on 7-13-2008 10:06 AM Lanny Marcus spake the following: > On 7/11/08, Scott Silva <ssilva at sgvwater.com> wrote: > <snip> >> I just played with one of my test vmware ipcop images and set it to dhcp on >> our internal network (which should simulate your natted connection through >> your adsl modem) for the red interface and I was able to dig +trace >> google.com >> with proper answers. So it is possible to get it working unless your ISP >> blocks DNS queries to anywhere else but their own servers. > > Scott: There are probably one or two configuration settings that I do > not have correct at this time. That is why I am testing this on our > Backup IPCop box. > > You got this to work, so it will work for me, if & when I get the > configuration settings correct. Question: Do I need to put something > in the hosts file? At the moment, I cannot use that IPCop box to surf, > because there is no name resolution. TIA! Lanny Just played with the vmware box again. It won't resolve to itself, so forget putting the localhost address in the dns servers box. The other box I played with had a secondary address as a fallback and that is why it was working. I think for the dig +trace to work for you you need a box that will do full recursion as your upstream DNS server. I had mine pointed to our caching resolver and I saw the queries log there. I would forget about setting nameservers in your adsl modem as I doubt it has a very large cache so it will expire entries quickly. If you point your ipcop's dns entries to opendns or another free resolver you should be good to go. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 258 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20080714/1f4190ab/attachment-0005.sig>