name resolution problem when using wired connection for VPN
Rick Stevens
rstevens at vitalstream.com
Fri Mar 4 17:34:43 UTC 2005
Scot L. Harris wrote:
> On Thu, 2005-03-03 at 19:15, Rick Stevens wrote:
>
>>Scot L. Harris wrote:
>
>
>>>Don't see anything in iptables that would block name resolution when the
>>>VPN is active on the wired port.
>>>
>>>I tried disabling iptables as well and no change.
>>>
>>>I forgot to include in the first message that IP connectivity works with
>>>VPN and wired connection. I can ping the name servers but queries time
>>>out.
>>
>>Hmmm. Interesting. Normally a VPN is set up point-to-point. Is the
>>DNS server on the network that you're VPNing (is that a word?) to?
>>
>>The other thing is the default route. You didn't say if both interfaces
>>are active when DNS doesn't work. I'd suspect that the default route
>>got wonked when eth0 came up with the VPN and you aren't actually
>>getting to the DNS server you think you are.
>
>
> Thanks for taking interest in this problem.
>
> No just one interface at a time is active. ifconfig shows only one with
> an assigned IP address and netstat -rn shows the active interface in the
> last column.
>
> I can ping the DNS servers listed in the resolv.conf file. But trying
> to resolve names with them when the wired interface is being used does
> not work. Did not have this issue under FC2.
>
> Could this be an issue with NetworkManager? Been using that for awhile
> mainly with the wireless connection. I noticed this problem when I
> traveled to another site and connected up using a wired connection. I
> have since reproduced the problem here. I think when I first brought
> the system up I used the wired connection. But installed NetworkManager
> to get the wireless working.
If "NetworkManager" is the same as system-config-network, I've never
trusted it. My network stuff is set up by hand (I'm old-school...well,
maybe just old). However, I don't run VPNs here for any of my stuff
so I really can't speak to the difficulty of setting up VPNs manually.
> Is it possible to extract NetworkManager completely from a system? I
> may try that next just to see if I can get the wired connection working.
Someone else would have to tackle that one. I don't use
"system-config-network" and I'm not sure if that's what you call Network
Manager or not.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- If you're not part of the solution, you're part of the precipitate -
----------------------------------------------------------------------
More information about the fedora-list
mailing list