Date: Tue, 23 May 2000 08:35:23 -0400 From: Mikel <mikel@ocsny.com> To: Ron Smith <ronnetron@hotmail.com> Cc: freebsd-net@FreeBSD.ORG, freebsd-ipfw@FreeBSD.ORG Subject: Re: Non-existent domain Message-ID: <392A7B0B.ADB515FD@ocsny.com> References: <20000522191733.61404.qmail@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --------------C455D02C0A2C666CF8F47901 Content-Type: multipart/alternative; boundary="------------AA2BA8898E99FD0E9F3CBCFE" --------------AA2BA8898E99FD0E9F3CBCFE Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Uh Ron, check your firewall rules....I've taken the liberty in highlighting those that I feel are suspect.... -- Cheers, Mikel +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ | Optimized Computer Solutions, Inc http://www.ocsny.com | 39 W14th Street, Suite 203 212 727 2238 x132 | New York, NY 10011 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ Ron Smith wrote: > Hi all, > > O.K. gang I need your help on this one. I have a particular problem that I > can't seem to solve on my own. Here's what's happening: > > I've configured a dual-homed, DSL gateway with NAT and IPFILTER. Everything > works fine for those on the LAN when browsing HTTP. DNS is also running on > this machine as primary and I have a name server at the ISP as secondary. > However, the problem is that when looking for the domain name "crcfx.com" > out on the web, It's not seen. An error message comes up saying: "A network > error occurred: Unable to connect to server. The server may be down or > unreachable." Also, I don't get a proper response, from outside our LAN, > when doing an 'nslookup stargate.crcfx.com', which has the primary DNS > running locally. This is preventing us from putting other services on-line, > such as 'HTTP' and 'SMTP'. I've talked to several sources (including my > ISP), to no avail. There's lots of confusion all around. I have a suspicion > my problem may stem from the way my zones are set up, or the firewall rules, > but I'm not sure. Anyway, here are the details: > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > ping 127.0.0.1 (loopback) > ping 192.x.x.1 (inside interface) > ping 63.x.x.218 (outside interface) > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > All show 0% packet loss. > > ~~~~~~~~~~~~~~~ > 'rc.conf' says: > ~~~~~~~~~~~~~~~ > > # This file now contains just the overrides from/etc/defaults/rc.conf # > please make all changes to this file. > > # -- sysinstall generated deltas -- # > ifconfig_fxp0="inet 192.x.x.1 netmask 255.255.255.0" > ifconfig_pn0="inet 63.x.x.218 netmask 255.255.255.248" > hostname="stargate.crcfx.com" > linux_enable="YES" > moused_enable="YES" > gateway_enable="YES" > defaultrouter="63.x.x.217" > # -- The following deltas were generated by Ron Smith on Apr. 17, 2000 > firewall_enable="YES" > firewall_type="simple" > firewall_script="/etc/rc.firewall" > inetd_enable="NO" > sendmail_enable="NO" > dumpdev=/dev/wd0s1b > natd_enable="YES" > natd_interface="pn0" > named_enable="YES" > > ~~~~~~~~~~~~~~~~~~~ > 'rc.firewall' says: > ~~~~~~~~~~~~~~~~~~~ > > # set these to your outside interface network and netmask and ip > oif="pn0" > onet="63.x.x.216" > omask="255.255.255.248" > oip="63.x.x.218" > > # set these to your inside interface network and netmask and ip > iif="fxp0" > inet="192.x.x.0" > imask="255.255.255.0" > iip="192.x.x.1" > > # Stop spoofing > $fwcmd add deny all from ${inet}:${imask} to any in via ${oif} > $fwcmd add deny all from ${onet}:${omask} to any in via ${iif} > > # Stop RFC1918 nets on the outside interface > $fwcmd add deny all from 192.x.0.0:255.255.0.0 to any via ${oif} > #$fwcmd add deny all from any to 192.x.0.0:255.255.0.0 via ${oif} $fwcmd add > deny all from 172.16.0.0:255.240.0.0 to any via ${oif} > $fwcmd add deny all from any to 172.16.0.0:255.240.0.0 via ${oif} > $fwcmd add deny all from 10.0.0.0:255.0.0.0 to any via ${oif} > $fwcmd add deny all from any to 10.0.0.0:255.0.0.0 via ${oif} > > # Allow ICMP inside only > #$fwcmd add deny icmp from any to any via ${oif} > #$fwcmd add allow icmp from ${inet}:${imask} to ${inet}:${imask} via ${iif} > > # Allow TCP through if setup succeeded > $fwcmd add pass tcp from any to any established > > # Allow setup of incoming email > #$fwcmd add pass tcp from any to ${oip} 25 setup > > # Allow access to our DNS > $fwcmd add pass tcp from any to ${oip} 53 setup > > # Allow access to our WWW > #$fwcmd add pass tcp from any to ${oip} 80 setup > > # Reject&Log all setup of incoming connections from the outside > $fwcmd add deny log tcp from any to any in via ${oif} setup > > # Allow setup of any other TCP connection > $fwcmd add pass tcp from any to any setup > > # Allow DNS queries out in the world > $fwcmd add pass udp from any 53 to ${oip} > $fwcmd add pass udp from ${oip} to any 53 > $fwcmd add pass udp from ${inet}:${imask} to any 53 > > # Allow stuff to 192 net in from the outside, since we're > # checking after NAT does the conversion > $fwcmd add allow udp from any 53 to ${inet}:${imask} via ${oif} > $fwcmd add allow udp from any 53 to ${inet}:${imask} via ${iif} > > # Allow NTP queries out in the world > $fwcmd add pass udp from any 123 to ${oip} > $fwcmd add pass udp from ${oip} to any 123 > > # Everything else is denied as default. > > elif [ "${firewall_type}" != "UNKNOWN" -a -r "${firewall_type}" ]; then > $fwcmd ${firewall_type} > fi > > ~~~~~~~~~~~~~~~~~~~~~~~ > 'whois crcfx.com' says: > ~~~~~~~~~~~~~~~~~~~~~~~ > > Whois Server Version 1.1 > > Domain names in the .com, .net, and .org domains can now be registered > with many different competing registrars. Go to http://www.internic.net for > detailed information. > > Domain Name: CRCFX.COM > Registrar: REGISTER.COM, INC. > Whois Server: whois.register.com > Referral URL: www.register.com > Name Server: NS1.PBI.NET > Name Server: STARGATE.CRCFX.COM > Updated Date: 28-apr-200 > > >>>Last update of whois database: Wed, 3 May 00 04:41:29 EDT <<< > > The Registry database contains ONLY .COM, .NET, .ORG, .EDU domains and > Registrars. > > Access to register.com's WHOIS information is for informational purposes > only. Register.com makes this information available > "as is," and does not guarantee its accuracy. The compilation, repackaging, > dissemination or other use of register.com's WHOIS information in its > entirety, or a substantial portion thereof, is expressly prohibited without > the prior written consent of register.com. By accessing and using our WHOIS > information, you agree to these terms. > > Organization: > Cinema Research Corp > 6860 Lexington Ave > Hollywood, CA 90038 > US > > Registrar..: Register.com (http://www.register.com) > Domain Name: CRCFX.COM > Created on..............: Fri, Mar 24, 2000 > Expires on..............: Sat, Mar 24, 2001 > Record last updated on..: Fri, Apr 28, 2000 > > Administrative Contact: > Smith, Ron ronnetron@hotmail.com > 323-460-4111 > > Technical Contact, Zone Contact: > Internic, Registrar internic-free@register.com > 212-594-988 > > Domain servers in listed order: > > STARGATE.CRCFX.COM 63.x.x.218 > NS1.PBI.NET 206.13.28.11 > > Register your domain name at http://www.register.com > > ~~~~~~~~~~~~~~~~~ > ifconfig -a says: > ~~~~~~~~~~~~~~~~~ > > fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > inet 192.x.x.1 netmask 0xffffff00 broadcast 192.x.x.255 > > pn0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > inet 63.x.x.218 netmask 0xfffffff8 broadcast 63.x.x.223 > > lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 > inet 127.0.0.1 netmask 0xff000000 > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > 'netstat -na crcfx.com' says: > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > Active Internet connections (including servers) > Proto Recv-Q Send-Q Local Address Foreign Address (state) > icmp 0 0 *.* *.* > tcp 0 0 *.111 *.* LISTEN > tcp 0 0 127.0.0.1.53 *.* LISTEN > tcp 0 0 63.x.x.218.53 *.* LISTEN > tcp 0 0 192.x.x.1.53 *.* LISTEN > udp 0 0 *.111 *.* > udp 0 0 *.1024 *.* > udp 0 0 127.0.0.1.53 *.* > udp 0 0 63.x.x.218.53 *.* > udp 0 0 192.x.x.1.53 *.* > udp 0 0 *.514 *.* > > ~~~~~~~~~~~~~~~~~~~~~ > 'db.crcfx.com' says: > ~~~~~~~~~~~~~~~~~~~~~ > > ; Definition of zone crcfx.com > crcfx.com. IN SOA stargate.crcfx.com. root.crcfx.com. ( > 2000042901 ; Serial (date, two digits version of day) > 86400 ; refresh (1 day) > 7200 ; retry (2 hours) > 8640000 ; expire (100 days) > 86400 ) ; minimum (1 day) > > ; name servers > IN NS stargate.crcfx.com. > IN NS ns1.pbi.net. > IN NS ns2.pbi.net. > stargate IN A 63.x.x.218 > ns1.pbi.net. IN A 206.13.28.11 > ns2.pbi.net. IN A 206.13.29.11 > > ~~~~~~~~~~~~~~~~~~~~~ > 'crcfx-reverse' says: > ~~~~~~~~~~~~~~~~~~~~~ > > @ IN SOA stargate.crcfx.com. root.crcfx.com. ( > 2000042901 ; Serial (date, 2 digits version of day) > 86400 ; refresh (1 day) > 7200 ; retry (2 hours) > 8640000 ; expire (100 days) > 86400 ) ; minimum (1 day) > > IN NS stargate.crcfx.com. > IN NS ns1.pbi.net. > IN NS ns2.pbi.net. > > 218.x.x.63.in-addr.arpa IN PTR stargate.crcfx.com. > 11.28.13.206.in-addr.arpa IN PTR ns1.pbi.net. > 11.29.13.206.in-addr.arpa IN PTR ns2.pbi.net. > > ~~~~~~~~~~~~~~~~~~~~~ > 'localhost.rev' says: > ~~~~~~~~~~~~~~~~~~~~~ > > ; From: @(#)localhost.rev 5.1 (Berkeley) 6/30/90 > ; $FreeBSD: src/etc/namedb/PROTO.localhost.rev,v 1.4.2.1 1999/08/29 14:19:29 > peter Exp $ > ; > ; This file is automatically edited by the `make-localhost' script in > ; the /etc/namedb directory. > ; > > @ IN SOA stargate.crcfx.com. root.stargate.crcfx.com. ( > 2000042901 ; Serial > 86400 ; Refresh (1 day) > 7200 ; Retry (2 hours) > 8640000 ; Expire (100 days) > 86400 ) ; Minimum > IN NS stargate.crcfx.com. > 1 IN PTR localhost.crcfx.com. > > ~~~~~~~~~~~~~~~~~~~ > 'resolv.conf' says: > ~~~~~~~~~~~~~~~~~~~ > > domain crcfx.com > nameserver 127.0.0.1 > nameserver 192.x.x.1 > nameserver 63.x.x.218 > nameserver 206.13.28.11 > nameserver 206.13.29.11 > > ~~~~~~~~~~~~~~~~~~ > 