Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Masquerading and diald

Posted on 1997-06-19
1
Medium Priority
?
290 Views
Last Modified: 2010-03-17
I have a local ethernet network with ip masquerading and diald. My problem is that when I try to gain access to a local machine diald brings up my ISP. I think that my problem is in my routing setup. My ip address's are 192.168.1.1 for the server and 192.168.1.2 for the host. My ISP account is dynamic ppp. Any help would be greatly appreciated !!!!!
0
Comment
Question by:wilt
1 Comment
 
LVL 3

Accepted Solution

by:
sauron earned 150 total points
ID: 1584946
I had exactly the same problem as this. In 99% of cases, I have found that it's DNS traffic that causes the problem. Make sure your hosts files list all you local machines. The make sure you don't have hosts.allow or hosts.deny files clogging things up.

Many protocols do something like the following

Client quieries DNS for servers address
Client connects to server
Server does revers lookup on client to ensure that clients claimed IP address is the same as the DNS's IP address for client's hostname.

This is a security enhancement and is usually transparent, but with diald.....

the r utilities are affected by this behaviour, among other things. f you have hosts.allow and hosts.deny files containing hostnames, it does this for everything.

What you can do is run tcpdump -i ppp0 on your masquerading machine, then try something which shouldn't bring the linl up, but does. This will show you the packet traffic across the link, which should help you pinpoint it. Be aware that tcpdump itself will do DNS lookups to be able to show you hostnames not IP addresses, so you'll have some extra packets originating from the masquerading machine. There's an option to tcpdump that will tell it to show numerical IP's, and will stop this behaviour.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question