Working network connectivity, not working DNS resolutions
in [Debian]
|
From: Tom H on 25 Mar 2010 19:10 >> Why not add a dns-nameservers to "iface br200"? > Updated my /etc/network/interfaces with: > # INTERNAL LAN VLAN/BRIDGE > iface eth1.200 inet manual > auto br200 > iface br200 inet static > dns-nameservers 10.254.2.254 > address 10.254.2.1 > netmask 255.255.255.0 > network 10.254.2.0 > broadcast 10.254.2.255 > gateway 10.254.2.254 > bridge-ports eth1.200 > But I still experience the same output including an unmodified > /etc/resolv.conf The "dns-nameservers..." variable will only be recognized if you are running resolvconf; it is not a default /e/n/i option. -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/6d4219cc1003251600v1ed8471do812d85594e416723(a)mail.gmail.com
From: Mike Viau on 25 Mar 2010 20:30 Fri, 26 Mar 2010 09:22:26 +1100 <alex(a)samad.com.au> wrote: > > On Fri, Mar 26, 2010 at 5:54 AM, Mike Viau <viaum(a)sheridanc.on.ca> wrote: > > Hello debian-users, > > > > I have run into an interesting issue with the DNS resolution on only one of > > my debian lenny systems on my network. > > > [snip] > > So 10.254.2.254 is router, dgw, dns and it working > 10.254.2.1 is machine you are on that can't do dns > > * Have you check any firewall issues There is not rules to block traffic as long as the source is from my LAN subnet (10.254.2.0/24). Also there are not firewalls installed on this box where DNS is not working.. Lastly my iptables are below. root(a)localhost:~# iptables -L -v -v Chain INPUT (policy ACCEPT 12597 packets, 6082K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 7668 packets, 465K bytes) pkts bytes target prot opt in out source destination libiptc v1.4.2. 632 bytes. Table `filter' Hooks: pre/in/fwd/out/post = 4294967295/0/152/304/4294967295 Underflows: pre/in/fwd/out/post = 4294967295/0/152/304/4294967295 Entry 0 (0): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `'/................ Protocol: 0 Flags: 00 Invflags: 00 Counters: 12597 packets, 6081888 bytes Cache: 00000000 Target name: `' [40] verdict=NF_ACCEPT Entry 1 (152): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `'/................ Protocol: 0 Flags: 00 Invflags: 00 Counters: 0 packets, 0 bytes Cache: 00000000 Target name: `' [40] verdict=NF_ACCEPT Entry 2 (304): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `'/................ Protocol: 0 Flags: 00 Invflags: 00 Counters: 7668 packets, 465108 bytes Cache: 00000000 Target name: `' [40] verdict=NF_ACCEPT Entry 3 (456): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `'/................ Protocol: 0 Flags: 00 Invflags: 00 Counters: 0 packets, 0 bytes Cache: 00000000 Target name: `ERROR' [64] error=`ERROR' > * dig is your friend > > dpkg -S /usr/bin/dig > dnsutils: /usr/bin/dig > link http://packages.debian.org/sid/dnsutils > > with this you can query you dns and test the setup so something like > this from the .1 machine (and even test from the .254 machine to test > as well) > > dig @10.254.2.254 google.com > > this tells dig to talk to 10.254.2.254 and make a request for > google.com (this by passes the local resolv library and make a direct > request to the dns server) > > see if that give you any answers - check the difference between doing > this on .1 and .254. root(a)localhost:~# dig @10.254.2.254 google.com ; <<>> DiG 9.5.1-P3 <<>> @10.254.2.254 google.com ; (1 server found) ;; global options: printcmd ;; connection timed out; no servers could be reached root(a)localhost:~# dig @10.254.2.1 google.com ; <<>> DiG 9.5.1-P3 <<>> @10.254.2.1 google.com ; (1 server found) ;; global options: printcmd ;; connection timed out; no servers could be reached > > also try using you ISP's dns server address instead of 10.254.2.254 > ISP (bell.ca) DNS server IP is 207.164.234.193. root(a)localhost:~# ping 207.164.234.193 PING 207.164.234.193 (207.164.234.193) 56(84) bytes of data. 64 bytes from 207.164.234.193: icmp_seq=1 ttl=250 time=8.72 ms 64 bytes from 207.164.234.193: icmp_seq=2 ttl=250 time=7.39 ms 64 bytes from 207.164.234.193: icmp_seq=3 ttl=250 time=7.84 ms 64 bytes from 207.164.234.193: icmp_seq=4 ttl=250 time=7.60 ms ^C --- 207.164.234.193 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3005ms rtt min/avg/max/mdev = 7.399/7.894/8.728/0.510 ms root(a)localhost:~# dig @207.164.234.193 google.com ; <<>> DiG 9.5.1-P3 <<>> @207.164.234.193 google.com ; (1 server found) ;; global options: printcmd ;; connection timed out; no servers could be reached > another tool would be tcpdump, in another windows/screen try this > tcpdump -pni <interface> host 10.254.2.254 and port 53 and then run > the dig command again, you should see requests being sent to the dns > server and you should see replies from there. TCPDUMP findings. root(a)localhost:~# tcpdump -pni br200 host 10.254.2.254 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on br200, link-type EN10MB (Ethernet), capture size 96 bytes 20:05:40.718890 IP 10.254.2.1.40570 > 10.254.2.254.53: 57874+ A? google.com.. (28) 20:05:45.718145 arp who-has 10.254.2.254 tell 10.254.2.1 20:05:45.718627 arp reply 10.254.2.254 is-at 00:16:3e:11:11:03 20:05:45.718867 IP 10.254.2.1.40570 > 10.254.2.254.53: 57874+ A? google.com.. (28) 20:05:50.719166 IP 10.254.2.1.40570 > 10.254.2.254.53: 57874+ A? google.com.. (28) 20:06:03.271249 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 273 20:06:03.271502 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 345 20:06:03.271575 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 341 20:06:03.271718 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 321 20:06:03.271836 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 353 20:06:03.271874 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 335 20:06:03.272024 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 337 20:06:03.272065 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 337 ^C 13 packets captured 13 packets received by filter 0 packets dropped by kernel and when using my ISPs DNS root(a)localhost:~# tcpdump -pni br200 host 207.164.234.193 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on br200, link-type EN10MB (Ethernet), capture size 96 bytes 20:19:21.270079 IP 10.254.2.1.41097 > 207.164.234.193.53: 41177+ A? google.com. (28) 20:19:26.270046 IP 10.254.2.1.41097 > 207.164.234.193.53: 41177+ A? google.com. (28) 20:19:31.270262 IP 10.254.2.1.41097 > 207.164.234.193.53: 41177+ A? google.com. (28) ^C 3 packets captured 3 packets received by filter 0 packets dropped by kernel > [snip] > > In another email you said you can't install any packages because you > can't download to that machine. > > if you download them to another machine and then scp over you can use > dpkg -i <packagename> > Thanks I used you tip! > > depending on the results would depend on what to do next :) > > How shall I preceed? I am getting no reply from my DNS queries it seems. -M > -- > To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian..org > Archive: http://lists.debian.org/836a6dcf1003251522x53388116saa2d741091dea02a(a)mail.gmail.com > _________________________________________________________________ Take your contacts everywhere http://go.microsoft.com/?linkid=9712959
From: Mike Viau on 25 Mar 2010 20:40 Thu, 25 Mar 2010 19:00:51 -0400 <tomh0665(a)gmail.com> wrote: > >> Why not add a dns-nameservers to "iface br200"? > > > Updated my /etc/network/interfaces with: > > # INTERNAL LAN VLAN/BRIDGE > > iface eth1.200 inet manual > > auto br200 > > iface br200 inet static > > dns-nameservers 10.254.2.254 > > address 10.254.2.1 > > netmask 255.255.255.0 > > network 10.254.2.0 > > broadcast 10.254.2.255 > > gateway 10.254.2.254 > > bridge-ports eth1.200 > > > But I still experience the same output including an unmodified > > /etc/resolv.conf > > The "dns-nameservers..." variable will only be recognized if you are > running resolvconf; it is not a default /e/n/i option. > > Yup you are right. I installed the resolvconf package from a deb file with dpkg. root(a)localhost:~# cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 10.254.2.254 > -- > To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian..org > Archive: http://lists.debian.org/6d4219cc1003251600v1ed8471do812d85594e416723(a)mail.gmail.com > _________________________________________________________________ Stay in touch. http://go.microsoft.com/?linkid=9712959