'named.conf' says: > ~~~~~~~~~~~~~~~~~~ > > options { > directory "/etc/namedb"; > > forwarders { > 206.13.28.11; > }; > > zone "." { > type hint; > file "named.root"; > }; > > zone "0.0.127.IN-ADDR.ARPA" { > type master; > file "localhost.rev"; > }; > > zone "crcfx.com" { > type master; > file "db.crcfx.com"; > }; > > zone "0.x.192.IN-ADDR.ARPA" { > type master; > file "crcfx-reverse"; > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Sorry, > > This is a lot to swallow, but they are all the pertinent files, in regards > to the problem. I would appreciate any feedback on how to get our local name > server to do proper zone transfers to our upstream ISP, and to get a proper > 'nslookup stargate.crcfx.com' from outside our LAN ...same thing. > > TIA > Ron > > ________________________________________________________________________ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message --------------AA2BA8898E99FD0E9F3CBCFE Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit <!doctype html public "-//w3c//dtd html 4.0 transitional//en"> <html> Uh Ron, check your firewall rules....I've taken the liberty in <b><font color="#990000">highlighting</font></b> those that I feel are suspect.... <p>-- <br>Cheers, <br>Mikel <br>+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ <br>| Optimized Computer Solutions, Inc <A HREF="http://www.ocsny.com">http://www.ocsny.com</A>; <br>| 39 W14th Street, Suite 203 212 727 2238 x132 <br>| New York, NY 10011 <br>+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ <p>Ron Smith wrote: <blockquote TYPE=CITE>Hi all, <p>O.K. gang I need your help on this one. I have a particular problem that I <br>can't seem to solve on my own. Here's what's happening: <p>I've configured a dual-homed, DSL gateway with NAT and IPFILTER. Everything <br>works fine for those on the LAN when browsing HTTP. DNS is also running on <br>this machine as primary and I have a name server at the ISP as secondary. <br>However, the problem is that when looking for the domain name "crcfx.com" <br>out on the web, It's not seen. An error message comes up saying: "A network <br>error occurred: Unable to connect to server. The server may be down or <br>unreachable." Also, I don't get a proper response, from outside our LAN, <br>when doing an 'nslookup stargate.crcfx.com', which has the primary DNS <br>running locally. This is preventing us from putting other services on-line, <br>such as 'HTTP' and 'SMTP'. I've talked to several sources (including my <br>ISP), to no avail. There's lots of confusion all around. I have a suspicion <br>my problem may stem from the way my zones are set up, or the firewall rules, <br>but I'm not sure. Anyway, here are the details: <p>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ <br>ping 127.0.0.1 (loopback) <br>ping 192.x.x.1 (inside interface) <br>ping 63.x.x.218 (outside interface) <br>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ <p>All show 0% packet loss. <p>~~~~~~~~~~~~~~~ <br>'rc.conf' says: <br>~~~~~~~~~~~~~~~ <p># This file now contains just the overrides from/etc/defaults/rc.conf # <br>please make all changes to this file. <p># -- sysinstall generated deltas -- # <br>ifconfig_fxp0="inet 192.x.x.1 netmask 255.255.255.0" <br>ifconfig_pn0="inet 63.x.x.218 netmask 