[WLANware] Default DNS problems in recent Freifunk
Alexander Morlang
alx at dd19.de
Mon Mar 24 17:54:06 CET 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Bastian Bittorf schrieb:
>> iptables -t nat -I PREROUTING -d 217.146.139.5 -p udp --dport 53 -j DNAT
>> --to 192.168.2.2:53
>
> This seems to be not correct.
> A connected client asks the local running DNS-server
> for the DNS-resolution. Then the local DNS-server asks
> the internet-DNS-server and sends the answer further to
> the client. From Local generated Traffic does not go trough
> PREROUTING, ergo you have to use:
>
> -------------
> GATEWAY="$( ip route list exact 0/0 | head -n1 )"
>
> if [ -n "$GATEWAY" ]; then
> eval $(netparam) # to have $WANADR
> iptables -t nat -I POSTROUTING -p udp --dport 53 -j DNAT
> --to-destination $GATEWAY
> fi
> --------------
>
> Of course this can be done much cleaner/better 8-)
sure, use nameservice plugin or anycast.
>
> bye, Bastian.
>
Alex
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFH59ythx2RbV7T5aERAouiAJ9XQ17WEZjf4VwRcTF1W7vlicWHtACfTYL4
oc4VVWz1xeSV7LqEHV46V5I=
=eWWT
-----END PGP SIGNATURE-----
More information about the WLANware
mailing list