GWIA doing DNS lookup for local address

Similar Messages

• Constant dns lookups for non-existent addresses

  Hi. I'm connected to a large network and I've noticed
  that there are constant dns lookups for addresses that
  do not exist.
  When i run tcpdump, almost every second
  I see a few requests to the dns server from my IP. And all
  of them get the response NXDOMAIN.
  Is there a reason this should happen or is there something
  not working properly on my computer?
  Thanks
  Last edited by m00nblade (2010-01-25 21:42:23)

  It all depends on your setup.
  If you use only local mail domains, just make sure you do not have a catchall address (luser_relay) and messages to unknown users will not be accepted by Postfix in the first place.
  If you use virtual mail domain, you will need to change your setup as Apple's default setup will always accept mail for unknown users and then bounce it back to sender. See here for a how to: Making Virtual Mail Users in OS X 10.4/10.5 Server
  HTH,
  Alex

• Remote Desktop "Bypass RD gateway server for local addresses" no longer working in Windows 8

  Hi,
  After installing windows 8, it seems like the "Bypass RD gateway server for local addresses" is no longer working.
  In Windows 7, when the option is checked, I could have the server name set always and the client will automatically detect whether to use the RD gateway or not. For example, from my house, if I am connecting to a computer at my work, which requires
  the RD gateway, it will automatically pops up the dialog for authentication method. However, if I connect to a computer in my home network, it will just automatically connects without asking authentication for the RD gateway.
  However, after installing windows 8, this does not seem to work as expected anymore. The option is checked but the Windows Security dialog pops up in both situations and so i have to either save the rdp file locally and pin it to the taskbar or switch between
  disabling and enabling the RD gateway whenever I need to connect to different machines.
  Is this a regression in Windows 8? Is anyone else experiencing the same issue?
  Thanks

  Another way to resolve this issue for me, beside of configuring RDP to connect directly to server also on unmanaged network, will be to turn the "wifi" subnet in a managed network, as the "wired" subnet is.
  The differences between thoses to subnets, dynamically assigned by the same DHCP server, are:
  The "wifi" is in a private IP range, the "wired" is in a public IP range
  There's an ACL on the "wifi" subnet, not on the "wired"
  The next step is to compare frames send/received when on the two networks. Something will likely tell for the network to be managed.
  Beside, I'm still searching informations about NLA, which is responsible for setting a nework as managed or not.
  Here are some clues:
  http://blogs.technet.com/b/networking/archive/2010/09/08/network-location-awareness-nla-and-how-it-relates-to-windows-firewall-profiles.aspx
  http://social.technet.microsoft.com/Forums/windows/en-US/49ea0a6b-9c03-407d-8e26-24a92849a282/network-location-awareness-signature?forum=w7itpronetworking
  If anybody has official MS informations about NLA (A for Awareness and not Authentication), please share!

• How to know whether bypass proxy for local address is enabled in browser

  Can anyone help me in finding out whether the check box "bypass proxy server for local address" in Internet explorer (Tools->Internet options->Connections->LAN Settings) is enabled from java plug in.
  In my applet application if that checkbox is enabled then i have to throw a message saying that the checkbox is enabled.
  Thanks in Advance
  Regards
  Vijay

  We have been in discussions with Microsoft over the last few days on this issue - which is seen with Outlook 2007 versions onwards.  Extract from resolution communication from Microsoft:
  The issue you have raised is known as it has been reported and when you have a proxy set in Internet Explorer and “Bypass proxy settings for local addresses”, Outlook will attempt to connect to Office 365 directly – like the bypass rule would apply.
  Because the direct connection is blocked in the Firewall, Outlook needs to have the connections going in Timeout before attempting to connect using the Proxy.
  Your network trace proves the issue.
  Microsoft have scheduled a fix for Outlook 2010 in February 2014 cumulative update. A fix for Outlook 2013 will also follow, but Outlook 2007 will not be addressed because it is in Extended Support.
  There are two possible workarounds for this behaviour:
  First, and I wouldn’t recommend it, is to allow Direct traffic through the Firewall to Office 365.
  The advantage of this approach is that it will be done centralized and it will impact everyone immediately.
  Information about the O365 IP addresses
  There are two downsides to this behaviour:
  1.  First you need to maintain the Firewall exceptions as IP from O365 server can change without notice
  2.  Second, winhttp traffic may go through both proxy and direct and this can cause unforeseen behaviour.
  The second approach is to use a proxy pac instead of manually setting in the proxy and the exceptions.
  The advantage is that you will have centralized method to control how winhttp traffic goes and the issue will not be experienced anymore.
  If a single pac does not be fit, you can configure proxy pac files for each site requirements and use an IIS server to store it.

