Re: local DNS server
by Neil Cherry
Mikkel L. Ellertson wrote:
> Dotan Cohen wrote:
>> I've heard that one could run a local DNS server to speed up internet
>> access. Does this have a real-world advantage for a home user?
> Where running a local name server really helps is if you have more
> then one machine on the local network, and they are all configured
> to use the same local name server. Chances are, there are going to
> be a fair number of sites that are used by more then one computer.
Bingo, this is what I have setup. I'm currently using tinydns and
dnscache. I have many devices and I can't remember the IP addresses
of them all. So I put in the local DNS and manually administer it
and DHCP. There is another DNS program that you can use (not BIND)
that's supposed to be for this kind of situation (dnsmasq). I
haven't taken the time to investigate that setup but I eventually
will.
PS, yes I have enough IP devices to justify the dns.
--
Linux Home Automation Neil Cherry ncherry(a)linuxha.com
http://www.linuxha.com/ Main site
http://linuxha.blogspot.com/ My HA Blog
http://home.comcast.net/~ncherry/ Backup site
17 years, 5 months
Mail flow problem
by Steven P. Ulrick
Hello, Everyone
My problem is that the test mailing list that I am experimenting with
will not send email to anyone who does not have an afolkey2.net email
address. For clarification, I can send email from steve(a)afolkey2.net to
elizabethulrick(a)hotmail.com and it arrives perfectly. But if I send
email from elizabeth2(a)afolkey2.net to elizabethulrick(a)hotmail.com, it
bombs with the error quoted later in this email.
Before I contacted you with this, I gave this information in Mailman's
FAQ a shot:
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq03.014.htp
I came the closest to fixing this with the following section from the
above FAQ:
7) Logs.
If you don't have any of the common problems above,
then you should look for errors in your log files.
First look for errors in your MTA log files. On Red Hat that
would be in /var/log/maillog.
I ran grep hotmail /var/maillog and I found items like the following:
Jun 4 04:20:52 afolkey2 sendmail[13654]: k549KqM3013654:
ruleset=check_rcpt, arg1=<ulricksteven(a)hotmail.com>,
relay=[192.168.1.1], reject=550 5.7.1 <ulricksteven(a)hotmail.com>...
Relaying denied. IP name lookup failed [192.168.1.1] Jun 4 04:23:41
afolkey2 sendmail[23876]: k549NfSJ023876: ruleset=check_rcpt,
arg1=<ulricksteven(a)hotmail.com>, relay=[192.168.1.1], reject=550 5.7.1
<ulricksteven(a)hotmail.com>... Relaying denied. IP name lookup failed
[192.168.1.1] Jun 4 04:23:53 afolkey2 sendmail[24877]: k549Npwr024832:
to=<elizabethulrick(a)hotmail.com>, ctladdr=<steve(a)afolkey2.net>
(500/500), delay=00:00:02, xdelay=00:00:01, mailer=esmtp, pri=91658,
relay=mx2.hotmail.com. [65.54.244.40], dsn=2.0.0, stat=Sent
( <20060604042351.732d8bbd(a)afolkey2.net> Queued mail for delivery) Jun
4 04:23:54 afolkey2 sendmail[25081]: k549NsSQ025081:
ruleset=check_rcpt, arg1=<ulricksteven(a)hotmail.com>,
relay=[192.168.1.1], reject=550 5.7.1 <ulricksteven(a)hotmail.com>...
Relaying denied. IP name lookup failed [192.168.1.1]
It's obvious (I think) that delivery failed because the server that I'm
sending to could not look up my "IP name" Further than that, I am
stumped as how to fix this.
My IP address settings are configured to be gotten by dhcp (I am
actually running "dnsmasq" instead of dhcpd itself. With dhcpd, the
internet slowed to a relative crawl.)
Before my recent reinstallation of Fedora Core 5, all of this worked
perfectly. (except for dnsmasq, which I needed to start using since
this last reinstall.)
mailman-2.1.8-0.FC5.1 is the version of Mailman that I am running.
It was installed by RPM when I installed FC5.
And, my MTA is sendmail.
As always, if you need further information, I will gladly provide it.
Also, if you can give me a link in your FAQ that will fix this, that's
cool too.
To clarify, I am running the Mailman that comes with Fedora Core 5.