255.255.255.248" <br>hostname="stargate.crcfx.com" <br>linux_enable="YES" <br>moused_enable="YES" <br>gateway_enable="YES" <br>defaultrouter="63.x.x.217" <br># -- The following deltas were generated by Ron Smith on Apr. 17, 2000 <br>firewall_enable="YES" <br>firewall_type="simple" <br>firewall_script="/etc/rc.firewall" <br>inetd_enable="NO" <br>sendmail_enable="NO" <br>dumpdev=/dev/wd0s1b <br>natd_enable="YES" <br>natd_interface="pn0" <br>named_enable="YES" <p>~~~~~~~~~~~~~~~~~~~ <br>'rc.firewall' says: <br>~~~~~~~~~~~~~~~~~~~ <p># set these to your outside interface network and netmask and ip <br>oif="pn0" <br>onet="63.x.x.216" <br>omask="255.255.255.248" <br>oip="63.x.x.218" <p># set these to your inside interface network and netmask and ip <br>iif="fxp0" <br>inet="192.x.x.0" <br>imask="255.255.255.0" <br>iip="192.x.x.1" <p># Stop spoofing <br>$fwcmd add deny all from ${inet}:${imask} to any in via ${oif} <br>$fwcmd add deny all from ${onet}:${omask} to any in via ${iif} <p># Stop RFC1918 nets on the outside interface <br>$fwcmd add deny all from 192.x.0.0:255.255.0.0 to any via ${oif} <br>#$fwcmd add deny all from any to 192.x.0.0:255.255.0.0 via ${oif} $fwcmd add <br>deny all from 172.16.0.0:255.240.0.0 to any via ${oif} <br>$fwcmd add deny all from any to 172.16.0.0:255.240.0.0 via ${oif} <br>$fwcmd add deny all from 10.0.0.0:255.0.0.0 to any via ${oif} <br>$fwcmd add deny all from any to 10.0.0.0:255.0.0.0 via ${oif} <p># Allow ICMP inside only <br>#$fwcmd add deny icmp from any to any via ${oif} <br>#$fwcmd add allow icmp from ${inet}:${imask} to ${inet}:${imask} via ${iif} <p># Allow TCP through if setup succeeded <br>$fwcmd add pass tcp from any to any established<b><font color="#990000"></font></b> <p><b><font color="#990000"># Allow setup of incoming email</font></b> <br><b><font color="#990000">#$fwcmd add pass tcp from any to ${oip} 25 setup</font></b><b><font color="#990000"></font></b> <p># Allow access to our DNS <br>$fwcmd add pass tcp from any to ${oip} 53 setup<b><font color="#990000"></font></b> <p><b><font color="#990000"># Allow access to our WWW</font></b> <br><b><font color="#990000">#$fwcmd add pass tcp from any to ${oip} 80 setup</font></b> <p># Reject&Log all setup of incoming connections from the outside <br>$fwcmd add deny log tcp from any to any in via ${oif} setup <p># Allow setup of any other TCP connection <br>$fwcmd add pass tcp from any to any setup <p># Allow DNS queries out in the world <br>$fwcmd add pass udp from any 53 to ${oip} <br>$fwcmd add pass udp from ${oip} to any 53 <br>$fwcmd add pass udp from ${inet}:${imask} to any 53 <p># Allow stuff to 192 net in from the outside, since we're <br># checking after NAT does the conversion <br>$fwcmd add allow udp from any 53 to ${inet}:${imask} via ${oif} <br>$fwcmd add allow udp from any 53 to ${inet}:${imask} via ${iif} <p># Allow NTP queries out in the world <br>$fwcmd add pass udp from any 123 to ${oip} <br>$fwcmd add pass udp from ${oip} to any 123 <p># Everything else is denied as default. <p>elif [ "${firewall_type}" != "UNKNOWN" -a -r "${firewall_type}" ]; then <br>$fwcmd ${firewall_type} <br>fi <p>~~~~~~~~~~~~~~~~~~~~~~~ <br>'whois crcfx.com' says: <br>~~~~~~~~~~~~~~~~~~~~~~~ <p>Whois Server Version 1.1 <p>Domain names in the .com, .net, and .org domains can now be registered <br>with many different