On Mon, 2005-11-07 at 10:34 +0100, Fabiano Petrone wrote: > the problem is about (I guess...) DNS. Sounds about right. > ping doesn't go, I.E.: > > [root@fedora3 etc]# ping www.google.com > ping: unknown host www.google.com You'd expect that for DNS resolution errors. But this sounds like firewalling issues: > [root@fedora3 etc]# ping 66.249.93.104 > PING 66.249.93.104 (66.249.93.104) 56(84) bytes of data. > ping: sendmsg: Operation not permitted > ...and the corresponding logs are tons of things like these: > > Nov 6 21:11:06 fedora3 kernel: Unknown InputIN=ppp0 OUT= MAC= SRC=218.27.16.180 DST=212.63.101.78 LEN=337 TOS=0x00 PREC=0x00 TTL=42 ID=0 DF PROTO=UDP SPT=59758 DPT=1026 LEN=317 > Nov 6 21:11:29 fedora3 kernel: Unknown OutputIN= OUT=ppp0 SRC=212.63.101.78 DST=66.249.93.104 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=17717 SEQ=0 > Nov 6 21:11:30 fedora3 kernel: Unknown OutputIN= OUT=ppp0 SRC=212.63.101.78 DST=66.249.93.104 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=1 DF PROTO=ICMP TYPE=8 CODE=0 ID=17717 SEQ=1 We'd probably need to see your firewall rules to figure out why. > my /etc/resolv.conf is: > > search home.net > nameserver 192.168.0.50 > nameserver 212.63.96.34 > nameserver 212.63.96.35 > > 192.168.0.50 DNS is ***only internal**** (home.net, for experimental > purpose) with BIND > in other words, in /var/named/chroot/etc/named.conf the outside zone > is all > /*commented*/ > > The 212.63**** DNSs are my provider's regular and in-great-shape DNSs. What's happening is that first your system it's trying to resolve it locally, and that isn't working. It's probably getting a failure message from your DNS server, but for some reason doesn't bother to try any other servers on your list, or the failure takes too long that it times out. Even if it did switch to using the next server, there'd be a long delay, and it'd be the first server to query for the next lookup. Which could mean that trying to look up a local name will fail. Why not use your own DNS server exclusively? It can resolve all your queries, and you'd have no need to use your ISPs. I do it that way, for simplicity, and my ISP's DNS servers are poor. -- Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.