On 10/24/06, Eric Tanguy <eric.tanguy@xxxxxxxxxxxxxx> wrote:
Le mardi 24 octobre 2006 à 11:20 -0700, Tod Merley a écrit : > On 10/24/06, Eric Tanguy <eric.tanguy@xxxxxxxxxxxxxx> wrote: > > I'm not sure this problem is related to fedora but ... > > I use a vpn connection to connect from home to my university. This > > connection uses a java software client. > > the connection is established so i try to make a nslookup something and > > the system answers well. I retry the same nslookup command 1 minute > > later and the system answer connection timeout. > > I can't understand where the problem come from. The connection seems to > > be established for a very quick time and after that all is down. > > The same connection worked fine few weeks before so maybe it's related > > to an update ? > > If i reboot the same machine on winxp the vpn connection works like a > > charm ... > > Someone could point to me in a direction ? > > Thanks > > > > Eric > > > > > > > > -- > > fedora-list mailing list > > fedora-list@xxxxxxxxxx > > To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list > > > > Hi Eric Tanguy! Hi Tod Merley! > > I am a bit confused. Are you running nslookup on your local machine > or on the machine you have a VPN connection to? Yes i'm running nslookup on my local machine and at the beginning it works fine using dns from the vpn network and just after the dns stop to answer. > > I would be suspicious that a firewall setting prevents a needed > service? Kind of a long shot guess. It coould be the local machine firewall but i use firestarter and i disable it before to make a vpn connection > > This might be a good time to get into using a protocol analyzer: > > http://www.ethereal.com/ > I already try something like that but it's difficult for me to use these datas. It seems that the local machine send a request to the dns without any answer. > Note you can use it with Windows as well so you could do an "A" - "B" > comparison. > > I have run into nameservers which improperly respond to IPv6 DNS > queries. Basically they based their firmware on a faulty MS provided > development kit. New firmware is one cure, eliminating the faulty > nameserver from the list in /etc/resolve.conf another. > Maybe it could be usefull to disable ipv6 but i can't remember how to do that. > Good hunting! > > Tod > -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Hi Again Eric! You wrote:
Yes i'm running nslookup on my local machine and at the beginning it works fine using dns from the vpn network and just after the dns stop to answer.
I take it that the DNS server is on the VPN? A couple of thoughts: 1. The protocol used by the OSS nslookup verses the MS nslookup may be differant. 2. The protocol may be seen by security software on the VPN as hostile and so it may shut you down. 3. Linux may use differant ports than MS and my hit a firewall on the VPN side. 4. The problem may go away if you update the DNS server software and/or firmware. 5. The problem may go away if you update the linux software (nslookup, kernel, etc..). We are kind of shooting in the dark here. There may well be useful information in /var/log. The Ethreal output is easier to read than raw tcpdump. Some DNS tools for the road: http://www.dns.net/dnsrd/tools.html http://www.linuxjournal.com/article/4597 http://www.usinglinux.org/dns/ Good Hunting! Tod