DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
LAN to LAN VPN Vigor2820n reverse DNS issue
- mattak
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 10
- Thank you received: 0
13 Apr 2011 20:08 #67274
by mattak
LAN to LAN VPN Vigor2820n reverse DNS issue was created by mattak
Hey all I wonder if you can help me, I've been banging my head for ages trying to work this out:
I have two 2820ns set up at remote sites and I can get them to connect to each other with no problem and everything seems to work fine but I can't seem to do reverse dns lookups from the remote site to the DNS server.
Site one with DNS server: 10.0.2.0 subnet with 10.0.2.1 as the server
Site two: 10.0.0.0 subnet with 10.0.0.1 as the second server(not dns)
I have everything set on the 10.0.0.0 subnet set to look to 10.0.2.1 for dns and everything works apart from reverse dns for the 10.0.0.0 records.
I have set an A record for backup.something.com for 10.0.0.1 and it has the reverse correctly set.
In mac os x terminal I write: host backup.something.com
and i get: backup.something.com has address 10.0.0.1
if I then do: host 10.0.0.1
I get: Host 1.0.0.10.in-addr.arpa. not found: 3(NXDOMAIN)
but if I do: host -l 10.0.0.1
i get: 1.0.0.10.in-addr.arpa domain name pointer backup.something.com. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
It doesn't seem that the UDP request for the reverse lookup is passing through the VPN but the TCP will????!!!!!
I've done some packet sniffing on both sides (with I don't totally understand) and it doesn't look like the reverse lookup is getting to site 1. But then I have no idea what is responding to the request in site 2?
Why does forward work but not reverse??
Can anyone please help
I have two 2820ns set up at remote sites and I can get them to connect to each other with no problem and everything seems to work fine but I can't seem to do reverse dns lookups from the remote site to the DNS server.
Site one with DNS server: 10.0.2.0 subnet with 10.0.2.1 as the server
Site two: 10.0.0.0 subnet with 10.0.0.1 as the second server(not dns)
I have everything set on the 10.0.0.0 subnet set to look to 10.0.2.1 for dns and everything works apart from reverse dns for the 10.0.0.0 records.
I have set an A record for backup.something.com for 10.0.0.1 and it has the reverse correctly set.
In mac os x terminal I write: host backup.something.com
and i get: backup.something.com has address 10.0.0.1
if I then do: host 10.0.0.1
I get: Host 1.0.0.10.in-addr.arpa. not found: 3(NXDOMAIN)
but if I do: host -l 10.0.0.1
i get: 1.0.0.10.in-addr.arpa domain name pointer backup.something.com. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
It doesn't seem that the UDP request for the reverse lookup is passing through the VPN but the TCP will????!!!!!
I've done some packet sniffing on both sides (with I don't totally understand) and it doesn't look like the reverse lookup is getting to site 1. But then I have no idea what is responding to the request in site 2?
Why does forward work but not reverse??
Can anyone please help
Please Log in or Create an account to join the conversation.
- mattak
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 10
- Thank you received: 0
14 Apr 2011 08:28 #67282
by mattak
Replied by mattak on topic Re: LAN to LAN VPN Vigor2820n reverse DNS issue
After more banging of my head it seems that the vigor in site two is responding to the dns?
It's ip address is 10.0.0.250
If I do: host 10.0.0.250
I get: 250.0.0.10.in-addr.arpa domain name pointer my.router.
but there is no such record on the dns server so the draytek is responding.
I tried resetting this router to factory default setting then input everything again but no help.
Please help
It's ip address is 10.0.0.250
If I do: host 10.0.0.250
I get: 250.0.0.10.in-addr.arpa domain name pointer my.router.
but there is no such record on the dns server so the draytek is responding.
I tried resetting this router to factory default setting then input everything again but no help.
Please help
Please Log in or Create an account to join the conversation.
- nobody
- Offline
- Member
Less
More
- Posts: 115
- Thank you received: 0
14 Apr 2011 08:51 #67283
by nobody
Replied by nobody on topic Re: LAN to LAN VPN Vigor2820n reverse DNS issue
What are the contents of your /etc/resolv.conf ?
(open a terminal, type:
cat /etc/resolv.conf
)
(open a terminal, type:
cat /etc/resolv.conf
)
Please Log in or Create an account to join the conversation.
- mattak
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 10
- Thank you received: 0
15 Apr 2011 19:31 #67321
by mattak
Replied by mattak on topic Re: LAN to LAN VPN Vigor2820n reverse DNS issue
Yeah I'm using mac os x servers
#
# Mac OS X Notice
#
# This file is not used by the host name and address resolution
# or the DNS query routing mechanisms used by most processes on
# this Mac OS X system.
#
# This file is automatically generated.
#
search something.com
nameserver 127.0.0.1
#
# Mac OS X Notice
#
# This file is not used by the host name and address resolution
# or the DNS query routing mechanisms used by most processes on
# this Mac OS X system.
#
# This file is automatically generated.
#
search something.com
nameserver 127.0.0.1
Please Log in or Create an account to join the conversation.
- nobody
- Offline
- Member
Less
More
- Posts: 115
- Thank you received: 0
16 Apr 2011 10:12 #67324
by nobody
Replied by nobody on topic Re: LAN to LAN VPN Vigor2820n reverse DNS issue
too bad, your mac is not configured to use bsd flat files for name resolution, so, nothing can be guessed from the contents of the file.
However, if you use macosx server:
in the server admin, DNS settings:
have you configured the server permissions so that requests from clients of the remote subnet(s) will be answered ?
However, if you use macosx server:
in the server admin, DNS settings:
have you configured the server permissions so that requests from clients of the remote subnet(s) will be answered ?
Please Log in or Create an account to join the conversation.
- mattak
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 10
- Thank you received: 0
16 Apr 2011 20:34 #67325
by mattak
Replied by mattak on topic Re: LAN to LAN VPN Vigor2820n reverse DNS issue
Yeah the DNS server is set to answer recursive queries from the 10.0.0.0/24 subnet.
The DNS server is set up correctly and can be used to browse the net and do pretty much everything but to set the second server on the remote site up correctly I need reverse and forward dns resolution to work. The resolution works fine on the local subnet but as the packet sniffer showed the draytek is not sending the reverse dns queries through the VPN tunnel. It almost seems like the draytek itself is responding. That's the only way i can understand getting my.router when I ask what the ptr record from 10.0.0.250 is.
Please help
The DNS server is set up correctly and can be used to browse the net and do pretty much everything but to set the second server on the remote site up correctly I need reverse and forward dns resolution to work. The resolution works fine on the local subnet but as the packet sniffer showed the draytek is not sending the reverse dns queries through the VPN tunnel. It almost seems like the draytek itself is responding. That's the only way i can understand getting my.router when I ask what the ptr record from 10.0.0.250 is.
Please help
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek