[RndTbl] home network hangs up when ISP diconnected

Trevor Cordes trevor at tecnopolis.ca
Thu Nov 24 00:49:43 CST 2016


On 2016-11-22 c0l0nelFlagg wrote:
> > Do you use dynamic DNS (usually via DHCP) so that you can use the
> > names you assign on each computer to access each other on the
> > network?  Or even assign them statically on the local DNS server.
> > Are they setup to update the DNS for your top-level domain, or a
> > subdomain?  Seeing your DNS zone files might help if you can paste
> > them.  
> Yes the smoothwall firewall PC runs as a dhcp server. For permanent 
> local LAN connections though it serves up reserved IP addresses based
> on the MAC address asking to be assigned an IP address when it first 

That's the DHCP side.  You can also usually assign a name in BIND/named
(if that's what smoothwall uses) to go with a static-MAC IP address in
dhcp.  It might already be doing this.

Again, how are you referring to computerA from computerB, say for
Windows file sharing?  \\computerA\myshare ??  or by IP address
\\192.168.0.11\myshare ??

> The local network is not assigned a domain name instead just runs
> with default localdomain settings. Basically runs in a peer-to-peer
> workgroup fashion.

OK, that should make things easier and rule out weird domain-based name
issues.

> > I have a similar setup but I use a home-brew linux firewall and have
> > carefully setup DNS to have both a valid "internal view" for local
> > computers to register their names with, and a separate "external
> > view" for outside-world users to use.  
> do you have a link to a blog or tutor web site on setting this up?

Setting up a complete home-brew firewall?  That's a non-trivial
exercise, though there probably should be some good google hits to get
you started.  Most people would probably recommend using a pre-made
linux firewall distro, though I'm not sure what the names of those are
these days.  Maybe smoothwall is one of them?  Personally, I'd build
one myself for supreme customization, but trust me it'll take a lot of
time and learning and tinkering.

As for just setting up dual views for DNS in BIND, there's a ton of
tutorials on that out there.  Just search for "bind dns internal
external views".  Though you need a somewhat recent BIND version on
your box to do that.

> > Oh ya, your problem could also just be that you should not have a
> > 2ndary or 3rdary DNS set on the clients that point to the outside
> > world.  This could cause programs to timeout longer than they have

The above is really key... I strongly recommend you do this before
anything else... get rid of all outside DNS server references except on
your firewall.  It might fix all your problems without having to do
anything else!


More information about the Roundtable mailing list