Server :: Stop All Outbound DNS Queries?
Nov 7, 2010I have internal-only email server that has internal BIND9 running. Thought it only has its IP address defined in /etc/resolv.conf, it is still resolving outside addresses.
View 2 Replies
ADVERTISEMENT
Networking :: Slow Outbound - Fast Outbound Cross Country Connection
Jun 2, 2011I'm having an issue where a server in CA (1000/full) and in VA (100/full) have very lopsided data transfer.
CA -> VA with iperf shows ~20Mbps
VA -> CA with iperf shows ~93Mbps
If we change the CA server to 100/FULL, transfer speed is 93Mbps both ways.
Some tuning was done to TCP window scaling parameters, but it won't correct the issue, just improve the CA -> VA numbers to what is listed above. I will say, turning TCP window scaling OFF will lower the transfer speed both ways to < 20Mbps.
The only clue I have when looking at wireshark dumps is that the window scale going OUT would never go past 10240 (scale is 8, so 2^8 x 40bytes). In the opposite direction, the window size will go above 3MB (scaled).
It is not a bandwidth problem as iperf with UDP shows 93Mbps both ways. Local transfers (CA 1000/full to CA 100/full) show full speed both ways, so I feel it is strictly related to TCP window scaling.
RedHat 5 64-bit on both sides. Any ideas why it won't scale above 10240?
Server :: Counting Inbound - Outbound Mails
Jul 22, 2011Is there a way I can count inbound/outbound mails for a particular user? I'm using sendmail as MTA and dovecot for POP3.
View 1 Replies View RelatedNetworking :: How To Forward All DNS Queries Through ISP DNS Server?
Jul 5, 2011I would like configure a DNS server on Debian, only to forward through my ISP DNS servers.
View 4 Replies View RelatedServer :: BIND Refuses Queries ?
Feb 15, 2010I am currently running the latest version of Bind, and for some completely unknown reason I can NOT get queries to work for PTR records. All queries to the servers for reverse name lookup get query denied:
Using domain server:
Name: 66.150.173.1
Address: 66.150.173.1#53
Aliases:
Host 27.173.150.66.in-addr.arpa not found: 5(REFUSED)
And it shows in my logs:
I am at my wits ends with the piece of crap. Can anyone shine some light on why this damn Bind install won't respond to these queries?
For reference here is my named.conf:
Code:
Server :: Named Not Responding To Queries
Feb 23, 2010My DNS server used to work flawlessly but for some reason it no longer responds to queries. It seems that named always queries internet root serves!!
View 3 Replies View RelatedServer :: Cannot Send Outbound Mails Connection Timed Out (port 25)?
Feb 4, 2011I've ben punding myhead on this issue. I've setup a new postifx server on rhel5. After editing the needed entries, i can't seem to send any outbound mails to yahoo or any other domains.My postconf -n is as follows:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
[code]...
Fedora Networking :: DNS Queries - Connect To A Ssh Server ?
Aug 28, 2011How often are dns queries sent? Assume I want to connect to a ssh server, will I send one dns-query in order to do that or do I send multiple during my connection? What if I request web-pages, do I send a query only when I enter a site or will I send queries every time I visit a new page on that site?
I'm asking since I'm considering getting an account at dyn.com (the standard account for $30/yr) and it comes with 600 000 queries per month (which is way more than I expect to get but knowing exactly what it means is always good).
General :: Run Queries Against Microsoft Sql Server From System?
Jan 9, 2009Is there a way to run queries against a Microsoft sql server from linux? Here is what I would like to do. When I create apps that us db back end I would like to quickly check results of my queries. so if I could do something like "select * form Orders" from the terminal or another app that would be great.
View 6 Replies View RelatedServer :: Bind9 Log Full Of Localhost Queries?
Feb 24, 2011I have my bind9 DNS server running on Ubuntu with logging on. What's bothering me is that I have log full of localhost queries instead of from IP of the computer which actually asked.DNS queries log:/var/log/named.queries.log
Code:
24-Feb-2011 16:01:19.413 client 127.0.0.1#38022: query: clients4.google.com IN A + (127.0.0.1)
[code]....
Server :: BIND 9.5 On Fedora Core 9 Not Resolving Dns Queries
Apr 21, 2010I have this ISP grade Nameserver running on BIND 9.5 on Fedora Core 9 64 Bit.
Its been pretty working well for sometime until a last week when we noticed it stopped resolving for our clients using on our service.
It gives correct authouritative answers for our own ISP domain with the A, PTR and MX intact but does not return resolving queries back to clients.
