Amahi Forums

Posted: **Mon Dec 22, 2008 12:39 pm**

Hmm, so I just ran into something that is a problem for me. While trying to set up a VPN for my Windows laptop to work, I found that I had typed in the host name for the work VPN entry point incorrectly. All well and good, but I tested the hostname with "ping -n" because I didn't want to do the usual reverse DNS lookup. I usually alias ping that way.

Sounds good, no? Well, no. The problem is that all DNS from Amahi is routed through opendns.com, not my ISP. I don't want my DNS routed through opendns.com. At all. Opendns.com returned my ping for a non-existent host. So, I thought I had the right host name when I didn't. Needless to say, opendns.com will not respond to Windows' attempts to set up a VPN.

Here's the ping results for the wrong hostname:

[root@amahi etc]# ping -n stargate.sea.X.Y
PING stargate.sea.X.Y (208.67.216.132) 56(84) bytes of data.
64 bytes from 208.67.216.132: icmp_seq=1 ttl=58 time=41.7 ms
64 bytes from 208.67.216.132: icmp_seq=2 ttl=58 time=42.5 ms
64 bytes from 208.67.216.132: icmp_seq=3 ttl=58 time=44.3 ms
64 bytes from 208.67.216.132: icmp_seq=4 ttl=58 time=42.5 ms
64 bytes from 208.67.216.132: icmp_seq=5 ttl=58 time=42.6 ms
^C

Here's the ping results for the right hostname:

[root@amahi etc]# ping -n stargate-sea.X.Y
PING stargate-sea.X.Y (206.191.173.188) 56(84) bytes of data.
64 bytes from a.b.173.188: icmp_seq=1 ttl=118 time=44.8 ms
64 bytes from a.b.173.188: icmp_seq=2 ttl=118 time=43.1 ms
64 bytes from a.b.173.188: icmp_seq=3 ttl=118 time=42.7 ms
^C

I changed the names and some of the IP addresses because this is a public forum. Hopefully it is clear enough that ping returns packets just fine and from different IP addresses. The only difference in the host name is a "-" instead of a "." between "stargate" and "sea".

How do I change this? I have Amahi set up on a static IP inside my network behind a firewall. I thought that I'd entered the firewall as the DNS to use, but in /etc/named.conf, I see:

Code: Select all

# automatically generated file by hdactl
options {
        listen-on-v6 port 53 { ::1; };
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        forward only;
        forwarders { 208.67.222.222; 208.67.220.220; };
        listen-on port 53 { X.Y.1.17; 127.0.0.1; };
};
...

208.67.222.222 is one of the addresses of the DNS servers of opendns.com. The other address is the other one they use. Since this file is automatically generated by hdactl, I can't reliably update it. Where to do I change this? I'm not happy about having all my DNS queries be archived by them.

Thanks for any tips to solving this problem.

Best,
Kyle

Posted: **Sat Jan 17, 2009 4:17 am**

Kind of late but I hope you have email notification enabled or something

See http://forums.amahi.org/viewtopic.php?f=8&t=119

Posted: **Wed Feb 11, 2009 10:10 am**

Thanks!

My wife just found that she could not get to the Onion web site. That was not OK

My son is only 7 months old, so I don't need to protect him from much yet.

Best,
Kyle

Posted: **Wed Feb 11, 2009 3:03 pm**

My wife just found that she could not get to the Onion web site. That was not OK

how did this happen?

i have not noticed opendns blocking anything at all for me!

i don't think it defaults to blocking anything!

is it possible some software in her laptop do it??

Amahi Forums

alternate DNS servers: opendns.com?

alternate DNS servers: opendns.com?

Re: alternate DNS servers: opendns.com?

Re: alternate DNS servers: opendns.com?

Re: alternate DNS servers: opendns.com?