|
Reader's Favorites
Media Casualties Mount Administration Split On Europe Invasion Administration In Crisis Over Burgeoning Quagmire Congress Concerned About Diversion From War On Japan Pot, Kettle On Line Two... Allies Seize Paris The Natural Gore Book Sales Tank, Supporters Claim Unfair Tactics Satan Files Lack Of Defamation Suit Why This Blog Bores People With Space Stuff A New Beginning My Hit Parade
Instapundit (Glenn Reynolds) Tim Blair James Lileks Bleats Virginia Postrel Kausfiles Winds Of Change (Joe Katzman) Little Green Footballs (Charles Johnson) Samizdata Eject Eject Eject (Bill Whittle) Space Alan Boyle (MSNBC) Space Politics (Jeff Foust) Space Transport News (Clark Lindsey) NASA Watch NASA Space Flight Hobby Space A Voyage To Arcturus (Jay Manifold) Dispatches From The Final Frontier (Michael Belfiore) Personal Spaceflight (Jeff Foust) Mars Blog The Flame Trench (Florida Today) Space Cynic Rocket Forge (Michael Mealing) COTS Watch (Michael Mealing) Curmudgeon's Corner (Mark Whittington) Selenian Boondocks Tales of the Heliosphere Out Of The Cradle Space For Commerce (Brian Dunbar) True Anomaly Kevin Parkin The Speculist (Phil Bowermaster) Spacecraft (Chris Hall) Space Pragmatism (Dan Schrimpsher) Eternal Golden Braid (Fred Kiesche) Carried Away (Dan Schmelzer) Laughing Wolf (C. Blake Powers) Chair Force Engineer (Air Force Procurement) Spacearium Saturn Follies JesusPhreaks (Scott Bell) Science
Nanobot (Howard Lovy) Lagniappe (Derek Lowe) Geek Press (Paul Hsieh) Gene Expression Carl Zimmer Redwood Dragon (Dave Trowbridge) Charles Murtaugh Turned Up To Eleven (Paul Orwin) Cowlix (Wes Cowley) Quark Soup (Dave Appell) Economics/Finance
Assymetrical Information (Jane Galt and Mindles H. Dreck) Marginal Revolution (Tyler Cowen et al) Man Without Qualities (Robert Musil) Knowledge Problem (Lynne Kiesling) Journoblogs The Ombudsgod Cut On The Bias (Susanna Cornett) Joanne Jacobs The Funny Pages
Cox & Forkum Day By Day Iowahawk Happy Fun Pundit Jim Treacher IMAO The Onion Amish Tech Support (Lawrence Simon) Scrapple Face (Scott Ott) Regular Reading
Quasipundit (Adragna & Vehrs) England's Sword (Iain Murray) Daily Pundit (Bill Quick) Pejman Pundit Daimnation! (Damian Penny) Aspara Girl Flit Z+ Blog (Andrew Zolli) Matt Welch Ken Layne The Kolkata Libertarian Midwest Conservative Journal Protein Wisdom (Jeff Goldstein et al) Dean's World (Dean Esmay) Yippee-Ki-Yay (Kevin McGehee) Vodka Pundit Richard Bennett Spleenville (Andrea Harris) Random Jottings (John Weidner) Natalie Solent On the Third Hand (Kathy Kinsley, Bellicose Woman) Patrick Ruffini Inappropriate Response (Moira Breen) Jerry Pournelle Other Worthy Weblogs
Ain't No Bad Dude (Brian Linse) Airstrip One A libertarian reads the papers Andrew Olmsted Anna Franco Review Ben Kepple's Daily Rant Bjorn Staerk Bitter Girl Catallaxy Files Dawson.com Dodgeblog Dropscan (Shiloh Bucher) End the War on Freedom Fevered Rants Fredrik Norman Heretical Ideas Ideas etc Insolvent Republic of Blogistan James Reuben Haney Libertarian Rant Matthew Edgar Mind over what matters Muslimpundit Page Fault Interrupt Photodude Privacy Digest Quare Rantburg Recovering Liberal Sand In The Gears(Anthony Woodlief) Sgt. Stryker The Blogs of War The Fly Bottle The Illuminated Donkey Unqualified Offerings What she really thinks Where HipHop & Libertarianism Meet Zem : blog Space Policy Links
Space Future The Space Review The Space Show Space Frontier Foundation Space Policy Digest BBS AWOL
USS Clueless (Steven Den Beste) Media Minder Unremitting Verse (Will Warren) World View (Brink Lindsay) The Last Page More Than Zero (Andrew Hofer) Pathetic Earthlings (Andrew Lloyd) Spaceship Summer (Derek Lyons) The New Space Age (Rob Wilson) Rocketman (Mark Oakley) Mazoo Site designed by Powered by Movable Type |
I Still Want My DNS! The saga continues. When I hardwire a DNS into my client, it works. Sort of. I can get to transterrestrial.com, but pages from Instapundit and National Review (and who knows which else?) won't load. This is the case not only for my original solution of Earthlink's IPs, but also for Dave Mercer's recommendation of cybertrails.com's. What the heck is going on? Posted by Rand Simberg at July 10, 2004 09:06 PMTrackBack URL for this entry:
http://www.transterrestrial.com/mt-diagnostics.cgi/2639 Listed below are links to weblogs that reference this post from Transterrestrial Musings.