Thank you,
Steven P. Ulrick
--
04:25:56 up 1:09, 7 users, load average: 3.32, 2.22, 1.53
--
04:50:43 up 1:34, 9 users, load average: 1.05, 1.01, 1.25
17 years, 11 months
Re: can named listen to other port not 53 / some dnsmasq question.
by Justin Willmert
M E Fieu wrote:
> Hi.. how to make named listening on port 53 of eth0:1
>
> and how to make named listening to on a non-standard localnet address like 127.0.0.2
>
>
> --- Paul Howarth <paul(a)city-fan.org> wrote:
>
>
>> M E Fieu wrote:
>>
>>> Hi..
>>>
>>> Question 1
>>> how to make the DNS Bind Name listen to other port e.g 54 instead of port 53 ??
>>>
>>> Question 2
>>> Any one used DNSmasq before? DNSmasq can query the named DNS server and if the record is not
>>> found, it will query the public DNS server that listed in resolv.conf
>>>
>>> But DNSmasq can't use the same port as the local named server, I want to set the named DNS
>>>
>> server
>>
>>> to listen to port 54 so I need to configure the DNSmasq to query via port 54 to named right?
>>>
>> Does
>>
>>> anyone know how to do it?
>>>
>> It might be easier to use an alias address rather than a different port.
>> So you could have DNSmasq listening on port 53 of eth0 and named
>> listening on port 53 of eth0:1. You might even be able to do it without
>> aliases by getting named to listen on a non-standard localnet address
>> like 127.0.0.2
>>
>> Paul.
>>
>> --
>> fedora-list mailing list
>> fedora-list(a)redhat.com
>> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>>
>>
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
>
OK, I'm not sure if this has been mentioned before because I haven't
been following the thread, but I don't see the benefit of DNSmasq from
the short description you gave. If it is to just get public DNS entries
back into you server, using the forwarders directive in named.conf would
probably be easier.
This is what the beginning of my named.conf looks like:
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
listen-on { 192.168.1.1; };
forwarders { 208.146.95.3; }; <-- Insert an
external DNS server here.
};
...
In my fowarding section, I use the IP address of my ISP's DNS server
(though this one is spoofed).
You may have more reasons for using DNSmasq (I don't know anything about
the program), but if you just want to get external DNS entries, I'd
suggest just doing this because it's one less program that needs to be
configured and maintained.
Hope this helps you,
Justin Willmert
18 years
Re: can named listen to other port not 53 / some dnsmasq question.
by Paul Howarth
On Tue, 2006-05-16 at 22:55 -0700, M E Fieu wrote:
> Hi.. how to make named listening on port 53 of eth0:1
>
> and how to make named listening to on a non-standard localnet address like 127.0.0.2
In the "options" clause of /etc/named.conf, add:
listen-on { ip.addr.1; ip.addr.2; };
where ip.addr.1 and ip.addr.2 are the addresses you want named to listen
on. You can use as many as you like. So to listen on just 127.0.0.2,
you'd have:
options {
...
... other options
...
listen-on { 127.0.0.2; };
};
Paul.
18 years
Re: can named listen to other port not 53 / some dnsmasq question.
by M E Fieu
Hi.. how to make named listening on port 53 of eth0:1
and how to make named listening to on a non-standard localnet address like 127.0.0.2
--- Paul Howarth <paul(a)city-fan.org> wrote:
> M E Fieu wrote:
> > Hi..
> >
> > Question 1
> > how to make the DNS Bind Name listen to other port e.g 54 instead of port 53 ??
> >
> > Question 2
> > Any one used DNSmasq before? DNSmasq can query the named DNS server and if the record is not
> > found, it will query the public DNS server that listed in resolv.conf
> >
> > But DNSmasq can't use the same port as the local named server, I want to set the named DNS
> server
> > to listen to port 54 so I need to configure the DNSmasq to query via port 54 to named right?
> Does
> > anyone know how to do it?
>
> It might be easier to use an alias address rather than a different port.
> So you could have DNSmasq listening on port 53 of eth0 and named
> listening on port 53 of eth0:1. You might even be able to do it without
> aliases by getting named to listen on a non-standard localnet address
> like 127.0.0.2
>
> Paul.
>
> --
> fedora-list mailing list
> fedora-list(a)redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
18 years
Re: can named listen to other port not 53 / some dnsmasq question.
by Tim
On Tue, 2006-05-16 at 09:48 -0500, Mikkel L. Ellertson wrote:
> The only time I can think of when you might want to run both is if you
> want one name server for the local network, and one that is accessable
> from the Internet. If the machine has separate interfaces, you can
> tell each program what interface to use.
