I have a friend whom has a
problem with we believe DNS. In this case the ISP is NTL. He has a
stateful firewall and is running NAT you can see from the tcp dump below that
he sends the query to one DNS server but another responds thus breaking the
firewall state and therefore it never resolves. Should the provider have
the forwarding option on there servers or does he need to punch another hole in
his firewall.
cheers
09:23:01.216136
80.2.189.69.53 > 194.168.8.100.53: 54051+ [1au][|domain]
(DF)
09:23:01.534353
194.168.4.100.53 > 80.2.189.69.53: 54051[|domain] (DF) 09:23:01.534618
80.2.189.69 > 194.168.4.100: icmp: 80.2.189.69 udp port 53
unreachable [tos 0xc0]
09:23:11.238123
80.2.189.69.53 > 194.168.8.100.53: 12113+ [1au][|domain]
(DF)
09:23:11.414372
194.168.4.100.53 > 80.2.189.69.53: 12113[|domain] (DF) 09:23:11.414606
80.2.189.69 > 194.168.4.100: icmp: 80.2.189.69 udp port 53
unreachable [tos 0xc0]
09:23:19.634810
80.2.189.69.53 > 194.168.8.100.53: 9737+ [1au][|domain]
(DF)
09:23:19.643883
194.168.4.100.53 > 80.2.189.69.53: 9737[|domain] (DF) 09:23:19.644127
80.2.189.69 > 194.168.4.100: icmp: 80.2.189.69 udp port 53
unreachable [tos 0xc0]
Paul Gilbert
Router Management Solutions, Inc.
www.routermanagement.com
work: 5167666068
mobile: 5164564983