Comments
I'm having problems with a simple dial-up and AOL. Two sites just lock up the system, all others OK. Extremely unlikely my problem is related to yours, but paranoid minds want to know. Rich Posted by Rich at July 10, 2004 09:33 PMWow, now that IS weird! Is the reachability of the sites consistent across client machines? And do those machines all have the same dns server setting? And is that the router (machine running ICS) which is forwarding dns or are they directly using the hardwired dns server ip? As of the timestamp on this post (as a data point) the cybertrails.com dns server is replying fine for www.nationalreview.com and www.instapundit.com. Still smells like ICS/ZA trouble, I know that that's not what you want to hear, but it is very much sounding like the troubles I've had myself with that same combo. We could get google, but not yahoo, etc. with no seeming moment to moment rhyme or reason, nor ZA log entries. Like you're experiencing! :-( You could use a floppy or CD bootable linux distro on your gateway box (leaving the underlying Windows alone until it's a client again). I know, how to I get to one? Well here're direct google IP's to use if dns is flaking out still and you want to go hunting in those woods: 216.239.57.147, 216.239.57.99, 216.239.57.104 Note that if you click on the 'cache' button on a google hit when you got to google from a raw IP that the cached copies still link to that IP. They're "I'm on the other end of a piece of string" surfin' friendly like that! :-) Posted by David Mercer at July 11, 2004 05:40 AMDNS gets cached locally, so your own site may work while other sites don't. Sounds like your firewall is blocking DNS replies (outbound stuff is usually not blocked at all), or the gateway machine isn't forwarding the responses via NAT back to the requesting cient. Have you tried setting the DNS for 192.168.0.1 on your clients? What happens when you invoke NSLOOKUP on a client and specify an external server? What does a lookup for transterrestrial.com do? bozo.com (66.77.49.93)? If you get timeouts (likely), what happens when you do the same on the gateway? I'm betting that the problem is only in the clients, and is related to not passing incoming UDP traffic on DNS inside. Is there a firewall log? You should be allowing incoming UDP traffic FROM port 53 to any address above 1023 to be forwarded through the gateway to the inside. If you have a DNS server inside, then you also have to allow incoming UDP traffic TO port 53. In this case, TCP traffic from and to port 53 should also be allowed. Posted by Kevin Murphy at July 12, 2004 12:23 AMI'm betting that the problem is only in the clients, and is related to not passing incoming UDP traffic on DNS inside. Yes. Is there a firewall log? Yes, but it's not showing any blocks to/from the LAN. Which, apparently, being Zone Alarm, doesn't mean it isn't happening. You should be allowing incoming UDP traffic FROM port 53 to any address above 1023 to be forwarded through the gateway to the inside. That may be the problem. Incoming UDP is currently blocked. I have to submit a port range. If 1023 is the lower number, what should the upper one be? Posted by Rand Simberg at July 12, 2004 06:27 AMupper is 65535 (the port is randomly selected each time from that range) Posted by Kevin Murphy at July 12, 2004 09:14 AMOh, the lower number is 1024 ("above 1023") Posted by Kevin Murphy at July 12, 2004 09:27 AMIn answer to your other question, when I do "nslookup transterrestrial" (with default DNS settings on the client), I get: DNS Request times out, can't find server name for address 192.168.0.1: Times out Post a comment |