I have a Draytek Vigor 2802n ADSL router, a pretty 'normal' router, slightly up-market even.
By default its IP address (as most domestic routers) is 192.168.1.1 and it comes up as a DHCP server for that subnet.
I've been trying to get it to play nicely (as the DHCP server) on my small network but so far I'm having little luck. Until now I have had DHCP in the router turned off and was using dnsmasq in a 'server' machine instead but that machine now has virtually nothing else to do so it would be nice if I could turn it off and use the Vigor router instead.
However, when I try and use the Vigor router as DHCP server I get several problems:-
When I boot my desktop machine it complains that it can't resolve its own name (chris).
Nothing on the local network is possible to resolve by name.
When I do a 'host chris' or anything similar I get a series of messages saying "reply from unexpected source:". DNS queries are being sent to 192.168.1.1 (the router has set itself up as a DNS proxy) but replies appear to be from the real DNS servers at my ISP.
It seems that Ubuntu/Linux can't cope with the default setup of the ADSL router but that seems unlikely as surely more people would be complaining about things not working.
Am I doing something stupidly wrong (quite likely!) or is it really not possible to set up a pretty standard router so that DNS works for the local network?
On Sat, 2010-08-07 at 19:12 +0100, Chris G wrote:
I have a Draytek Vigor 2802n ADSL router, a pretty 'normal' router, slightly up-market even.
...
However, when I try and use the Vigor router as DHCP server I get several problems:-
When I boot my desktop machine it complains that it can't resolve its own name (chris). Nothing on the local network is possible to resolve by name. When I do a 'host chris' or anything similar I get a series of messages saying "reply from unexpected source:". DNS queries are being sent to 192.168.1.1 (the router has set itself up as a DNS proxy) but replies appear to be from the real DNS servers at my ISP.
It does seem to me the router is doing something strange here. I would normally expect a DNS proxy to operate a cache which means it has to operate at application level. It has to look into the client requests, check the cache and, for a miss, check the next DNS server in the chain, cache the response and send it to the client.
What your router seems to be doing is more like NAT, i.e. forwarding the packets to the real DNS server, presumably with the router's public address as the source and then, when the reply is received, simply changing the destination address to the private (LAN) address and sending the packet on the LAN.
Regards, Steve.
On Sun, Aug 08, 2010 at 12:08:09AM +0100, Steve Fosdick wrote:
On Sat, 2010-08-07 at 19:12 +0100, Chris G wrote:
I have a Draytek Vigor 2802n ADSL router, a pretty 'normal' router, slightly up-market even.
...
However, when I try and use the Vigor router as DHCP server I get several problems:-
When I boot my desktop machine it complains that it can't resolve its own name (chris). Nothing on the local network is possible to resolve by name. When I do a 'host chris' or anything similar I get a series of messages saying "reply from unexpected source:". DNS queries are being sent to 192.168.1.1 (the router has set itself up as a DNS proxy) but replies appear to be from the real DNS servers at my ISP.It does seem to me the router is doing something strange here. I would normally expect a DNS proxy to operate a cache which means it has to operate at application level. It has to look into the client requests, check the cache and, for a miss, check the next DNS server in the chain, cache the response and send it to the client.
What your router seems to be doing is more like NAT, i.e. forwarding the packets to the real DNS server, presumably with the router's public address as the source and then, when the reply is received, simply changing the destination address to the private (LAN) address and sending the packet on the LAN.
Well the router is doing NAT as well of course, but, as you say, you'd expect the DNS proxy to do as you describe.
What I might try is to reset the router to its default setup and see if DHCP/DNS works OK then. It has a *lot* of customisation at the moment because it has a number of routes through the firewall *and* it's doing load balancing with a second router (the 2820n has a second WAN port which you can connect another router to).
I'll need to make very sure I copy the existing configuration though as it would take ages to reconfigure from first principles.
On Sun, Aug 08, 2010 at 09:19:21AM +0100, Chris G wrote: [snip]
What I might try is to reset the router to its default setup and see if DHCP/DNS works OK then. It has a *lot* of customisation at the moment because it has a number of routes through the firewall *and* it's doing load balancing with a second router (the 2820n has a second WAN port which you can connect another router to).