• Lookup for local interfaces.

  Isn't lookup for local interfaces allowed from web client. I have defined a
  ejb-reference for the bean in my web.xml. When I do a lookup as
  TestBeanLocalHome home = (TestBeanLocalHome)
  ic.lookup("java:comp/env/ejb/TestBeanLocal");
  This statement result in an error
  javax.naming.NameNotFoundException: Unable to resolve
  comp/env/ejb/TestSLSBeanLocal/ Resolved: 'comp/env/ejb'
  Unresolved:'TestBeanLocal' ; remaining name ''
  at
  weblogic.jndi.internal.BasicNamingNode.newNameNotFoundException(BasicNamingN
  ode.java:887)
  at
  weblogic.jndi.internal.BasicNamingNode.lookupHere(BasicNamingNode.java:219)
  at weblogic.jndi.internal.BasicNamingNode.lookup(BasicNamingNode.java:183)
  at weblogic.jndi.internal.BasicNamingNode.lookup(BasicNamingNode.java:191)
  at weblogic.jndi.internal.BasicNamingNode.lookup(BasicNamingNode.java:191)
  at weblogic.jndi.internal.BasicNamingNode.lookup(BasicNamingNode.java:191)
  at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:339)
  at
  weblogic.jndi.factories.java.ReadOnlyContextWrapper.lookup(ReadOnlyContextWr
  apper.java:36)
  at
  weblogic.jndi.internal.AbstractURLContext.lookup(AbstractURLContext.java:124
  at javax.naming.InitialContext.lookup(InitialContext.java:345)
  at jsp_servlet.__client._jspService(__client.java:108)
  at weblogic.servlet.jsp.JspBase.service(JspBase.java:27)
  at
  weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
  :265)
  at
  weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
  :200)
  at
  weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletCo
  ntext.java:2495)
  at
  weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java
  :2204)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  The same thing works when lookup is done for remote interface.
  Regards,
  Rupesh.

  You need to use "ejb-local-ref" to refer to local interfaces. I meant
  "ejb-local-ref" element was not available in web.xml in Servlet 2.2. They
  were added in Servlet 2.3 specification. So unless your app server is
  Servlet 2.3 compliant it does not need to support references to local
  interfaces in web components (servlets or jsps). Weblogic 6.1 did not seem
  to support them last time I tried.
  -- Anand
  "Rupesh" <[email protected]> wrote in message
  news:[email protected]...
  what do u mean by local interface in web component? its ejb's local
  interfaces and lookups are any way being
  done using ejb-ref and ref mapping are given in weblogic.xml.
  Where does Servlet spec come into the picture?
  Do you mean to say that you can not lookup for local home from a jsp in
  WL6.1?
  Regards,
  Rupesh.
  Anand Byrappagari <[email protected]> wrote in message
  news:[email protected]...
  Are you using Weblogic 6.1? Then local interfaces in web components arenot
  supported. Local interfaces were added only in Servlet 2.3 I think.Weblogic
  6.1 is not completely compliant with Servlet 2.3.
  -- Anand
  "Rupesh" <[email protected]> wrote in message
  news:[email protected]...
  Isn't lookup for local interfaces allowed from web client. I have
  defined
  a
  ejb-reference for the bean in my web.xml. When I do a lookup as
  TestBeanLocalHome home = (TestBeanLocalHome)
  ic.lookup("java:comp/env/ejb/TestBeanLocal");
  This statement result in an error
  javax.naming.NameNotFoundException: Unable to resolve
  comp/env/ejb/TestSLSBeanLocal/ Resolved: 'comp/env/ejb'
  Unresolved:'TestBeanLocal' ; remaining name ''
  at
  weblogic.jndi.internal.BasicNamingNode.newNameNotFoundException(BasicNamingN
  ode.java:887)
  at
  weblogic.jndi.internal.BasicNamingNode.lookupHere(BasicNamingNode.java:219)
  atweblogic.jndi.internal.BasicNamingNode.lookup(BasicNamingNode.java:183)
  atweblogic.jndi.internal.BasicNamingNode.lookup(BasicNamingNode.java:191)
  atweblogic.jndi.internal.BasicNamingNode.lookup(BasicNamingNode.java:191)
  atweblogic.jndi.internal.BasicNamingNode.lookup(BasicNamingNode.java:191)
  atweblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:339)
  at
  weblogic.jndi.factories.java.ReadOnlyContextWrapper.lookup(ReadOnlyContextWr
  apper.java:36)
  at
  weblogic.jndi.internal.AbstractURLContext.lookup(AbstractURLContext.java:124
  at javax.naming.InitialContext.lookup(InitialContext.java:345)
  at jsp_servlet.__client._jspService(__client.java:108)
  at weblogic.servlet.jsp.JspBase.service(JspBase.java:27)
  at
  weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
  :265)
  at
  weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
  :200)
  at
  weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletCo
  ntext.java:2495)
  at
  weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java
  :2204)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  The same thing works when lookup is done for remote interface.
  Regards,
  Rupesh.

