[NTLUG:Discuss] Port forwarding with IPCop

Bobby Wrenn bjwrenn at augustmail.com
Fri Feb 27 19:56:05 CST 2004 

Greg Edwards wrote:
---------snip---------

> 
> You might run a traceroute to your mail server to see if it does get 
> back to the mail server.  Splitting your external and internal DNS 
> servers is pretty simple.  Run your external on the firewall and 
> internal on the mail server.  Use the same names (external services) in 
> both but only use external addresses in external and internal in 
> internal.  Since both are authoritative only the first seen by a query 
> will answer.  Clear as mud, right?
> 
> You might find this of interest.  The trace is probably what you'd want 
> to see from the outside.  However the ping and host are interesting.
> 
> [root at hawk greg]# traceroute mail.wrennest.com
> traceroute to mail.wrennest.com (216.87.150.158), 30 hops max, 38 byte 
> packets
>  1  mrytle (x.x.x.x)  0.391 ms  0.654 ms  0.264 ms
>  2  anduin-gtenat.netin.com (216.109.165.1)  10.416 ms  9.691 ms  9.829 ms
>  3  cairandros.netin.com (216.109.160.16)  10.034 ms osgiliath.netin.com 
> (216.109.160.15)  10.813 ms cairandros.netin.com (216.109.160.16)  
> 10.907 ms
>  4  ge-8-0-219.ipcolo1.Dallas1.Level3.net (63.209.47.241)  10.182 ms 
> border3.fe5-4.netin-1.ext1.dal.pnap.net (216.52.189.69)  10.128 ms 
> ge-8-0-219.ipcolo1.Dallas1.Level3.net (63.209.47.241)  10.394 ms
>  5  augustnet-1.border3.ext1.dal.pnap.net (216.52.189.122)  10.908 ms 
> dal-gw1-l3.august.net (209.246.159.242)  10.816 ms 
> augustnet-1.border3.ext1.dal.pnap.net (216.52.189.122)  10.491 ms
>  6  loopzeroside-onfiber-l3-l0.august.net (64.90.55.202)  10.233 ms 
> lone-atm1.august.net (216.87.144.197)  11.230 ms 
> loopzeroside-onfiber-l3-l0.august.net (64.90.55.202)  11.388 ms
>  7  * lone-atm1.august.net (216.87.144.197)  11.279 ms *
>  8  * * *
>  9  * *
> 
> [root at hawk greg]# ping -c 10 mail.wrennest.com
> PING mail.wrennest.com (216.87.150.158) from x.x.x.x : 56(84) bytes of 
> data.
> 64 bytes from www.rocksolidweb.org (216.87.150.158): icmp_seq=1 ttl=58 
> time=60.5 ms
> 64 bytes from www.rocksolidweb.org (216.87.150.158): icmp_seq=2 ttl=58 
> time=37.3 ms
> 64 bytes from www.rocksolidweb.org (216.87.150.158): icmp_seq=3 ttl=58 
> time=37.4 ms
> 64 bytes from www.rocksolidweb.org (216.87.150.158): icmp_seq=4 ttl=58 
> time=37.5 ms
> 64 bytes from www.rocksolidweb.org (216.87.150.158): icmp_seq=5 ttl=58 
> time=37.4 ms
> 64 bytes from www.rocksolidweb.org (216.87.150.158): icmp_seq=6 ttl=58 
> time=37.4 ms
> 64 bytes from www.rocksolidweb.org (216.87.150.158): icmp_seq=7 ttl=58 
> time=36.8 ms
> 64 bytes from www.rocksolidweb.org (216.87.150.158): icmp_seq=8 ttl=58 
> time=37.8 ms
> 64 bytes from www.rocksolidweb.org (216.87.150.158): icmp_seq=9 ttl=58 
> time=37.1 ms
> 64 bytes from www.rocksolidweb.org (216.87.150.158): icmp_seq=10 ttl=58 
> time=37.2 ms
> 
> --- mail.wrennest.com ping statistics ---
> 10 packets transmitted, 10 received, 0% loss, time 9076ms
> rtt min/avg/max/mdev = 36.829/39.688/60.515/6.950 ms
> 
> [root at hawk greg]# host -a rocksolidweb.org
> Trying "rocksolidweb.org"
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17241
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 2
> 
> ;; QUESTION SECTION:
> ;rocksolidweb.org.              IN      ANY
> 
> ;; ANSWER SECTION:
> rocksolidweb.org.       86030   IN      A       216.87.150.158
> rocksolidweb.org.       86030   IN      NS      ns1.august.net.
> rocksolidweb.org.       86030   IN      NS      ns2.august.net.
> 
> ;; AUTHORITY SECTION:
> rocksolidweb.org.       86030   IN      NS      ns1.august.net.
> rocksolidweb.org.       86030   IN      NS      ns2.august.net.
> 
> ;; ADDITIONAL SECTION:
> ns1.august.net.         171807  IN      A       192.150.87.18
> ns2.august.net.         171807  IN      A       192.150.87.2
> 

I'm not running DNS at all I have an external service (more than one). 
Several domains resolve to 216.87.150.158. I have been getting mail at 
those domains. Currently the mail queues are filling up so the SMTP part 
is working. I just can't POP the mail queue on the server across the DMZ.

I did nslookup, host and traceroute on mail.wrennest.com and everything 
checks. The message from Mozilla mail is "Could not connect to server 
mail.wrennest.com; the connections was refused."

Still Stumped
Bobby

More information about the Discuss mailing list