[73521] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

DNS

daemon@ATHENA.MIT.EDU (Paul Gilbert)
Fri Aug 27 08:49:48 2004

Date: Fri, 27 Aug 2004 08:48:50 -0400
From: Paul Gilbert <paul@routermanagement.com>
To: nanog@merit.edu
Reply-To: paul@routermanagement.com
Errors-To: owner-nanog-outgoing@merit.edu


This is a multi-part message in MIME format.

--Boundary_(ID_IRK3YEwe7NeGwB28qr757A)
Content-type: text/plain; charset=us-ascii
Content-transfer-encoding: 7BIT

I have a friend whom has a problem with we believe DNS.  In this case the
ISP is NTL.  He has a stateful firewall and is running NAT you can see from
the tcp dump below that he sends the query to one DNS server but another
responds thus breaking the firewall state and therefore it never resolves.
Should the provider have the forwarding option on there servers or does he
need to punch another hole in his firewall.

 

cheers

 

 

09:23:01.216136 80.2.189.69.53 > 194.168.8.100.53:  54051+ [1au][|domain]

(DF)

09:23:01.534353 194.168.4.100.53 > 80.2.189.69.53:  54051[|domain] (DF)
09:23:01.534618 80.2.189.69 > 194.168.4.100: icmp: 80.2.189.69 udp port 53 

unreachable [tos 0xc0]

09:23:11.238123 80.2.189.69.53 > 194.168.8.100.53:  12113+ [1au][|domain]

(DF)

09:23:11.414372 194.168.4.100.53 > 80.2.189.69.53:  12113[|domain] (DF)
09:23:11.414606 80.2.189.69 > 194.168.4.100: icmp: 80.2.189.69 udp port 53 

unreachable [tos 0xc0]

09:23:19.634810 80.2.189.69.53 > 194.168.8.100.53:  9737+ [1au][|domain]

(DF)

09:23:19.643883 194.168.4.100.53 > 80.2.189.69.53:  9737[|domain] (DF)
09:23:19.644127 80.2.189.69 > 194.168.4.100: icmp: 80.2.189.69 udp port 53 

unreachable [tos 0xc0]

 

 

 

Paul Gilbert 

Router Management Solutions, Inc.

www.routermanagement.com

work:   5167666068

mobile: 5164564983

 


--Boundary_(ID_IRK3YEwe7NeGwB28qr757A)
Content-type: text/html; charset=us-ascii
Content-transfer-encoding: 7BIT

<html>

<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">


<meta name=Generator content="Microsoft Word 10 (filtered)">

<style>
<!--
 /* Style Definitions */
 p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman";}
a:link, span.MsoHyperlink
	{color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{color:purple;
	text-decoration:underline;}
span.EmailStyle17
	{font-family:Arial;
	color:windowtext;}
@page Section1
	{size:8.5in 11.0in;
	margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
	{page:Section1;}
-->
</style>

</head>

<body lang=EN-US link=blue vlink=purple>

<div class=Section1>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>I have a friend whom has a
problem with we believe DNS.&nbsp; In this case the ISP is NTL.&nbsp; He has a
stateful firewall and is running NAT you can see from the tcp dump below that
he sends the query to one DNS server but another responds thus breaking the
firewall state and therefore it never resolves.&nbsp; Should the provider have
the forwarding option on there servers or does he need to punch another hole in
his firewall.</span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>&nbsp;</span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>cheers</span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>&nbsp;</span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>&nbsp;</span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>09:23:01.216136
80.2.189.69.53 &gt; 194.168.8.100.53:&nbsp; 54051+ [1au][|domain]</span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>(DF)</span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>09:23:01.534353
194.168.4.100.53 &gt; 80.2.189.69.53:&nbsp; 54051[|domain] (DF) 09:23:01.534618
80.2.189.69 &gt; 194.168.4.100: icmp: 80.2.189.69 udp port 53 </span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>unreachable [tos 0xc0]</span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>09:23:11.238123
80.2.189.69.53 &gt; 194.168.8.100.53:&nbsp; 12113+ [1au][|domain]</span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>(DF)</span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>09:23:11.414372
194.168.4.100.53 &gt; 80.2.189.69.53:&nbsp; 12113[|domain] (DF) 09:23:11.414606
80.2.189.69 &gt; 194.168.4.100: icmp: 80.2.189.69 udp port 53 </span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>unreachable [tos 0xc0]</span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>09:23:19.634810
80.2.189.69.53 &gt; 194.168.8.100.53:&nbsp; 9737+ [1au][|domain]</span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>(DF)</span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>09:23:19.643883
194.168.4.100.53 &gt; 80.2.189.69.53:&nbsp; 9737[|domain] (DF) 09:23:19.644127
80.2.189.69 &gt; 194.168.4.100: icmp: 80.2.189.69 udp port 53 </span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>unreachable [tos 0xc0]</span></font></p>

<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>&nbsp;</span></font></p>

<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>&nbsp;</span></font></p>

<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>&nbsp;</span></font></p>

<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
 12.0pt'>Paul Gilbert</span></font> </p>

<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>Router Management Solutions, Inc.</span></font></p>

<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>www.routermanagement.com</span></font></p>

<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>work:&nbsp;&nbsp; 5167666068</span></font></p>

<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>mobile: 5164564983</span></font></p>

<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>&nbsp;</span></font></p>

</div>

</body>

</html>

--Boundary_(ID_IRK3YEwe7NeGwB28qr757A)--
home help back first fref pref prev next nref lref last post