Below are my files
This is the message from /var/log/messages
The 41.223.x.x and 41.215.x.x ip address are from our ISP subnet and so are our own clients being denied.
The box is also hosting our traffic graph server which is on a LAMP but listens on another IP/ethernet card.
So far the load on the server is minimal as is a Dell R200 rack server.
Server :: DNS Merge / Intercept Queries From Zone File
Jun 4, 2010I chose -Server-, if this is more appropriate in -Networking-, just let me know. Basically, I need to be able to merge responses stored in a zone file with responses from an "upstream" authoritative server. I'm in the sad position of needing to "intercept" requests to *part* of a domain (but not restricted to a sub-domain!) and return results for *some* hosts that use an internally routed address, and results for the rest using the public internet addresses. Unfortunately, it's not my domain, so I can't just use views (although I suspect they could end up having some part to play in this, at least potentially)... but instead I have to actually send requests recursing to the other site's external DNS for any hosts my server doesn't have records for in the zone file.
Some background on the situation:
I work at a local government, which has a private link / VPN connection to a state government entity, and needs to use internal addresses for some of the state servers, which then get routed over an "internal" network link. But the state uses the same domain name internally and externally, just presenting views to internal clients vs. external clients. -- However, we are only being allowed access to certain of their servers through the internal link, which means that for any other servers that we don't have internal/private access for, we have to visit the public addresses just like anyone else on the internet... So, I can't just send all requests to their internal DNS and get responses, because we'd get IPs for some servers (e.g. their main web site) that we wouldn't then be able to reach using the internal network link.
For Example: Say I have a client machine, "client1", on my network ("my.net"), which uses "mydns1.my.net" for name resolution ... and which needs to access 2 servers on the state network, "private.st.us" and "public.st.us" -- so named based on how "my.net" needs to access them.
The external state DNS server/view ("ext-dns.st.us") responds to requests with something like:
private.st.us -- 1.2.3.456
public.st.us -- 1.2.3.457
(Those are just crap addresses, obviously.
The internal state DNS server/view ("int-dns.st.us") responds to requests with something like:
private.st.us -- 10.0.0.8
public.st.us -- 10.0.0.10
This works on their network because their own clients have access to all such IPs.
But for us, they only allow traffic flowing between "my.net" and their internal network to reach the 10.0.0.8 address, blocking all other address destinations. So, when "client1.my.net" asks "mydns1.my.net" for the address of "public.st.us", I need "mydns1" to recurse out to "ext-dns.st.us" to get an answer (1.2.3.457) and then return that IP to "client1" -- because "my.net" is blocked from accessing the server's 10.0.0.10 address. But, when client1 asks mydns1 for "private.st.us" I need to pull the IP (10.0.0.8) from a local zone file instead of asking either of the state DNS servers -- or optionally forward the request to "int-dns.st.us" I suppose -- because the state blocks access to certain services (which we need and are the whole cause of this problem!) via the public (1.2.3.456) address.
Software :: Caching-only Name Server To Forward Queries-Bind
Feb 14, 2011I can configure a caching-only name server fine, but how do I make it forward DNS queries too?
I'm thinking I could add the below to the options stanza in the /etc/named.conf file:
Ubuntu Servers :: Setup An Outbound SMTP Mail Server With & Using Multiple IP Addresses
Mar 15, 2010This is the current setup that we have: We have approx 20 clients who pay us to send out a type of e-mail called an E-Blast to their customers. We currently are using 5 Microsoft Windows Virtual Servers to do this. The problem is that those machines are starting to break down. There are times that it will take Microsoft Windows approx 9-10 hours to complete 1 job. This is way too long. We want to move away from Microsoft Windows for this particular type of job as it seems there are more customers who are wanting to use this type of advertising.
It seems that using a Linux Server "Command Line or Shell" environment would be the best way to go as there is no GUI like Windows. Since there is just text...that is something that would/should process very, very quickly.
I am in the process of setting up a new SMTP outbound mail server. This is the current software & configuration (what is installed on this new machine):
All of the customer data (Names, E-Mail Addresses, etc that these e-mails are going to) are currently loaded in a Microsoft SQL Database.
My machine that I am using is plugged into the DMZ. I have 1 ip address for the 1 network card. I have also added/bound 4 more ip addresses to that network card.
I have configured Postfix for Multiple IP Addresses.
I can, from the command line, send successful test e-mails and receive them in my personal account.
As far as I know everything is setup correctly. I can and will post requested information so that it can be verified that everything is setup correctly.
