Subject: | |
From: | |
Reply To: | |
Date: | Wed, 18 Sep 2013 07:47:50 -0700 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Tom,
Just a couple of comments:
It sounds like you have one device that is acting like the DSL modem,
and a NAT router. Is that correct you have a single box? If so what is
the make & model?
It also seems like this device seems like it thinks it can act as a DNS
server, perhaps caching or just forwarding. I suspect there is some set
up for that.
I found this page www.cyberciti.biz/faq/dhclient-etcresolvconf-hooks/
which offers a few ways to use static dns addresses rather than get them
from DHCP. I personally like Option #3.
Joe
On 09/17/2013 03:26 PM, Tom Rosmond wrote:
> Shane,
>
> Unfortunately, your suggestion didn't make any difference. But your
> observation about my modem being misconfigured is probably correct, and
> I have been looking at all the settings to see what could be the source
> of the trouble. Nothing apparent yet. Maybe I need a new modem.
>
> BTW, I didn't see the 'not available' response for port 53, which makes
> sense I guess since I still see the delay. And I am pretty sure port 53
> is correct. Frustrating.
>
> Thanks,
>
> T. Rosmond
>
>
> On Tue, 2013-09-17 at 22:33 +0100, Shane Voss wrote:
>> On 17/09/13 21:24, Tom Rosmond wrote:
>>> Last weekend I posted the thread 'slow loading browser homepage'. I got
>>> useful feedback from several people that helped narrow the problem to
>>> the order that nameservers are listed in my 'dhclient-eth0.leases' file.
>>> It has the line:
>>>
>>> option domain-name-servers 192.168.0.1,216.177.225.9;
>> It looks to me as if your dhcp server is misconfigured. I presume this is the
>> modem. So the "proper" solution is to persuade that modem not to list itself
>> as a DNS server.
>>
>> One hack that might work around this is to use iptables to prevent yourself
>> sending DNS requests to the modem:
>>
>> iptables -A OUTPUT -d 192.168.0.1 -p tcp --dport 53 -j REJECT
>> iptables -A OUTPUT -d 192.168.0.1 -p udp --dport 53 -j REJECT
>>
>> The REJECT should result in an immediate response saying that port is not
>> available, rather than a delay waiting for it to respond.
>>
>> If that works, you can make the firewall rules "permanent" thus:
>>
>> service iptables save
>> chkconfig iptables on
>>
>> Shane
>>
|
|
|