You don't even have to run two DNS servers for that occasion. For
instance, you can configure BIND to reply differently to internet
queries than local queries. So for those running their own DNS and web
servers, internet queries for the webserver's IP get the internet IP
address, and local queries get the local IP address.
--
(Currently running FC4, in case that's important to the thread)
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.
18 years
Re: can named listen to other port not 53 / some dnsmasq question.
by Mikkel
M E Fieu wrote:
> Hi..
>
> Question 1
> how to make the DNS Bind Name listen to other port e.g 54 instead of port 53 ??
>
> Question 2
> Any one used DNSmasq before? DNSmasq can query the named DNS server and if the record is not
> found, it will query the public DNS server that listed in resolv.conf
>
> But DNSmasq can't use the same port as the local named server, I want to set the named DNS server
> to listen to port 54 so I need to configure the DNSmasq to query via port 54 to named right? Does
> anyone know how to do it?
>
It might be better if you told us what you are trying to do here.
Normaly, you do not run another name server along with DNSmasq. The
way I have set up DNSmasq in the past is to have it be the name
server for the local network. If the query is for a machine on the
local network, or one in its cache that has not expired, it handles
it directly. If not, it passes the query to the upstream name
servers it is configured to use. For dialup, you can configure the
PPP connection not to update /etc/resolv.conf, only
/etc/ppp/resolv.conf and have DNSmasq watch that file for changes.
It will then use your ISP's name servers when you connect. I am sure
you could do the same type of thing for a DHCP connection, so that
it does not overwrite /etc/resolv.conf (PEERDNS=no), but updates
another file that DNSmasq watches instead. Or you can configure
DNSmasq to use specific name servers.
On the other hand, if you need a name server with features that
DNSmasq does not support, then you probably do not need DNSmasq
running as well. You can just configure a local zone for your local
network in Bind. The only time I can think of when you might want to
run both is if you want one name server for the local network, and
one that is accessable from the Internet. If the machine has
separate interfaces, you can tell each program what interface to
use. About the only time you would want to change the port would be
if you are using a firewall to forward DNS queries from the INternet
to a machine inside the firewall. In that case you would want to use
a different port for BIND. But you are probably not going to want
DNSmasq to query that name server as its upstream name server.
One other thing to keep in mind - programs running on the local
machine will use the name server pointed to by /etc/resolv.conf,
even if you have a name server running on the local machine.
Mikkel
--
Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!
18 years
Re: can named listen to other port not 53 / some dnsmasq question.
by Tim
On Tue, 2006-05-16 at 04:24 -0700, M E Fieu wrote:
> how to make the DNS Bind Name listen to other port e.g 54 instead of
> port 53 ??
According to "man named.conf" you can set what port it listens to
(search through it for listen-to). I've not tried it, so you'll have to
experiment.
--
(Currently running FC4, in case that's important to the thread)
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.
18 years
Re: can named listen to other port not 53 / some dnsmasq question.
by Paul Howarth
M E Fieu wrote:
> Hi..
>
> Question 1
> how to make the DNS Bind Name listen to other port e.g 54 instead of port 53 ??
>
> Question 2
> Any one used DNSmasq before? DNSmasq can query the named DNS server and if the record is not
> found, it will query the public DNS server that listed in resolv.conf
>
> But DNSmasq can't use the same port as the local named server, I want to set the named DNS server
> to listen to port 54 so I need to configure the DNSmasq to query via port 54 to named right? Does
> anyone know how to do it?
It might be easier to use an alias address rather than a different port.
So you could have DNSmasq listening on port 53 of eth0 and named
listening on port 53 of eth0:1. You might even be able to do it without
aliases by getting named to listen on a non-standard localnet address
like 127.0.0.2
Paul.
18 years
can named listen to other port not 53 / some dnsmasq question.
by M E Fieu
Hi..
Question 1
how to make the DNS Bind Name listen to other port e.g 54 instead of port 53 ??
Question 2
Any one used DNSmasq before? DNSmasq can query the named DNS server and if the record is not
found, it will query the public DNS server that listed in resolv.conf
But DNSmasq can't use the same port as the local named server, I want to set the named DNS server
to listen to port 54 so I need to configure the DNSmasq to query via port 54 to named right? Does
anyone know how to do it?
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
18 years