From: Tom H on 25 Mar 2010 21:00 > root(a)localhost:~# tcpdump -pni br200 host 10.254.2.254 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on br200, link-type EN10MB (Ethernet), capture size 96 bytes > 20:05:40.718890 IP 10.254.2.1.40570 > 10.254.2.254.53: 57874+ A? google.com. > (28) > 20:05:45.718145 arp who-has 10.254.2.254 tell 10.254.2.1 > 20:05:45.718627 arp reply 10.254.2.254 is-at 00:16:3e:11:11:03 > 20:05:45.718867 IP 10.254.2.1.40570 > 10.254.2.254.53: 57874+ A? google.com. > (28) > 20:05:50.719166 IP 10.254.2.1.40570 > 10.254.2.254.53: 57874+ A? google.com. > (28) > 20:06:03.271249 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length > 273 239... is a multicast range (I learned the hard way last week when I bet a colleague that 224... was the only multicast range) Why does a dns query turn into a multicast something or other? No idea, sorry... -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/6d4219cc1003251755p5977d8d0k7c10c182d35f393e(a)mail.gmail.com
From: Mike Viau on 25 Mar 2010 21:20 Thu, 25 Mar 2010 20:55:24 -0400 <tomh0665(a)gmail.com> wrote: > > > root(a)localhost:~# tcpdump -pni br200 host 10.254.2.254 > > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > > listening on br200, link-type EN10MB (Ethernet), capture size 96 bytes > > 20:05:40.718890 IP 10.254.2.1.40570 > 10.254.2.254.53: 57874+ A? google..com. > > (28) > > 20:05:45.718145 arp who-has 10.254.2.254 tell 10.254.2.1 > > 20:05:45.718627 arp reply 10.254.2.254 is-at 00:16:3e:11:11:03 > > 20:05:45.718867 IP 10.254.2.1.40570 > 10.254.2.254.53: 57874+ A? google..com. > > (28) > > 20:05:50.719166 IP 10.254.2.1.40570 > 10.254.2.254.53: 57874+ A? google..com. > > (28) > > 20:06:03.271249 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length > > 273 > > 239... is a multicast range (I learned the hard way last week when I > bet a colleague that 224... was the only multicast range) > > Why does a dns query turn into a multicast something or other? No idea, sorry... > > Its port 1900 UPnP https://www.grc.com/port_1900.htm Additionally since my router (at 10.254.2.254) is running pfsense (a freebsd router distro) I found that I was able to run the dig and netstat commands from an SSH session. My findings. # dig @10.254.2.254 google.com ; <<>> DiG 9.4.3-P2 <<>> @10.254.2.254 google.com ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27942 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 55 IN A 66.249.91.104 ;; Query time: 4 msec ;; SERVER: 10.254.2.254#53(10.254.2.254) ;; WHEN: Fri Mar 26 01:02:53 2010 ;; MSG SIZE rcvd: 44 # netstat -na Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp4 0 52 10.254.2.254.22 10.254.2.188.57059 ESTABLISHED tcp6 0 0 *.53 *.* LISTEN tcp4 0 0 *.53 *.* LISTEN tcp4 0 0 *.2189 *.* LISTEN tcp4 0 0 *.80 *.* LISTEN tcp4 0 0 127.0.0.1.8021 *.* LISTEN tcp4 0 0 *.22 *.* LISTEN tcp6 0 0 *.22 *.* LISTEN udp4 0 0 *.67 *.* udp6 0 0 *.53 *.* udp4 0 0 *.53 *.* udp4 0 0 192.168.2.2.12176 209.139.209.82.123 udp4 0 0 192.168.2.2.21273 72.55.146.217.123 udp4 0 0 192.168.2.2.60591 142.201.7.148.123 udp4 0 0 10.254.2.254.123 *.* udp4 0 0 10.254.2.254.35906 *.* udp4 0 0 *.1900 *.* icm4 0 0 *.* *.* Active UNIX domain sockets Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr c59083f0 stream 0 0 0 0 0 0 /tmp/php-fastcgi.socket-3 c5908690 stream 0 0 0 c5908738 0 0 c5908738 stream 0 0 0 c5908690 0 0 c5908c78 stream 0 0 c5a84bdc 0 0 0 /tmp/php-fastcgi.socket-3 c5908b28 stream 0 0 c5b0b33c 0 0 0 /tmp/php-fastcgi.socket-2 c59089d8 stream 0 0 c5b0bbdc 0 0 0 /tmp/php-fastcgi.socket-1 c5908930 stream 0 0 c5b0b000 0 0 0 /tmp/php-fastcgi.socket-0 c5909000 stream 0 0 c5904ac8 0 0 0 /var/run/devd.pipe c5908dc8 dgram 0 0 0 c5908150 0 c59091f8 c59080a8 dgram 0 0 0 c5909d20 0 0 c59091f8 dgram 0 0 0 c5908150 0 c59087e0 c59087e0 dgram 0 0 0 c5908150 0 c5909930 c5909930 dgram 0 0 0 c5908150 0 c5909888 c5909888 dgram 0 0 0 c5908150 0 c59099d8 c59099d8 dgram 0 0 0 c5908150 0 c5909c78 c5909c78 dgram 0 0 0 c5908150 0 0 c5908150 dgram 0 0 c5a84114 0 c5908dc8 0 /var/run/logpriv c5909d20 dgram 0 0 c5a87678 0 c59080a8 0 /var/run/log So DNS does work on this box, as it forward DNS replies to other boxes on my local network. > -- > To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian..org > Archive: http://lists.debian.org/6d4219cc1003251755p5977d8d0k7c10c182d35f393e(a)mail.gmail.com > -M _________________________________________________________________ IM on the go with Messenger on your phone http://go.microsoft.com/?linkid=9712960
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 Prev: PPTP VPN + radius on lenny Next: glxinfo setting to verbose mode outputs no extra info? |