Prev: Mozilla Firefox: Fixing the proxer server settings for all users
Next: can't ping over crossover cable (get martian source)
From: David Schwartz on 5 Oct 2009 00:57
On Oct 4, 1:58 am, "N. Bazan" <nikba...(a)gmail.com> wrote:

> Ping uses ICMP protocol that can be blocked by your firewall. ICMP is
> not necessary for the web-site.

This is not true. ICMP is *required*, it is not optional. Blocking
ICMP 'fragmentation required' packets can break path MTU discovery.

DS
From: Wayne on 7 Oct 2009 01:17
SL Da wrote:
> 1. When I ping 'bayregatta.com' I see 209.160.33.87
>
> 2. When I try 'nslookup 209.160.33.87', I get 'non-existent domain'.
>
> I am a bit confused. Can someone explain ?
>
> Thanks.

The answer is simple: "ping" uses the resolver to lookup
the name or number. "nslookup" bypasses the resolver
and uses DNS directly. The name may be listed in your
/etc/hosts file, or (as others have explained) the DNS
A record for bayregatta.com may be present without
the matching PTR record. Either reason would explain
the symptoms you describe.

[OT]
A useful but little known tool is "getent", which
uses the nsswitch and resolver to look stuff up:
$ getent hosts bayregatta.com
209.160.33.87 bayregatta.com
$ getent hosts 209.160.33.87
209.160.33.87 bayregatta.com

So if the lookup works with (say) nslookup but not
getent, your resolver configuration is probably wrong.
If it works with getent but not nslookup, the data may
not be in DNS at all (or, more likely in your case,
the PTR record may be wrong or missing).

Note other lookup tools also bypass the resolver,
such as "host" and "dig".

--
Wayne
First  |  Prev  | 
Pages: 1 2 3
Prev: Mozilla Firefox: Fixing the proxer server settings for all users
Next: can't ping over crossover cable (get martian source)