• Bypass Proxy for Local Addresses - Office 365 connection/ Outlook 2010

  This is a strange one.  Connectivity to Office 365 within our netwotk works fine although very slow for outlook 2010 client to initially connect. Once connected, it works ok.  I have done a netwotk trace using netmon to see if i can identify
  the reason for the slow startup (2 mins minumum for profile to load and for outlook to connect to exchange). The trace tell me that my local pc tries to make a direct connection to the office365 external IPs first, then tries the TMG proxy. Once it hits the
  proxy, it kicks into life and works.
  So it looks to me like it thinks the external IP address of office 365 is an internal address and spends it time trying all the ip addresses until it trys the proxy.  At this point, the
  Bypass Proxy Server for Local Addresses is ticked.
  As soon as i untick this box, all traffic heads directly to the proxy and of course it connects like lighting.  The exchange settings proxy is set in outlook for "on fast networks, connect using HTTP first, then connect using TCP/IP" (tick
  is on) and the same for slow networks.
  I cant for the life of me work out why it tries to connect directly to the external IPs first and not connect via TMG until i untick the
  Bypass Proxy Server for Local Addresses
  Would love any ideas that may assist.

  We have been in discussions with Microsoft over the last few days on this issue - which is seen with Outlook 2007 versions onwards.  Extract from resolution communication from Microsoft:
  The issue you have raised is known as it has been reported and when you have a proxy set in Internet Explorer and “Bypass proxy settings for local addresses”, Outlook will attempt to connect to Office 365 directly – like the bypass rule would apply.
  Because the direct connection is blocked in the Firewall, Outlook needs to have the connections going in Timeout before attempting to connect using the Proxy.
  Your network trace proves the issue.
  Microsoft have scheduled a fix for Outlook 2010 in February 2014 cumulative update. A fix for Outlook 2013 will also follow, but Outlook 2007 will not be addressed because it is in Extended Support.
  There are two possible workarounds for this behaviour:
  First, and I wouldn’t recommend it, is to allow Direct traffic through the Firewall to Office 365.
  The advantage of this approach is that it will be done centralized and it will impact everyone immediately.
  Information about the O365 IP addresses
  There are two downsides to this behaviour:
  1.  First you need to maintain the Firewall exceptions as IP from O365 server can change without notice
  2.  Second, winhttp traffic may go through both proxy and direct and this can cause unforeseen behaviour.
  The second approach is to use a proxy pac instead of manually setting in the proxy and the exceptions.
  The advantage is that you will have centralized method to control how winhttp traffic goes and the issue will not be experienced anymore.
  If a single pac does not be fit, you can configure proxy pac files for each site requirements and use an IIS server to store it.