I have just tried the default router set up. I rebooted the router to the default factory configuration and then the only change I made was to add the login details of my ADSL. It still doesn't do local DNS even though the router comes up configured as a DHCP server.
The symptom from my Xubuntu system when I boot it is a message saying:-
Could not look up internet address for chris. This will prevent Xfce from operating correctly. It may be possible to correct the problem by adding chris to the file /etc/hosts on your system.
Not very helpful really, I can't add chris to /etc/hosts unless I give chris a static address can I? The system certainly has 'chris' as its hostname and 'chris' is returned in response to entering the hostname command.
What do others here have in their /etc/hosts file? I.e. do you have an entry for the name of the system in /etc/hosts as well as specifying it in /etc/hostname?
I'll need to make very sure I copy the existing configuration though as it would take ages to reconfigure from first principles.
That was OK, the Vigor 2820n makes it very easy to save and restore its configuration.
On 8 August 2010 13:46, Chris G cl@isbd.net wrote:
Not very helpful really, I can't add chris to /etc/hosts unless I give chris a static address can I? The system certainly has 'chris' as its hostname and 'chris' is returned in response to entering the hostname command.
What do others here have in their /etc/hosts file? I.e. do you have an entry for the name of the system in /etc/hosts as well as specifying it in /etc/hostname?
I have: 127.0.1.1 timspc
Not sure if that was me or Ubuntu 10.04, but it seems to work fine.
Tim.
On 8 August 2010 14:00, Tim Green timothy.j.green@gmail.com wrote:
On 8 August 2010 13:46, Chris G cl@isbd.net wrote:
What do others here have in their /etc/hosts file? I.e. do you have an entry for the name of the system in /etc/hosts as well as specifying it in /etc/hostname?
I have: 127.0.1.1 timspc
Not sure if that was me or Ubuntu 10.04, but it seems to work fine.
Hmm I just noticed the unusual use of the loopback address block as well..
srdjan@serenity:~$ cat /etc/hosts 127.0.0.1 localhost 127.0.1.1 serenity
# Block list 127.0.0.2 r00nskape.fileave.com 127.0.0.2 www.partypoker.com
I used to configure my machine so that the static LAN address was used for the hostname, so was a little surprised to see Ubuntu using 127.0.1.1 for the hostname. It still works so I don't worry about it.
The block list is there to stop pesky scripts, adverts, malware from being resolvable before I started to use NoScript. I used to have a large list of these somewhere, but probably got wiped during some upgrade or re-install. I should have a look at better software to block these.
Srdjan
On Sun, 8 Aug 2010 14:43:31 +0100 Srdjan Todorovic todorovic.s@googlemail.com allegedly wrote:
The block list is there to stop pesky scripts, adverts, malware from being resolvable before I started to use NoScript. I used to have a large list of these somewhere, but probably got wiped during some upgrade or re-install. I should have a look at better software to block these.
I use Dan Pollock's host file at http://someonewhocares.org/hosts/ in conjunction with DNSMasq to do just that. Using DNSMasq centralises the hosts list and means that all the crap adware/spamware/rubbish sites listed get binned as local loopback.
Works for me.
Mick ---------------------------------------------------------------------
The text file for RFC 854 contains exactly 854 lines. Do you think there is any cosmic significance in this?
Douglas E Comer - Internetworking with TCP/IP Volume 1
http://www.ietf.org/rfc/rfc854.txt ---------------------------------------------------------------------
On 09/08/10 21:25, mick wrote:
On Sun, 8 Aug 2010 14:43:31 +0100 Srdjan Todorovictodorovic.s@googlemail.com allegedly wrote:
The block list is there to stop pesky scripts, adverts, malware from being resolvable before I started to use NoScript. I used to have a large list of these somewhere, but probably got wiped during some upgrade or re-install. I should have a look at better software to block these.
I use Dan Pollock's host file at http://someonewhocares.org/hosts/ in conjunction with DNSMasq to do just that. Using DNSMasq centralises the hosts list and means that all the crap adware/spamware/rubbish sites listed get binned as local loopback.
Works for me.
I use DNSMasq too, and I do this: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2010q2/003879.html
and I have a blacklist downloaded daily by a cron job as described here: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2010q2/003877.html
I don't know how the blocklist I use compares to Dan Pollock's though.
