the message: > > > > dnsmasq failed to bind DHCP server socket: address already in use. > > Which may be that something *else* is using it, or that dnsmasq is > starting up in a way that causes problems with itself. I've seen that > sort of thing when there's a network with IPv4 and IPv6 addressing in > use, and a service starts up. It listens to both, and while starting up > complains that the port's already in use while trying to listen to the > second interface (which is really the first, with the IPv6 type of > addresses, as well as IPv4). > > > In the startup sequence as it scrolls on the screen, dnsmasq is near > > the end, but is running: > > [root@dell ~]# service dnsmasq status > > dnsmasq (pid 2613) is running... > > > > So is the problem with the configuration or at startup? How > > do I find what is conflicting for the socket address? > > man netstat > > e.g. netstat -antuevp Thanks Tim, Now this shows that dnsmasq is using 192.168.122.1:53 with tcp and udp. This is the link local address on a port for dns. Also udp on 0.0.0.0:67 which is one of the dhcp ports but for all networks? Does dnsmasq need to use 192.168.122.1? The first aim is to get dhcp going. Would 0.0.0.0:67 help or get in the way? -- Regards, Simon Slater Registered Linux User #463789. Be counted at: http://counter.li.org/

15 years, 1 month

Re: Another basic networking question.

by Simon Slater

On Thu, 2009-04-02 at 15:48 +1030, Tim wrote: > On Thu, 2009-04-02 at 11:56 +1100, Simon Slater wrote: > > When a firewall computer has 2 nics, they should be on separate > > subnets? Yes? > > That depends on how you want to use them. If the computer sits > *between* two networks, then yes. > Ok, go that. > > When an ISP dynamically assigns an ip address, is it associated with > > the dsl router, eth0 where it plugs in, or the ppp0 device that does the > > communicating? > > That depends on how you're using the modem/router. If you're using it > just as a modem, it's the computer network interface that gets assigned > the internet address, and the computer does the authentication (if any). > If you're using it as a router, the router's WAN interface deals with > the ISP. > This explains some of the inconsistencies that I've been seeing. So I'll settle on using it just as a modem and the computer for connecting until I finish tweaking the rest of the setup. > > So if eth1 goes to a lan and has its ip address configured in its > > ifcfg-eth1 and similarly eth0 on the wan side is configured to get its > > address from dhcp, is it the ISP's dhcp server that it needs to get the > > address from or the local dhcp server? > > The ISP's DHCP server doesn't *get* anything from you, it gives you > addresses that it wants you to use. > > > With respect to the ip address for configuration of the dsl router > > (defaults to 192.168.1.1 for this Linksys AG300), which subnet should it > > be on, the lan side or wan? > > That's a badly formulated question that's hard to understand. The fog of my confusion clouded my typing as well as my thinking. > But, > 192.168.1.1 is a private address range, it should only be used on LANs. > However, some cheapskate ISPs, which don't have enough public IPs give > all their customers private IP addresses, and they do NAT between the > internet and their customers. > I'll try again now I understand a bit more. To configure the Linksys AG300, which is physically connected to eth0, I point a browser to 192.168.1.1 (by default, but this can be changed) and configure whatever I need to. When I use the computer to connect to the ISP via the same eth0 and the ISP assigns me (at the moment) 210.84.25.73. Does this mean that I cannot configure the router because the ip's are now on different subnets? Then again, if used just as a modem, no real configuration is needed? > > Slightly more advanced: What are the pros and cons of using an ifup > > ppp0 command from the firewall computer to connect with the ISP versus > > connecting from within the dsl router itself? > > If the computer is directly connected, it has to do all the firewalling, > and sharing the internet with other computers. If you have a router in > between, it handles all the networking, and you don't have to have any > particular computers on to use the network. > I do want this computer to most of the work. Thanks a lot Tim, this is just the type of clarification I needed. Understanding this better is helping me get a handle on what is wrong in other areas, like my dnsmasq configuration, which I think stems from these issues. -- Regards, Simon Slater Registered Linux User #463789. Be counted at: http://counter.li.org/

15 years, 1 month

users search results for query "dnsmasq"