competing registrars. Go to <a href="http://www.internic.net">http://www.internic.net</a>; for <br>detailed information. <p>Domain Name: CRCFX.COM <br>Registrar: REGISTER.COM, INC. <br>Whois Server: whois.register.com <br>Referral URL: www.register.com <br>Name Server: NS1.PBI.NET <br>Name Server: STARGATE.CRCFX.COM <br>Updated Date: 28-apr-200 <p>>>>Last update of whois database: Wed, 3 May 00 04:41:29 EDT <<< <p>The Registry database contains ONLY .COM, .NET, .ORG, .EDU domains and <br>Registrars. <p>Access to register.com's WHOIS information is for informational purposes <br>only. Register.com makes this information available <br>"as is," and does not guarantee its accuracy. The compilation, repackaging, <br>dissemination or other use of register.com's WHOIS information in its <br>entirety, or a substantial portion thereof, is expressly prohibited without <br>the prior written consent of register.com. By accessing and using our WHOIS <br>information, you agree to these terms. <p>Organization: <br>Cinema Research Corp <br>6860 Lexington Ave <br>Hollywood, CA 90038 <br>US <p>Registrar..: Register.com (<a href="http://www.register.com">http://www.register.com</a>) <br>Domain Name: CRCFX.COM <br>Created on..............: Fri, Mar 24, 2000 <br>Expires on..............: Sat, Mar 24, 2001 <br>Record last updated on..: Fri, Apr 28, 2000 <p>Administrative Contact: <br>Smith, Ron ronnetron@hotmail.com <br>323-460-4111 <p>Technical Contact, Zone Contact: <br>Internic, Registrar internic-free@register.com <br>212-594-988 <p>Domain servers in listed order: <p>STARGATE.CRCFX.COM 63.x.x.218 <br>NS1.PBI.NET 206.13.28.11 <p>Register your domain name at <a href="http://www.register.com">http://www.register.com</a>; <p>~~~~~~~~~~~~~~~~~ <br>ifconfig -a says: <br>~~~~~~~~~~~~~~~~~ <p>fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 <br>inet 192.x.x.1 netmask 0xffffff00 broadcast 192.x.x.255 <p>pn0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 <br>inet 63.x.x.218 netmask 0xfffffff8 broadcast 63.x.x.223 <p>lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 <br>inet 127.0.0.1 netmask 0xff000000 <p>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ <br>'netstat -na crcfx.com' says: <br>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ <p>Active Internet connections (including servers) <br>Proto Recv-Q Send-Q Local Address Foreign Address (state) <br>icmp 0 0 *.* *.* <br>tcp 0 0 *.111 *.* LISTEN <br>tcp 0 0 127.0.0.1.53 *.* LISTEN <br>tcp 0 0 63.x.x.218.53 *.* LISTEN <br>tcp 0 0 192.x.x.1.53 *.* LISTEN <br>udp 0 0 *.111 *.* <br>udp 0 0 *.1024 *.* <br>udp 0 0 127.0.0.1.53 *.* <br>udp 0 0 63.x.x.218.53 *.* <br>udp 0 0 192.x.x.1.53 *.* <br>udp 0 0 *.514 *.* <p>~~~~~~~~~~~~~~~~~~~~~ <br>'db.crcfx.com' says: <br>~~~~~~~~~~~~~~~~~~~~~ <p>; Definition of zone crcfx.com <br>crcfx.com. IN SOA stargate.crcfx.com. root.crcfx.com. ( <br> 2000042901 ; Serial (date, two digits version of day) <br> 86400 ; refresh (1 day) <br> 7200 ; retry (2 hours) <br> 8640000 ; expire (100 days) <br> 86400 ) ; minimum (1 day) <p>; name servers <br> IN NS stargate.crcfx.com. <br> IN NS ns1.pbi.net. <br> IN NS ns2.pbi.net. <br>stargate IN A 63.x.x.218 <br>ns1.pbi.net. IN A 206.13.28.11 <br>ns2.pbi.net. IN A 206.13.29.11 <p>~~~~~~~~~~~~~~~~~~~~~ <br>'crcfx-reverse' says: <br>~~~~~~~~~~~~~~~~~~~~~ <p>@ IN SOA stargate.crcfx.com. root.crcfx.com. ( <br> 2000042901 ; Serial (date, 2 digits version of day) <br> 86400 ; refresh (1 day) <br> 7200 ; retry (2 hours) <br> 8640000 ; expire (100 days) <br> 86400 ) ; minimum (1 day) <p> IN NS stargate.crcfx.com. <br> IN NS ns1.pbi.net. <br> IN NS ns2.pbi.net. <p>218.x.x.63.in-addr.arpa IN PTR stargate.crcfx.com. <br>11.28.13.206.in-addr.arpa IN PTR ns1.pbi.net. <br>11.29.13.206.in-addr.arpa IN PTR ns2.pbi.net. <p>~~~~~~~~~~~~~~~~~~~~~ <br>'localhost.rev' says: <br>~~~~~~~~~~~~~~~~~~~~~ <p>; From: @(#)localhost.rev 5.1 (Berkeley) 6/30/90 <br>; $FreeBSD: src/etc/namedb/PROTO.localhost.rev,v 1.4.2.1 1999/08/29 14:19:29 <br>peter Exp $ <br>; <br>; This file is automatically edited by the `make-localhost' script in <br>; the /etc/namedb directory. <br>; <p>@ IN SOA stargate.crcfx.com. root.stargate.crcfx.com. ( <br> 2000042901 ; Serial <br> 86400 ; Refresh (1 day) <br> 7200 ; Retry (2 hours) <br> 8640000 ; Expire (100 days) <br> 86400 ) ; Minimum <br> IN NS stargate.crcfx.com. <br>1 IN PTR localhost.crcfx.com. <p>~~~~~~~~~~~~~~~~~~~ <br>'resolv.conf' says: <br>~~~~~~~~~~~~~~~~~~~ <p>domain crcfx.com <br>nameserver 127.0.0.1 <br>nameserver 192.x.x.1 <br>nameserver 63.x.x.218 <br>nameserver 206.13.28.11 <br>nameserver 206.13.29.11 <p>~~~~~~~~~~~~~~~~~~ <br>'named.conf' says: <br>~~~~~~~~~~~~~~~~~~ <p>options { <br> directory "/etc/namedb"; <p> forwarders { <br> 206.13.28.11; <br> }; <p>zone "." { <br> type hint; <br> file "named.root"; <br>}; <p>zone "0.0.127.IN-ADDR.ARPA" { <br> type master; <br> file "localhost.rev"; <br>}; <p>zone "crcfx.com" { <br> type master; <br> file "db.crcfx.com"; <br>}; <p>zone "0.x.192.IN-ADDR.ARPA" { <br> type master; <br> file "crcfx-reverse"; <p>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Sorry, <p>This is a lot to swallow, but they are all the pertinent files, in regards <br>to the problem. I would appreciate any feedback on how to get our local name <br>server to do proper zone transfers to our upstream ISP, and to get a proper <br>'nslookup stargate.crcfx.com' from outside our LAN ...same thing. <p>TIA <br>Ron <p>________________________________________________________________________ <br>Get Your Private, Free E-mail from MSN Hotmail at <a href="http://www.hotmail.com">http://www.hotmail.com</a>; <p>To Unsubscribe: send mail to majordomo@FreeBSD.org <br>with "unsubscribe freebsd-net" in the body of the message</blockquote> <br> <br> <br> </html> --------------AA2BA8898E99FD0E9F3CBCFE-- --------------C455D02C0A2C666CF8F47901 Content-Type: text/x-vcard; charset=us-ascii; name="mikel.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Mikel Content-Disposition: attachment; filename="mikel.vcf" begin:vcard n:King;Mikel tel;fax:2124638402 tel;home:http://www.upan.org tel;work:2127272100 x-mozilla-html:TRUE org:Optimized Computer Solutions version:2.1 email;internet:mikel@ocsny.com title:Director of Network Operations & Technology adr;quoted-printable:;;39 W14th St.=0D=0ASte 203;New York;NY;10011;US note;quoted-printable:fBSD, PHP, MySql and OCS Rule!!!=0D=0A=0D=0AGoal is to be MS free by the end of 2k. x-mozilla-cpt:;7312 fn:Mikel King end:vcard --------------C455D02C0A2C666CF8F47901-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?392A7B0B.ADB515FD>