HTH. Steve
On Mon, 09 Aug 2010 23:38:43 +0100 steve-ALUG@hst.me.uk allegedly wrote:
On 09/08/10 21:25, mick wrote:
I use Dan Pollock's host file at http://someonewhocares.org/hosts/ in conjunction with DNSMasq to do just that. Using DNSMasq centralises the hosts list and means that all the crap adware/spamware/rubbish sites listed get binned as local loopback.
I use DNSMasq too, and I do this: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2010q2/003879.html
and I have a blacklist downloaded daily by a cron job as described here: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2010q2/003877.html
I don't know how the blocklist I use compares to Dan Pollock's though.
Steve
Dan's list is about three times to size of the yoyo list. I have not checked where they overlap/differ. There are other lists on the net (El Reg pointed to one at http://www.malwaredomains.com/ for example) and there are services such as DNSrbl which are used by ISPs.
But this is an arms race. The bad guys will always be ahead, all we can do is as Dan says, try to make it "not suck as much".
I find that the list I use, together with adblockplus in FF, helps to keep the noise down.
Mick ---------------------------------------------------------------------
The text file for RFC 854 contains exactly 854 lines. Do you think there is any cosmic significance in this?
Douglas E Comer - Internetworking with TCP/IP Volume 1
http://www.ietf.org/rfc/rfc854.txt ---------------------------------------------------------------------
On 15/08/10 20:10, mick wrote:
Steve Dan's list is about three times to size of the yoyo list. I have not checked where they overlap/differ. There are other lists on the net (El Reg pointed to one at http://www.malwaredomains.com/ for example) and there are services such as DNSrbl which are used by ISPs.
But this is an arms race. The bad guys will always be ahead, all we can do is as Dan says, try to make it "not suck as much".
I find that the list I use, together with adblockplus in FF, helps to keep the noise down.
You inspired me! I decided to have a play around and found I could mangle the list provided by malwaredomains.com using sed. It's my first attempt at using sed by the way. My script below in case anyone's interested. 'scuse the line wraps.
Steve
#!/bin/sh
wget --no-verbose --output-document=/etc/dnsmasq.d/adservers \ "http://pgl.yoyo.org/adservers/serverlist.php?hostformat=dnsmasq&showintr..."
wget --no-verbose --output-document=/tmp/malwaredomains.tmp "http://www.malwaredomains.com/files/BOOT"
sed -i -e'/^/// d' -e's/^PRIMARY /address=//' -e 's/ blockeddomain.hosts$//127.0.0.1/' /tmp/malwaredomains.tmp
cp /tmp/malwaredomains.tmp /etc/dnsmasq.d/adservers2
/etc/init.d/dnsmasq restart
On 08-Aug-10 13:00:34, Tim Green wrote:
On 8 August 2010 13:46, Chris G cl@isbd.net wrote:
Not very helpful really, I can't add chris to /etc/hosts unless I give chris a static address can I? _The system certainly has 'chris' as its hostname and 'chris' is returned in response to entering the hostname command.
What do others here have in their /etc/hosts file? _I.e. do you have an entry for the name of the system in /etc/hosts as well as specifying it in /etc/hostname?
I have: 127.0.1.1 timspc
Not sure if that was me or Ubuntu 10.04, but it seems to work fine. Tim.
That is a canonical IP address for the local machine, i.e. if you give that address when working in timspc then it will talk to itself.
No other machine anywhere will find timspc using the address 127.0.1.1 since the "127" domain is always the local machine, so other machines would also talk to themselves. The default ("loopback") address for the localhost is 127.0.0.1, but other adresses in the "127" domain may be used for different methods of access from the local machine. Even though I have "127.0.0.1" in my /etc/hosts file, and not "127.0.1.1", if I telnet 127.0.1.1 I still connect to the same local host, so it recognises that 127.0.1.1 refers to itself.
The point of having it in /etc/hosts is so that giving the hostname "timspc" as address will result in the IP address being found. Otherwise you'd always have to give Ted.
-------------------------------------------------------------------- E-Mail: (Ted Harding) Ted.Harding@manchester.ac.uk Fax-to-email: +44 (0)870 094 0861 Date: 08-Aug-10 Time: 15:25:30 ------------------------------ XFMail ------------------------------
On Sun, Aug 08, 2010 at 02:00:34PM +0100, Tim Green wrote:
On 8 August 2010 13:46, Chris G cl@isbd.net wrote:
Not very helpful really, I can't add chris to /etc/hosts unless I give chris a static address can I? The system certainly has 'chris' as its hostname and 'chris' is returned in response to entering the hostname command.
