SLUG Mailing List Archives - [SLUG] ADSL/DNS/IPTables issue

To: slug@xxxxxxxxxxx
Subject: [SLUG] ADSL/DNS/IPTables issue
From: Tony Green <tgreen@xxxxxxxxxxx>
Date: Fri, 26 Nov 2004 15:13:32 +1100

Happy Friday Afternoon one and all,

I've got a annoyance of a problem which, I thought, was limited to myhome ADSL connection, but I was wrong.

I upgraded my firewall at home to Debian Sarge (running 2.6 kernel) andquickly found some problems which didn't used to exist. I thought itwas MSS clamping (which I had missed), but enabling that didn't fixeverything.

The issue is that when a desktop requests a DNS lookup, it times outbefore it comes back (5 seconds approx). You can immediately requestthe address again and everything works fine - a simple but annoyingwork around.

I thought it was some weird setup thing with my ADSL (iiNet). Iswitched from PPPoE on the firewall to running that on the ADSL modem -still no good. I looked into MTU's, but nothing worked (went down to1452).

The firewall config is the same on the old and the new setups, port 53tcp/udp is allowed through. I'm running bind9 on the firewall and theiptables is run through shorewall.

Head scratching and googling hasn't yielded much more info and now I'vereplicated the problem on a brand new, but completely separate, machine(same packages but on Telstra ADSL).


Concussion from a cluestick to the head is more than welcome.

Greeno
--
Tony Green <tgreen@xxxxxxxxxxx>

Follow-Ups:
- Re: [SLUG] ADSL/DNS/IPTables issue
  - From: David Kempe

Messages sorted by: [ date | thread ]
Prev by Date: Re: [SLUG] /etc/module question
Next by Date: [SLUG] Ubuntu - Wollongong
Previous by thread: Re: [SLUG] maybe good
Next by thread: Re: [SLUG] ADSL/DNS/IPTables issue