• JRE proxy bypass for local addresses always bypasses proxy

  Hi all,
  I'm currently dealing with an issue with the proxy configuration in java.
  Situation: I need a proxy server to connect to the internet, and I have some addresses configured in Internet Explorer that bypass the proxy.
  example of the way I configured it : *.google.com;212.115.*;62.69.179.198
  The address that I am trying to reach is not in the bypass list, or in any of the excluded ranges in the bypass list.
  Initially I had java configured using browser settings. I thought it did not pick up the browser settings at all.
  However after configuring the proxy manually in java it was still not working.
  During the research I came to the conclusion that as soon as I enable the "bypass proxy server for local addresses" in Internet Explorer, or manually in java.
  The JRE client automatically bypasses the proxy and is always using "proxy=direct" . As soon as I disable that feature it starts using the proxy server.
  I have no idea why this is happening ?

  Your message was an eye opener for me. Thanks!
  You were right, that option shouldn't be enabled. During testing I got confused and was told that option needed to be enabled to enable the exception list.
  But that was a stupid assumption.
  I disabled the option bypass proxy for local addresses and just filled in the exception list and now it works again.

• Bypass Proxy for Local Addresses

  All-
  With the new 2.0 software, I am now able to connect my 3G iPhone to the WiFi network at work. The network uses an authenticated proxy to get external access. I can access external sites just fine now, but I can't see internal sites. The proxy settings on my work desktop give me the option to "bypass proxy server for local addresses".
  Is there any way to do this on an iPhone?
  Right now I need to make a choice between access only internal sites or only external sites.
  Thanks!
  MF

  While not wanting to be a total weenie, ME TOO
  After a bit of searching, the best we're going to be able to do right now is use a Proxy Auto-Config (.pac) file. I'm drawn to this conclusion from combining a lot of web searches with a peek at the "iPhone and iPod touch Enterprise Deployment Guide, Second Edition" (available at http://manuals.info.apple.com/enUS/Enterprise_DeploymentGuide.pdf, or via the Apple iPhone Enterprise support page at http://www.apple.com/support/iphone/enterprise/.
  Setting the PAC file using the iPhone v2.x software is pretty direct - click the little arrow next to the network you want to configure, scroll down to the bottom where the proxy settings live. Choose "Auto" and enter the Auto-config URL.
  That's the good news. The bad news is that I'm not entirely sure what that entails w.r.t. using one with the iPhone software. I'm not entirely clever enough to create such a file nor am I clever enough to know how to stick such a file onto my iPhone. I'm going to run this around my local team to see what they can come up with. If they come up with a solution (and it's simple enough for me to do AND explain), then I'll post a follow-up. Until then, good luck to you AND if you figure something out feel free to share with everyone else.
  Ron

• AddressProvider for local-address

  I was wondering if it is possible to use the AddressProvider for local-address. For <unicast-listener> there are sub elements <adddress> and <port>. Is it possible to use address provider to set this value?
  I understand the address-provider can be used under the <well-known-address> to provide list of all wka nodes dynamically. Wanted a similar option to set the local port as well.
  Edited by: 798623 on Oct 5, 2010 9:12 AM

  I'm afraid there is no "pluggable" capability for selecting local hostname and port.
  Can you elaborate a bit more as to why you would need this capability?
  /Christer

• Push Notifications: DNS Lookup for pubsub.localhost failed

  Hello,
  after a server crash and restore i cant manage to get push notifications back working. When adding a caldav account to ical, it doesnt offer "Push" in "Refresh Calendars" option anymore. Everything in the log files seems to look fine but this:
  6/4/12 11:45:26.024 AM jabberd_notification/s2s: dns lookup for pubsub.localhost failed
  Can someone help me out on this please?

  Some more info. I think its just the last line which fails. Everything else looks like it works…
  DNS seems fine as well.
  6/4/12 5:32:37.179 PM jabberd_notification/c2s: [8] [::ffff:127.0.0.1, port=50810] connect
  6/4/12 5:32:37.217 PM jabberd_notification/c2s: Authentication succeeded, mech: DIGEST-MD5 client IP: ::ffff:127.0.0.1 client port: 50810 username: com.apple.notificationuser
  6/4/12 5:32:37.219 PM jabberd_notification/c2s: [8] SASL authentication succeeded: mechanism=DIGEST-MD5; authzid=com.apple.notificationuser@localhost, TLS negotiated
  6/4/12 5:32:37.223 PM jabberd_notification/c2s: [8] bound: jid=com.apple.notificationuser@localhost/icalserver.3c311a83d7b04f1a977481cfea6 c8d9e
  6/4/12 5:32:37.224 PM jabberd_notification/sm: session started: jid=com.apple.notificationuser@localhost/icalserver.3c311a83d7b04f1a977481cfea6 c8d9e
  6/4/12 5:32:37.233 PM jabberd_notification/s2s: dns lookup for pubsub.localhost failed

• MBP - Too Long doing DNS lookups?