What do others here have in their /etc/hosts file? I.e. do you have an entry for the name of the system in /etc/hosts as well as specifying it in /etc/hostname?
I have: 127.0.1.1 timspc
Not sure if that was me or Ubuntu 10.04, but it seems to work fine.
... and do you have other computers on the local network which can refer to 'timspc' by name (or vice versa)?
On 8 August 2010 16:51, Chris G cl@isbd.net wrote:
On Sun, Aug 08, 2010 at 02:00:34PM +0100, Tim Green wrote:
On 8 August 2010 13:46, Chris G cl@isbd.net wrote:
What do others here have in their /etc/hosts file? I.e. do you have an entry for the name of the system in /etc/hosts as well as specifying it in /etc/hostname?
I have: 127.0.1.1 timspc
Not sure if that was me or Ubuntu 10.04, but it seems to work fine.
... and do you have other computers on the local network which can refer to 'timspc' by name (or vice versa)?
That's the annoying part - no. The Windows PCs on the network sometimes work by SMB magic, but that's not always reliable. The best solution seems to be to combine DHCP and DNS in one server on the network that automatically adds local PCs to the local DNS, and preferably that server is the router.
Tim.
On Sun, Aug 08, 2010 at 05:03:15PM +0100, Tim Green wrote:
On 8 August 2010 16:51, Chris G cl@isbd.net wrote:
On Sun, Aug 08, 2010 at 02:00:34PM +0100, Tim Green wrote:
On 8 August 2010 13:46, Chris G cl@isbd.net wrote:
What do others here have in their /etc/hosts file? I.e. do you have an entry for the name of the system in /etc/hosts as well as specifying it in /etc/hostname?
I have: 127.0.1.1 timspc
Not sure if that was me or Ubuntu 10.04, but it seems to work fine.
... and do you have other computers on the local network which can refer to 'timspc' by name (or vice versa)?
That's the annoying part - no. The Windows PCs on the network sometimes work by SMB magic, but that's not always reliable. The best solution seems to be to combine DHCP and DNS in one server on the network that automatically adds local PCs to the local DNS, and preferably that server is the router.
Ah! :-)
It seems I'm back to my existing/original solution then. I have a little Linux (Ubuntu 10.04 server) system running on an Acer Aspire Revo which provides DHCP and DNS services by running dnsmasq. That works pretty well and enables one to just connect a system to the network and it will get its IP address *and* can be referred to by its name without any hassle.
It's just that I was hoping that I could turn the Acer off as it does little else now as I have moved the web server and mail server to a more powerful system.
On 08/08/10 19:06, Chris G wrote:
It seems I'm back to my existing/original solution then. I have a little Linux (Ubuntu 10.04 server) system running on an Acer Aspire Revo which provides DHCP and DNS services by running dnsmasq. That works pretty well and enables one to just connect a system to the network and it will get its IP address *and* can be referred to by its name without any hassle.
It's just that I was hoping that I could turn the Acer off as it does little else now as I have moved the web server and mail server to a more powerful system.
Can you not move DNSMasq to that more powerful system too? Or would it end up on the wrong side of a firewall?
Steve
On Sun, Aug 08, 2010 at 11:09:11PM +0100, steve-ALUG@hst.me.uk wrote:
On 08/08/10 19:06, Chris G wrote:
It seems I'm back to my existing/original solution then. I have a little Linux (Ubuntu 10.04 server) system running on an Acer Aspire Revo which provides DHCP and DNS services by running dnsmasq. That works pretty well and enables one to just connect a system to the network and it will get its IP address *and* can be referred to by its name without any hassle.
It's just that I was hoping that I could turn the Acer off as it does little else now as I have moved the web server and mail server to a more powerful system.
Can you not move DNSMasq to that more powerful system too? Or would it end up on the wrong side of a firewall?
That was what I was originally going to do but it's not ideal. My little UPS will only keep the lower power system up for any reasonable time and (as you surmise) the 'more powerful system' while not outside the firewall is the only system which allows connections from the outside world so I'd like to keep the DNS/DHCP off that.
