[mortenb123]

Hi all

I have this strange problem regarding dns-lookups on opensuse11

I start a private vpn that hijacks the /etc/resolv.conf and
inserts itself as the first nameserver:

Code:

cat /etc/resolv.conf
search secana.local
nameserver 10.1.2.64
nameserver 192.168.2.3

It then fails for all local addresses that the first one do not know about:

Code:

dig src

; <<>> DiG 9.4.2-P1 <<>> src
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 53090
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;src.                           IN      A

;; Query time: 8 msec
;; SERVER: 10.1.2.64#53(10.1.2.64)
;; WHEN: Fri Jul 10 14:13:26 2009
;; MSG SIZE  rcvd: 21

Same with nslookup:

Code:

nslookup src
;; Got SERVFAIL reply from 10.1.2.64, trying next server
Server:         192.168.2.3
Address:        192.168.2.3#53

** server can't find src: NXDOMAIN

If I remove the vpnc enforced nameserver, all works fine:

Code:

cat /etc/resolv.conf
search secana.local
#nameserver 10.1.2.64
nameserver 192.168.2.3

dig src

; <<>> DiG 9.4.2-P1 <<>> src
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21877
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;src.                           IN      A

;; AUTHORITY SECTION:
.                       8218    IN      SOA     A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2009070900 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 192.168.2.3#53(192.168.2.3)
;; WHEN: Fri Jul 10 14:19:34 2009
;; MSG SIZE  rcvd: 96

nslookup src
Server:         192.168.2.3
Address:        192.168.2.3#53

Name:   src.secana.local
Address: 192.168.2.40

The only change I see is the authority stage?

Any help appreciated

--
Thanks