Here are a couple of my questions:
Ensure that I have my Network / Interfaces file and my Postfix's Master.cf/Main.cf files setup correctly?
How can I setup this server to be an Outbound SMTP server and get it to use all 5 of the IP Addresses to send these e-mails quickly?
What can I use to check and ensure that this server is in fact sending out emails on all 5 IP
Addresses (I heard that there is a program named "Postal" that may help in determing this).
CentOS 5 Server :: Dnsmasq Starts But Doesn't Reply To Queries
Sep 5, 2010trying to configure a Centos 5.5 server (simple file server with DHCP and DNS relay). I configured and tested the config (by 'service dnsmasq configtest') of dnsmasq and I got the message 'dnsdomain:host unknown (translation of the real message : hte inconnu) and I didn't find where I could define this host ! The hostname of the server is well defined and I can see it from all Windows PC's on the LAN. dnsmasq starts (with hte same message as in configtest) but when querying DNS from PC's te.g. trying to surf the Internet), I don't get replies (3 DNS servers are also well defined and operational).
View 2 Replies View RelatedCentOS 5 Networking :: Bind Server Not Responding To Client Queries
Mar 4, 2011I am bit new to Linux and have setup caching-only name server with Centos 5.5. when i do dig server, it provide resolutions. but when i use the server IP as DNS on my windows client, it says, "connection refused" on the NSlookup output. (IP table didn't enable) My server Ip is 192.168.1.253 and bellow is the configuration of "/var/named/chroot/etc/named.conf"
options {
listen-on port 53 { 127.0.0.1; 192.168.1.253; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt"; .....
OpenSUSE Network :: Warning: Name-Server Ns.xxxxx.ch (nn.nn.nn.nn) Answers Recursive Queries
Jul 19, 2010I have registered 2 nameservers running bind for a certain domain. The log file of my domain name provider (SWITCH) shows the following warning:
Warning Der Name-Server ns.xxxxx.ch (nn.nn.nn.nn) beantwortet rekursive Anfragen.
In English that would be:
Warning: Name-Server ns.xxxxx.ch (nn.nn.nn.nn) answers recursive queries.
The NS triggering the warning is running openSUSE 10.2 and the other one 11.1. Both configuration files /etc/named.conf are equivalent (well, forwarders are different). There is no such warning for the NS with 11.1. When I add "recursion no;" to the options in /etc/named.conf the warning goes away, but FF or SeaMonkey running on the server no longer get their DNS requests resolved.
Networking :: Turned On Query Logging On Our Name Server And Immediately Saw Repeated Queries For?
May 14, 2010I recently turned on query logging on our name server and immediately saw repeated queries for . (dot). I've not seen this before. It looks like a really sloppy DOS. What would this return if my NS was misconfigured?
May 13 18:11:41.710 queries: info: client 91.202.63.129#56089: query: . IN NS
May 13 18:11:42.083 queries: info: client 91.202.63.129#62826: query: . IN NS
May 13 18:11:42.788 queries: info: client 91.202.63.129#13620: query: . IN NS
[code]....
General :: Logging Outbound Ssh Traffic
Dec 8, 2009I need to log outbound (server -> remote) ssh traffic, but am unsure of the best way to do this.
I added this to iptables, but nothing is being written to the logs when I ssh from the server to another system.
iptables -A OUTPUT -m state --state NEW -j LOG --log-uid iptables-save
Networking :: Determining Inbound Vs Outbound
Mar 14, 2011Looking at the output of netstat, I'm not seeing a definitive way to tell which torrent connections are clients reaching in to my machine vs my machine reaching out to the world. Is there a clear way to determine which is which?
View 1 Replies View RelatedServer :: Deadlock In NFS4 / Shared Servers Suddenly Stop Responding And Cant List It From Debian 5 Server?
Jan 4, 2010I am connecting servers using NFS4 the shared directories are on servers running Debian 4 while the one who read from them is Debian 5.0.3. The problem is one of these shared servers suddenly stop responding and you cannot list it from Debian 5 server, also df hang, and the web application that is using it does not respond to requests that use this shared directory since it is blocked. Then the load on the server start to increase until the server cannot respond (over 90). I have found many entries in the syslog that refer to this like:
ma25555 kernel: [1200285.732919] nfs: server 10.xxx.xxx.xxx not responding, still trying
Dec 31 08:16:33 ma25555 kernel: [1200289.815378] INFO: task java:9702 blocked for more than 120 seconds.