  I've noticed that my brand-new MBP seems to take an excessively long time to do DNS lookups. I'll load Firefox and type in google.com in the URL bar. In the status bar below it will say "looking up google.com" for at least 10 seconds. Meanwhile, I've opened a terminal window and done an nslookup on google.com and received the IP address. Any idea why I can do a quick lookup in the terminal but the browser takes quite awhile?

  Change your DNS servers in the network system preferences.
  Use Verizon's Level 3 servers.. they're very fast
  4.2.2.1
  4.2.2.2
  4.2.2.3
  4.2.2.4
  4.2.2.5
  4.2.2.6
  Or the OpenDNS servers:
  208.67.222.222
  208.67.220.220

• How do I setup 'local' dns lookups for hostnames using DHCP server on WRT610N?

  Said router with latest firmware has DHCP reservation setup with reserved clients names mapped to specific MAC addresses/IP addresses.  I'd like my clients (a mixture of Mac and W7) to access mapped devices via hostnames and not IP addresses.   I have static IP address provided by my ISP configured on the router with it's corresponding ISP DNS server addresses.  FYI, the DHCP server DNS settings on the router are masked out (can't be changed) on the router and looks to be inherited from the Internet setup (in which I've entered the DNS IP addresses of my ISP's DNS).
  On my clients, nslookup (or equivalent) clearly specify that the DHCP is pumping out the DNS servers from the ISP.  Why would it not look for the reserved client hostnames first?
  I know I can setup local /etc/hosts (or equivalents) or override the DNS and point to the router's IP address on the clients but I'd rather not - that's a lot of maintenance.  I can also setup an internal DNS server, but again, overkill. 
  Is this feature available on this router or am I doing something wrong?  An aging integrated Westell 327W DSL model/router used to be able to provide internal network DNS - but this more modern capable WRT610N router does not?  Thoughts?   Thanks.

  Well its not possible to access the storage driver using the host name.. You can access the storage driver using only the IP address. As the Linksys Router doesn't work on a Host Name.

• No DNS lookup for MX, A, AAAA or A6?

  Good day folks,
  Does SJS MS 6.2 support querying DNS for MX,A,AAAA or A6 records for the domain specified in the SMTP mail from:<[email protected]>? Exim and sendmail support this measure as a means of reducing spam but I can't find the equivalent for SJS MS 6.2. mailfromdnsverify on the tcp_local channel only sets up verfication of existence of the domain itself.
  Cheers

  Hi Shane,
  Let me take this piece by piece:
  "Really? That's not a feature I've ever actually heard that either of these products have. I can't imagine how it might impact performance. Badly, I strongly suspect."
  The following is an extract from the central mail servers' SMTP dialogue with my MS 6.2:
  *** START MESSAGE ***
  This report relates to a message you sent with the following header fields:
  Message-id: <000001c73417$3ddaf380$0100007f@localhost>
  Date: Tue, 09 Jan 2007 12:55:29 -0500
  From: Ethan Edwards <[email protected]>
  To: [email protected]
  Subject: What IS 0EM Software And Why D0 You Care?
  Your message cannot be delivered to the following recipients:
  Recipient address: [email protected]
  Original address: [email protected]
  Reason: Remote SMTP server has rejected address
  Diagnostic code: smtp;553 5.1.8 <[email protected]>... Domain of sender address [email protected] does not exist
  Remote system: dns;centraldnsserver.mycentraldomain.com(TCP|mymailserveripaddress|62084|centralmailserveripaddress|25) (centralmailserver.um.edu.mt ESMTP CSCMAIL/External server ready)
  *** END MESSAGE ***
  "No, if we had to query every server that mail appears to come from, to check the validity of that mail address, we'd never be able to process mail in any quantity. I strongly doubt that any other product does as you suggest, either"
  This kind of checking is done on every message by mail servers running sendmail that host about 500 users.
  "How about SpamAssassin?
  RBL?
  Greylisting?"
  I think that these techniques all get past the SMTP stage - I want better handling at the SMTP stage.
  "If your central systems accept mail addressed to fake users, then that's a configuration error on their part, assuming that they can know all the real users."
  What I intended is that the mail servers reject external, incoming mail from source addresses that include domains that only have SOA records.
  Finally, regarding the blah123.com example: this domain has no SOA record so mailfromdnsverify works in rejecting the incoming e-mail at the SMTP stage. But try these:
  pipex.co.uk
  fstngt.org
  lists.midterme.com
  com.br
  net.my
  Thanks for keeping up this discussion.
  Cheers,
  Etiennen

