RunRyder RC
 2  Topic Subscribe
WATCH
 1 page 497 views
HelicopterOff Topics › Linux question: Confusing DNS Resolution probs.
04-29-2004 06:35 PM  13 years agoPost 1
Sar

rrElite Veteran

Saugeties, NY

My Posts: All  Forum  Topic

Alright I know there's some other Linux folks floating around here. Got a question, this ones bothering me a bit.

If I do a nslookup, dig or host command on a domain name, it looks it up no problem.

If I try to do a ping, traceroute, etc the program stalls out while trying to resolve the domain name and eventually falls on it's face.

Any idea what would cause this problem? Remember, when I do an nslookup, dig or host, it resolves the name. So my name servers are configure properly in resolv.conf

I don't run a bind or named server on this box.

--
Jon

PM  EMAIL  HOMEPAGE  GALLERY  Attn:RR  Quote
04-29-2004 06:51 PM  13 years agoPost 2
Ronan

rrNovice

Galway, Ireland

My Posts: All  Forum  Topic

Do you have a firewall installed? Sometime firewalls will block outgoing ping / ICMP packets. That would cause the type of resolution problems you are experiencing.

PM  EMAIL  GALLERY  Attn:RR  Quote
04-29-2004 07:00 PM  13 years agoPost 3
z11355

rrMaster

New England

My Posts: All  Forum  Topic

when you do an nslookup or dig, do you see
a result line (often the first line) that looks like:

;; truncated. Trying TCP

what does the entire output from nslookup or
dig look like (ie. how many RR return records)?

PS. the Ethereal tool is your friend.

PM  EMAIL  GALLERY  Attn:RR  Quote
04-30-2004 03:23 PM  13 years agoPost 4
jwegman

rrNovice

Rochester, MN - USA

My Posts: All  Forum  Topic

As ronan675 pointed out, DNS resolution is most likely not a major contributing factor to your problem. If your browser will resolve URL's, your DNS resolver is doing it's thing.

Many people, including myself block ICMP echo responses (pings), at our corporate firewall. Most sales associates etc do not need the functionality to ping. Ping is a useful tool for troubleshooting, however there are mutiple dangers in allowing ICMP echos per my 2nd ed of Building Internet Firewalls pub by OReilly.

Traceroute uses ICMP or UDP datagrams. My linux implimentation can switch between the two protocols. If you are blocking ICMP, traceroute very well may fail.

Are you using an Internet firewall? (I hope you are) - if you are using a recent version of linux, you may very well be using iptables/netfilter as your "firewall".

At the linux command prompt, run the following to see your IPTables firewall rules:

iptables -L

Good luck,
Jake

PM  EMAIL  HOMEPAGE  Attn:RR  Quote
04-30-2004 03:52 PM  13 years agoPost 5
johnb

rrKey Veteran

Guildford, Surrey UK

My Posts: All  Forum  Topic

allowing ICMP echos per my 2nd ed of Building Internet Firewalls pub by OReilly.
you wrote it?

PM  EMAIL  GALLERY  Attn:RR  Quote
04-30-2004 03:54 PM  13 years agoPost 6
jwegman

rrNovice

Rochester, MN - USA

My Posts: All  Forum  Topic

Nonono, it's in "my" possesion. It's written by Elizabeth Zwicky, Simon Cooper, & Brent Chapman.

PM  EMAIL  HOMEPAGE  Attn:RR  Quote
04-30-2004 05:13 PM  13 years agoPost 7
Sar

rrElite Veteran

Saugeties, NY

My Posts: All  Forum  Topic

Thanks for the responses guys. I double checked my firewall settings after your posts to see if something had changed, but it was still as originally configured. It turned out to be a faulty network card. I've seen a lot of bad network cards and have seen them do a lot of weird things, but this is a new one for me. Everything is functioning within standard operating parameters now (I love that condition)

--
Jon

PM  EMAIL  HOMEPAGE  GALLERY  Attn:RR  Quote
04-30-2004 05:14 PM  13 years agoPost 8
johnb

rrKey Veteran

Guildford, Surrey UK

My Posts: All  Forum  Topic

yeah, i have it on my desk too - was checking you weren't a writer using a different name

PM  EMAIL  GALLERY  Attn:RR  Quote
WATCH
 1 page 497 views
HelicopterOff Topics › Linux question: Confusing DNS Resolution probs.
 Print TOPIC  Make Suggestion 

 2  Topic Subscribe

Thursday, December 14 - 4:28 am - Copyright © 2000-2017 RunRyder   EMAILEnable Cookies

Login Here
 New Subscriptions 
 Buddies Online