From: Mark Foster (no email)
Date: Sun Feb 04 2007 - 02:39:39 EST
On Sun, 4 Feb 2007, Peter J. Cherny wrote:
>
> At 04:58 PM 4/2/07, Trent Lloyd <> wrote:
>>> * Set up the profile, to your house/work/etc, of your favorite SSH
>>> client to forward port 53 local to port 53 on your remote machine.
>> The flaw here is that DNS operates over 53(UDP), last time I checked >SSH
> doesn't do UDP port forwarding?
>
> At the risk of stating the obvious ...
>
> Whats wrong with using an OpenVPN tunnel with appropriate acls ?
> (It works for me !)
>
1) SSH out, by IP, to a known-useful host.
2) Resolve all IPs required there / use it as a proxy if feasible.
Depends on what you're trying to do over a public wlan, of course.
VPN solutions are indeed obvious, and are the other work around.
Suprised noones mentioned yet...
I hope the wireless you're using is free!!! If not, well, I wouldn't be
paying for an obviously broken service. (And would be making all
appropriate noises to the provider).
I would imagine the average NANOGer is going to be quite capable to get
around the problem, as long as theres the ability to go out via known-IP
(assuming no more strict filtering than that..). But obviously some
people are going to struggle, and frankly, service providers who provide
'broken' services (and still charge for it) really get on my nerves....
Mark.
|
|
|