• How could a java process bypass etc\hosts file while doing dns lookup ?

  Hi,
  I am developing a java web proxy and developer tool [http://www.tcpcatcher.org|http://www.tcpcatcher.org] .
  Right now it is working as a none transparent web proxy.
  In some situation and for some hosts, I would like to turn it into a transparent web proxy.
  Suppose, user's browser and java proxy are running on same host (typically on localhost). An entry is added in etc\hosts file, for example:
  127.0.0.1 google.com
  So without any change in browser config , if user visits google.com with its browser , http request is received at proxy level.
  Now my proxy has to get the actual ip address of google.com bypassing the etc\hosts file (right now the proxy is doing a loop on itself).
  Any idea how this could be achieved ?
  Am I searching in wrong direction ?
  thanks !

  This is a shot in the dark, but I'll try anyway.
  Take a look at dnsjava (open source, I never played with it).
  My understanding is that using this to resolve names instead of normal Java API's would allow you to bypass etc/hosts in the java code
  (see [http://old.nabble.com/DNS-Resolve-from-hosts-file-first-then-DNS-Server-td15431381.html]).

• SL constantly making DNS requests for "local" ?

  I've been troubleshooting a problem with my DSL router crashing and noticed that my Macs continuously, even when idle, have nearly 200 open connections at any given time, whereas my Windows boxes peak at 50 and drop down to under 10 when idle. The Macs are running SL 10.6.2.
  Poking around in the router logs, I found that the Macs are constantly making udp DNS requests to my router, even when I'm not browsing or doing anything else. tcpdump of udp and port 53 gives me the following:
  00:21:53.371671 IP 192.168.0.8.59304 > 192.168.0.1.53: 18151+ SOA? local. (23)
  00:21:53.674232 IP 192.168.0.8.49916 > 192.168.0.1.53: 48169+ SOA? local. (23)
  00:21:53.977128 IP 192.168.0.8.52735 > 192.168.0.1.53: 25906+ SOA? local. (23)
  00:21:54.279836 IP 192.168.0.8.60409 > 192.168.0.1.53: 18252+ SOA? local. (23)
  00:21:54.582518 IP 192.168.0.8.52350 > 192.168.0.1.53: 61085+ SOA? local. (23)
  00:21:54.885866 IP 192.168.0.8.62450 > 192.168.0.1.53: 21082+ SOA? local. (23)
  00:21:55.189449 IP 192.168.0.8.56146 > 192.168.0.1.53: 32869+ SOA? local. (23)
  00:21:55.494834 IP 192.168.0.8.50517 > 192.168.0.1.53: 19194+ SOA? local. (23)
  00:21:55.797551 IP 192.168.0.8.52035 > 192.168.0.1.53: 7558+ SOA? local. (23)
  00:21:56.100390 IP 192.168.0.8.52101 > 192.168.0.1.53: 40847+ SOA? local. (23)
  00:21:56.403436 IP 192.168.0.8.52194 > 192.168.0.1.53: 6087+ SOA? local. (23)
  00:21:56.706299 IP 192.168.0.8.52347 > 192.168.0.1.53: 9339+ SOA? local. (23)
  00:21:57.009058 IP 192.168.0.8.56200 > 192.168.0.1.53: 25553+ SOA? local. (23)
  00:21:57.312098 IP 192.168.0.8.51976 > 192.168.0.1.53: 20703+ SOA? local. (23)
  00:21:57.616665 IP 192.168.0.8.54563 > 192.168.0.1.53: 54141+ SOA? local. (23)
  00:21:57.923536 IP 192.168.0.8.65097 > 192.168.0.1.53: 45734+ SOA? local. (23)
