|
Fri, 26 Mar 2010 09:22:26 +1100 <alex@samad.com.au> wrote: > > On Fri, Mar 26, 2010 at 5:54 AM, Mike Viau <viaum@sheridanc.on.ca> wrote: > > Hello debian-users, > > > > I have run into an interesting issue with the DNS resolution on only one of > > my debian lenny systems on my network. > > > [snip] > > So 10.254.2.254 is router, dgw, dns and it working > 10.254.2.1 is machine you are on that can't do dns > > * Have you check any firewall issues There is not rules to block traffic as long as the source is from my LAN subnet (10.254.2.0/24). Also there are not firewalls installed on this box where DNS is not working. Lastly my iptables are below. root@localhost:~# iptables -L -v -v Chain INPUT (policy ACCEPT 12597 packets, 6082K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 7668 packets, 465K bytes) pkts bytes target prot opt in out source destination libiptc v1.4.2. 632 bytes. Table `filter' Hooks: pre/in/fwd/out/post = 4294967295/0/152/304/4294967295 Underflows: pre/in/fwd/out/post = 4294967295/0/152/304/4294967295 Entry 0 (0): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `'/................ Protocol: 0 Flags: 00 Invflags: 00 Counters: 12597 packets, 6081888 bytes Cache: 00000000 Target name: `' [40] verdict=NF_ACCEPT Entry 1 (152): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `'/................ Protocol: 0 Flags: 00 Invflags: 00 Counters: 0 packets, 0 bytes Cache: 00000000 Target name: `' [40] verdict=NF_ACCEPT Entry 2 (304): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `'/................ Protocol: 0 Flags: 00 Invflags: 00 Counters: 7668 packets, 465108 bytes Cache: 00000000 Target name: `' [40] verdict=NF_ACCEPT Entry 3 (456): SRC IP: 0.0.0.0/0.0.0.0 DST IP: 0.0.0.0/0.0.0.0 Interface: `'/................to `'/................ Protocol: 0 Flags: 00 Invflags: 00 Counters: 0 packets, 0 bytes Cache: 00000000 Target name: `ERROR' [64] error=`ERROR' > * dig is your friend > > dpkg -S /usr/bin/dig > dnsutils: /usr/bin/dig > link http://packages.debian.org/sid/dnsutils > > with this you can query you dns and test the setup so something like > this from the .1 machine (and even test from the .254 machine to test > as well) > > dig @10.254.2.254 google.com > > this tells dig to talk to 10.254.2.254 and make a request for > google.com (this by passes the local resolv library and make a direct > request to the dns server) > > see if that give you any answers - check the difference between doing > this on .1 and .254. root@localhost:~# dig @10.254.2.254 google.com ; <<>> DiG 9.5.1-P3 <<>> @10.254.2.254 google.com ; (1 server found) ;; global options: printcmd ;; connection timed out; no servers could be reached root@localhost:~# dig @10.254.2.1 google.com ; <<>> DiG 9.5.1-P3 <<>> @10.254.2.1 google.com ; (1 server found) ;; global options: printcmd ;; connection timed out; no servers could be reached > > also try using you ISP's dns server address instead of 10.254.2.254 > ISP (bell.ca) DNS server IP is 207.164.234.193. root@localhost:~# ping 207.164.234.193 PING 207.164.234.193 (207.164.234.193) 56(84) bytes of data. 64 bytes from 207.164.234.193: icmp_seq=1 ttl=250 time=8.72 ms 64 bytes from 207.164.234.193: icmp_seq=2 ttl=250 time=7.39 ms 64 bytes from 207.164.234.193: icmp_seq=3 ttl=250 time=7.84 ms 64 bytes from 207.164.234.193: icmp_seq=4 ttl=250 time=7.60 ms ^C --- 207.164.234.193 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3005ms rtt min/avg/max/mdev = 7.399/7.894/8.728/0.510 ms root@localhost:~# dig @207.164.234.193 google.com ; <<>> DiG 9.5.1-P3 <<>> @207.164.234.193 google.com ; (1 server found) ;; global options: printcmd ;; connection timed out; no servers could be reached > another tool would be tcpdump, in another windows/screen try this > tcpdump -pni <interface> host 10.254.2.254 and port 53 and then run > the dig command again, you should see requests being sent to the dns > server and you should see replies from there. TCPDUMP findings. root@localhost:~# tcpdump -pni br200 host 10.254.2.254 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on br200, link-type EN10MB (Ethernet), capture size 96 bytes 20:05:40.718890 IP 10.254.2.1.40570 > 10.254.2.254.53: 57874+ A? google.com. (28) 20:05:45.718145 arp who-has 10.254.2.254 tell 10.254.2.1 20:05:45.718627 arp reply 10.254.2.254 is-at 00:16:3e:11:11:03 20:05:45.718867 IP 10.254.2.1.40570 > 10.254.2.254.53: 57874+ A? google.com. (28) 20:05:50.719166 IP 10.254.2.1.40570 > 10.254.2.254.53: 57874+ A? google.com. (28) 20:06:03.271249 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 273 20:06:03.271502 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 345 20:06:03.271575 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 341 20:06:03.271718 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 321 20:06:03.271836 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 353 20:06:03.271874 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 335 20:06:03.272024 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 337 20:06:03.272065 IP 10.254.2.254.42132 > 239.255.255.250.1900: UDP, length 337 ^C 13 packets captured 13 packets received by filter 0 packets dropped by kernel and when using my ISPs DNS root@localhost:~# tcpdump -pni br200 host 207.164.234.193 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on br200, link-type EN10MB (Ethernet), capture size 96 bytes 20:19:21.270079 IP 10.254.2.1.41097 > 207.164.234.193.53: 41177+ A? google.com. (28) 20:19:26.270046 IP 10.254.2.1.41097 > 207.164.234.193.53: 41177+ A? google.com. (28) 20:19:31.270262 IP 10.254.2.1.41097 > 207.164.234.193.53: 41177+ A? google.com. (28) ^C 3 packets captured 3 packets received by filter 0 packets dropped by kernel > [snip] > > In another email you said you can't install any packages because you > can't download to that machine. > > if you download them to another machine and then scp over you can use > dpkg -i <packagename> > Thanks I used you tip! > > depending on the results would depend on what to do next :) > > How shall I preceed? I am getting no reply from my DNS queries it seems. -M > -- > To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org > Archive: http://lists.debian.org/[🔎] 836a6dcf1003251522x53388116saa2d741091dea02a@mail.gmail.com > Stay in touch. Get Messenger on your phone now. |