[Freedombox-discuss] Name server queries through the freedom box not working.

A. F. Cano afc at shibaya.lonestar.org
Sat May 14 17:38:18 UTC 2016 

Hi everyone,

This used to work just fine when the ubiquiti router was connected directly
to the internal network.  All I needed to do was:

route add default gw <router name>

at the internal machines.

Now:

route add default gw fbx <- the name of the freedombox on the internal net

is not sufficient.

nslookup www.debian.org from the internal machines returns

connection timed out; no servers could be reached

I did set /etc/resolv.conf thus:

nameserver 192.168.200.27 (IP address of the freedombox internal interface)

>From the freedombox itself:

$ nslookup www.debian.org
Server:         198.224.186.135
Address:        198.224.186.135#53

Non-authoritative answer:
Name:   www.debian.org
Address: 149.20.20.22
Name:   www.debian.org
Address: 140.211.15.34
Name:   www.debian.org
Address: 128.31.0.62

With the external link (ppp) up and running of course.

The firewall screen reports (in yellow):

mdns	Permitted (internal only)

so it should work, right?

>From an internal machine:

$ netstat -anp | egrep :53
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 192.168.200.7:53        0.0.0.0:*               LISTEN      -               
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      -               
tcp        0      0 0.0.0.0:538             0.0.0.0:*               LISTEN      -               
tcp6       0      0 :::53                   :::*                    LISTEN      -               
...
udp        0      0 192.168.200.7:53        0.0.0.0:*                           -               
udp        0      0 127.0.0.1:53            0.0.0.0:*                           -               
udp   164032      0 0.0.0.0:5353            0.0.0.0:*                           12016/          
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           -               
udp6       0      0 :::53                   :::*                                -               
udp6       0      0 :::5353                 :::*                                -               

On the freedombox:

$ sudo netstat -anp | egrep :53
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           354/avahi-daemon: r 
udp6       0      0 :::5353                 :::*                                354/avahi-daemon: r 

So it looks like the freedombox is not listening to port 53.  What do I need
to do to the internal machines so that dns queries are forwarded to the
freedombox and are propagated from there to the intenet?

I've tried to keep is simple on the internal network by not using dhcp (I use
the /etc/hosts file) and pointing the resolver to the NAT router, now the
freedombox.  The internal machines run Debian wheezy and jessie.

Thanks for any hints.

More information about the Freedombox-discuss mailing list