  00:21:58.226243 IP 192.168.0.8.54125 > 192.168.0.1.53: 33647+ SOA? local. (23)
  00:21:58.529128 IP 192.168.0.8.54571 > 192.168.0.1.53: 17218+ SOA? local. (23)
  00:21:58.831897 IP 192.168.0.8.60218 > 192.168.0.1.53: 48469+ SOA? local. (23)
  00:21:59.135020 IP 192.168.0.8.60466 > 192.168.0.1.53: 37003+ SOA? local. (23)
  00:21:59.437998 IP 192.168.0.8.58798 > 192.168.0.1.53: 17670+ SOA? local. (23)
  00:21:59.741022 IP 192.168.0.8.60276 > 192.168.0.1.53: 47469+ SOA? local. (23)
  00:22:00.055207 IP 192.168.0.8.57066 > 192.168.0.1.53: 20384+ SOA? local. (23)
  00:22:00.360458 IP 192.168.0.8.50152 > 192.168.0.1.53: 29721+ SOA? local. (23)
  00:22:00.663357 IP 192.168.0.8.63487 > 192.168.0.1.53: 35833+ SOA? local. (23)
  00:22:00.966073 IP 192.168.0.8.64900 > 192.168.0.1.53: 34951+ SOA? local. (23)
  00:22:01.271649 IP 192.168.0.8.64314 > 192.168.0.1.53: 25719+ SOA? local. (23)
  00:22:01.574530 IP 192.168.0.8.55922 > 192.168.0.1.53: 5842+ SOA? local. (23)
  00:22:01.877146 IP 192.168.0.8.51874 > 192.168.0.1.53: 59071+ SOA? local. (23)
  00:22:02.179921 IP 192.168.0.8.56913 > 192.168.0.1.53: 43487+ SOA? local. (23)
  00:22:02.482738 IP 192.168.0.8.62907 > 192.168.0.1.53: 26628+ SOA? local. (23)
  00:22:02.785409 IP 192.168.0.8.51599 > 192.168.0.1.53: 57463+ SOA? local. (23)
  00:22:03.088321 IP 192.168.0.8.60417 > 192.168.0.1.53: 8857+ SOA? local. (23)
  00:22:03.391227 IP 192.168.0.8.57872 > 192.168.0.1.53: 36002+ SOA? local. (23)
  00:22:03.694211 IP 192.168.0.8.58774 > 192.168.0.1.53: 1662+ SOA? local. (23)
  192.168.0.8 is my Mac and 192.168.0.1 is my DSL router. The Mac is ip'd using DHCP on the router. The router sends DNS requests from my clients out to my ISPs DNS servers.
  Eventually, the DNS requests timeout and I get this:
  00:21:43.145103 IP 205.171.3.65.53 > 192.168.0.8.52959: 38258 NXDomain 0/1/0 (98)
  00:21:43.450086 IP 205.171.3.65.53 > 192.168.0.8.55938: 46832 NXDomain 0/1/0 (98)
  00:21:43.763304 IP 205.171.3.65.53 > 192.168.0.8.50265: 62399 NXDomain 0/1/0 (98)
  00:21:44.049705 IP 205.171.3.65.53 > 192.168.0.8.59991: 5960 NXDomain 0/1/0 (98)
  It's a never-ending cycle that eventually kills my router.
  If I'm reading the tcpdump output correctly, SL appears to be looking for some server named "local" 3 times every second. The TTL is roughly 90 seconds, so 3 requests/second gets me to an average of 180 connections at any give time -- which is approximately what my router is showing. If I do start browsing the connection count goes even higher. Trying to use both Macs at the same time has caused my router to crash due to running out of memory (it's obviously a very weak router .
  Can someone give me some insight into what SL is doing and how I can stop this?
  Thanks,
  Randy

  Does this server handle DNS requests?
  If so, make sure under the local static IP for DNS servers you can try 127.0.0.1, and server IP.
  Under the DNS tab make sure you have the ISP IP's under forwarder.
  As a safety open terminal and run
  su changeip -checkhostname