[Linuxtrent] Re: iptables
- From: "Giuliano Natali (el Diaolin)" <diaolin@xxxxxxxxxxx>
- To: linuxtrent@xxxxxxxxxxxxx
- Date: Thu, 26 Aug 2004 08:35:19 +0200 (CEST)
Giuseppe Briotti ha scritto:
>
> Di conseguenza, se ad esempio io mi dovessi connettere a diversi
> ISP e volessi evitare troppi hoop probabilmente mi converebbe
> "puntare" di volta in volta al DNS del'ISP a cui sono connesso.
Il problema non sono gli HOP ma la possibilita' di fare query al DNS che
qualcuno blocca.
>
> Se tutto questo è giusto, ho imparato una quarta cosa... la faccenda
> comincia a farsi interessante :-) si tratta quindi di capire quale
> puo' essere un dns-proxy da installare sulla Suse :-)))
##############################################
Caching Only DNS
Most stuff is already there waiting for you. the only thing you have to do
to get a simple caching DNS running is add this line to the top of
/etc/resolv.conf
nameserver 127.0.0.1
this just tells it to look at this machine first when doing queries. When
you now start named (see above) try the command "dig www.google.com" look
toward the bottom of the result for the query time it will be something
like 500 ms.
Re-run "dig www.google.com" and you should notice the query time is much
reduced (10 to 20 ms). This reduction is because the name server has
cached the result.
NOTE: This name server entry is only needed for your server machine. Any
other machine on the network will have a separate file or other way of
resolving which name server to use first. For instance it is under network
settings in windows.
NOTE: If you are using DHCP for any of you network interfaces this file
can get written over with the name servers the DHCP has suggested. See the
note at the bottom for a resolution of this problem.
In the named.conf file you should find something looking like this. It is
the reverse zone for localhost.
zone "0.0.127.in-addr.arpa" IN {
type master;
notify no;
file "named.local";
allow-update { none; };
};
That points to a file called named.local which can (probably) be found in
/var/named/. This file should contain something similar to this and is the
zone definition file.
$TTL 86400
0.0.127.in-addr.arpa. IN SOA compost.home.crazysquirrel.com.
graham.crazysquirrel.com. (
1997022707
28800
14400
3600000
86400 )
0.0.127.in-addr.arpa. IN NS compost.home.crazysquirrel.com.
1 IN PTR localhost.
The important points to note in this file are the domain name directly
following the SOA and the NS entry. This domain name MUST match the name
of the host machine. It is not valid to have this as a CNAME. Essentially
this is saying that the name server for 127.0.0 is
compost.home.crazysquirrel.com. If the name following the SOA does not
match the host name you get odd behaviour.
Save these files and restart named. Test you configuration with
dig localhost
which should return the correct ip address.
#####################################################
Diaolin
--
Ogni volta che incontri una gallina poniti il problema:
avra' cercato di attraversare la strada almeno una volta
nella sua vita?
Diaolin
--
Per iscriversi (o disiscriversi), basta spedire un messaggio con OGGETTO
"subscribe" (o "unsubscribe") a mailto:linuxtrent-request@xxxxxxxxxxxxx
Other related posts:
