I have just replaced a box which was running SuSE and SuSE's firewall
scripts with an ubuntu box, running shorewall. It works nicely, once
you get your head around shorewall's way of doing things. However, I am
having a problem with our internal name server. This is in our DMZ and
serves as a caching nameserver and as authoritative for a local domain.
I have a Shorewall rule
AllowDNS dmz net
to allow the server do DNS queries to the world to update its cache.
However, it is doing slow very slowly, so I'm getting a lot of "The
internet is broken" from the secretary. Nearly always, on the DNS
server itself, if I do dig somehost.somedomain.sometld I will get
;; connection timed out; no servers could be reached
but trying again will get an answer. Sometimes, however, it is
necessary to try several times.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!