Dec 31 08:16:33 ma25555 kernel: [1200289.835249] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
code....
I have tried the connection between the 2 servers using ping for one day and all are OK (zero lost)
There are 3 other servers that are running Debian 4 and are working fine.
Server :: Stop Setting Up An Open Relay Spam Server?
Jul 25, 2011Because our visitors/customers are short term, and may be configured incorrectly with their own mail servers we automagically redirect all port 25 traffic going to internal IP's to our own mail servers while on our network.(postfix on centos 5.6)While I have taken some measures to prevent it from spamming, I would greatly appreciate some assistance.I will be putting in clamav, but I haven't configured it yet with the mail.I am using postfix, but can also put on procmail or even spam assassin
View 6 Replies View RelatedUbuntu Servers :: Outbound SMTP Via Postfix
May 26, 2010I have just built an internal postfix server for sending mail only, it's not accessible outside our network. I will be sending from our domain, Rewriting the from field to abc.com is turned on in the postfix config. A friend is telling me this will not work as they will do reverse lookups on our domain. What does this mean? Obviously the domain the email is sent from is a valid domain. If they do a lookup from the IP the mail came from it would be global crossing, our internet provider? These outbound emails are critical client reports, I want to make sure they are not seen as spam.
View 1 Replies View RelatedUbuntu Servers :: FTP Breaks With Outbound Connection
Jul 24, 2011I'm sending files to a remote server by way of FTP via a PHP script. With the firewall turned on these files are getting to the remote server with 0kb and the remote server is timing out before all the files are received. When the firewall is turned off the all files are received in tact. There are no outbound rules set in the iptables, looking for ideas on what to check next.
View 4 Replies View RelatedGeneral :: Outbound Http Connections Blocked
Nov 21, 2010(centos 5.5 86*64 with cpanel) I am trying to set up a php script.
The script requires an outbound connection to project honeypot and when I go to the honeypot.php on my server I get an error asking if outbound connections are disabled.
They could be...I am not sure where to check, I have checked csf and outbound tcp is allowed on port 80, but I am not sure if I should be looking somewhere else.
Obviously I dont want to make the server insecure, so I am wondering how I can allow this outbound connection.
CentOS 5 Server :: Mail Server Keeps On Hanging / Stop It?
Feb 1, 2010Our mail server keeps on hanging after a while. This happened after there was a breakdown in electricity supply and the server room air conditioners stopped working for almost half a day. We are not sure whether this is a server hardware problem or a coincidence with a break-in attempt or malware activity.
Following are the message from the server log code...
Fedora Networking :: Limit Outbound TCP Connections To Single IP?
Oct 19, 2009I'm having a problem that seems to plague a lot of people judging from my research on the web. I have a hosting provider that limits the number of incoming connections to the shared host to 50 per IP.
I have a single IP for outbound connections and I use Squid as a proxy server.
Lately I've tripped across the 50 connection limit frequently - and that's with only 1 user. It seems the problem is related to the performance you can get out of a desktop these days. Its not impossible to have several browsers open with several connections to different sites on the same server - and boom - locked out!
So it occurred to me that there must be some way to limit the number of outbound connections in the kernel - but I've not found it. I did find that Microsoft had been limiting the number of outbound connections in XP to 10 to address the virus problem, and I've found countless hosting complaints and dialog on the subject with no easy solution.
So my question is simply, does anyone know how to limit the number of OUTBOUND connections to a single IP in the kernel?
General :: Is There Interactive Firewall For Outbound Traffic On Ubuntu?
Aug 24, 2010I wish to prevent some programs from "phoning home", and to allow other programs to access only specific web servers.Is there any way to interactively allow or decline outbound communication from individual programs on Ubuntu?
View 4 Replies View RelatedNetworking :: Blocking Outbound Traffic In Promisc Mode?
Aug 17, 2010Is there a way to configure my interface to promisc mode and also make it not capture the "transmitted" packets. ?I mean, i want the interface in Promisc mode but only for inbound traffic.If there isnt any using ifconfig, can it be by configuring eth0 to promisc using ifconfig , and filtering outbound traffic from being captured using sockets or something ?
View 4 Replies View RelatedGeneral :: Horde On CentOS 5: Can't Send Outbound Message?
Mar 14, 2010My setup is local install so I don't expect it to receive emails from the internet.However I do expect it to be able send messages to the internet, but it doesn't seem like it. I have tried setting up on FreeBSD before and it was able to do so but I wasn't involved in the setting of the machine though. I was just tasked to setup Horde
View 3 Replies View Related