View Full Version : Linux firewall / ISP connection problem

Dolby Digital
02-07-2002, 01:25 PM
Any gurus out their who could help me with a problem I am having connecting to Clearnet. It only happens occasionly and wondered if it is a problem at ClearNets end (wash my mouth out). Warning - I am not totally sure what I am talking about! An outgoing UDP packet is being denyed by my firewall to Clears DNS server port 53. From my modem lights my Linux box is trying to talk to the server out there but some small network packet is coming back telling it to stop or retry or something. It normally happens in the afternoon. It is fine in the morning and at night (usually). I have spoken to the Clearnet help desk but they won't support my Linux connection and suggest I try another of their dial in numbers. I have tried 2 out of the 3 phone numbers I have available and both do it.

Yesterday I tried my Windows box with its own modem and it appeared to do a similar thing i.e. got a connection ok and then the "out" light kept on blinking and nothing came back from the server until something timed out. At the end of the session, something like 5k bytes had been sent and 250 bytes had been received. No web pages had been displayed funnily enough.

Could it be that Clearnets DNS is being swamped with traffic?

I am getting rather frustrated and am thinking of moving to Xtra (cos I can always get a connection with them).


Graham L
02-07-2002, 06:18 PM
If your firewall is denying port 53, how do you get DNS at all?
If it is something which is happening only occasionally, it could be overload of their server, but your system should probably try again. It would be best to see exactly what is happening: man tcpdump will tell you how to set up a snooping task. Use the options so that you log only traffic to/from that DNS server: the output file can get very big very quickly.

It might be worthwhile to set up your own caching DSN server. It's quite easy, and any sites you visit often will be in your cache, and reduce your network traffic.