From owner-freebsd-questions@FreeBSD.ORG Sat Jul 30 13:20:37 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 710C116A41F for ; Sat, 30 Jul 2005 13:20:37 +0000 (GMT) (envelope-from freebsd@akruijff.dds.nl) Received: from smtp18.wxs.nl (smtp18.wxs.nl [195.121.6.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 063B543D45 for ; Sat, 30 Jul 2005 13:20:36 +0000 (GMT) (envelope-from freebsd@akruijff.dds.nl) Received: from smtp.planet.nl (ip51cc8423.speed.planet.nl [81.204.132.35]) by smtp18.wxs.nl (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)) with ESMTP id <0IKF00MF7ZQBU3@smtp18.wxs.nl> for freebsd-questions@freebsd.org; Sat, 30 Jul 2005 15:20:35 +0200 (CEST) Received: from Alex.lan (localhost [127.0.0.1]) by smtp.planet.nl (8.13.3/8.13.3) with ESMTP id j6UDKYjJ002995; Sat, 30 Jul 2005 15:20:34 +0200 Received: (from akruijff@localhost) by Alex.lan (8.13.3/8.13.3/Submit) id j6UDKXdM002994; Sat, 30 Jul 2005 15:20:33 +0200 Content-return: prohibited Date: Sat, 30 Jul 2005 15:20:33 +0200 From: Alex de Kruijff In-reply-to: <20050730104152.GH17171@ns2.wananchi.com> To: Odhiambo Washington , freebsd-questions@freebsd.org Message-id: <20050730132033.GA2911@Alex.lan> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Content-disposition: inline User-Agent: Mutt/1.4.2.1i References: <20050730104152.GH17171@ns2.wananchi.com> X-Authentication-warning: Alex.lan: akruijff set sender to freebsd@akruijff.dds.nl using -f Cc: Subject: Re: Problem with IPFilter/IPNAT X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd@akruijff.dds.nl List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Jul 2005 13:20:37 -0000 On Sat, Jul 30, 2005 at 01:41:52PM +0300, Odhiambo Washington wrote: > I am using IPFilter and IPNat on several FreeBSD boxes. They are mostly > configured the same. > > Each box has two interfaces, public and internal, and acts as a router > to the LAN which is 'behind' it. The LAN machines use the FreeBSD as the > gateway, as well as a DNS server. I run cache-only config. > > The problem I have is that when, for any reason, the public link goes > down, the machines on the LAN timeout when communicating. It sound like there tying to lookup hostnames via DNS or something like this. Are you able to ping them with there ip addresses? Are you able to ping them with there host names? -- Alex Please copy the original recipients, otherwise I may not read your reply. Howto's based on my ppersonal use, including information about setting up a firewall and creating traffic graphs with MRTG http://www.kruijff.org/alex/FreeBSD/