On 09 Aug 11:18, Chris G wrote:
On Sun, Aug 08, 2010 at 11:09:11PM +0100, steve-ALUG@hst.me.uk wrote:
On 08/08/10 19:06, Chris G wrote:
It seems I'm back to my existing/original solution then. I have a little Linux (Ubuntu 10.04 server) system running on an Acer Aspire Revo which provides DHCP and DNS services by running dnsmasq. That works pretty well and enables one to just connect a system to the network and it will get its IP address *and* can be referred to by its name without any hassle.
It's just that I was hoping that I could turn the Acer off as it does little else now as I have moved the web server and mail server to a more powerful system.
Can you not move DNSMasq to that more powerful system too? Or would it end up on the wrong side of a firewall?
That was what I was originally going to do but it's not ideal. My little UPS will only keep the lower power system up for any reasonable time and (as you surmise) the 'more powerful system' while not outside the firewall is the only system which allows connections from the outside world so I'd like to keep the DNS/DHCP off that.
What box is providing the firewall? Surely that'd be the right place to put the dhcp/dns bouncing?
(Also, assuming only linux boxes and macs then installing avahi-daemon is good for doing name resolution, and tends to work quite well. It's what we use for doing stuff in the office, because we don't have to think too hard about it, and it just works. e.g. my laptop appears as erwin.local on the local network, and so can be resolved... actually, it also appears as that on a couple of vpns I have open, but shhh!)
Cheers,
On Mon, Aug 09, 2010 at 11:56:19AM +0100, Brett Parker wrote:
On 09 Aug 11:18, Chris G wrote:
On Sun, Aug 08, 2010 at 11:09:11PM +0100, steve-ALUG@hst.me.uk wrote:
On 08/08/10 19:06, Chris G wrote:
It seems I'm back to my existing/original solution then. I have a little Linux (Ubuntu 10.04 server) system running on an Acer Aspire Revo which provides DHCP and DNS services by running dnsmasq. That works pretty well and enables one to just connect a system to the network and it will get its IP address *and* can be referred to by its name without any hassle.
It's just that I was hoping that I could turn the Acer off as it does little else now as I have moved the web server and mail server to a more powerful system.
Can you not move DNSMasq to that more powerful system too? Or would it end up on the wrong side of a firewall?
That was what I was originally going to do but it's not ideal. My little UPS will only keep the lower power system up for any reasonable time and (as you surmise) the 'more powerful system' while not outside the firewall is the only system which allows connections from the outside world so I'd like to keep the DNS/DHCP off that.
What box is providing the firewall? Surely that'd be the right place to put the dhcp/dns bouncing?
The Vigor 2820n router is the firewall - quite a capable one, that's where we started though, the one thing it can't do is local DNS.
(Also, assuming only linux boxes and macs then installing avahi-daemon is good for doing name resolution, and tends to work quite well. It's what we use for doing stuff in the office, because we don't have to think too hard about it, and it just works. e.g. my laptop appears as erwin.local on the local network, and so can be resolved... actually, it also appears as that on a couple of vpns I have open, but shhh!)
Cheers,
Brett Parker
main@lists.alug.org.uk http://www.alug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!
On Mon, 9 Aug 2010 11:18:09 +0100 Chris G cl@isbd.net allegedly wrote:
Can you not move DNSMasq to that more powerful system too? Or would it end up on the wrong side of a firewall?
That was what I was originally going to do but it's not ideal. My little UPS will only keep the lower power system up for any reasonable time and (as you surmise) the 'more powerful system' while not outside the firewall is the only system which allows connections from the outside world so I'd like to keep the DNS/DHCP off that.
Ref earlier email about DNSMasq and central bad hosts. I run that on an NSLU2 running Lenny. Uses bugger all power.
Mick
---------------------------------------------------------------------
The text file for RFC 854 contains exactly 854 lines. Do you think there is any cosmic significance in this?
Douglas E Comer - Internetworking with TCP/IP Volume 1
http://www.ietf.org/rfc/rfc854.txt ---------------------------------------------------------------------
-
Brett Parker -
Chris G -
mick -
Srdjan Todorovic -
Steve Fosdick -
steve-ALUG@hst.me.uk -
Ted.Harding@manchester.ac.uk -
Tim Green