Wednesday, October 05, 2005

DNS client Troubleshooting

DNS trouble..

nslookup always uses dns.
ping uses /etc/nsswitch.conf to determine which method of address lookup.

Recommend that you
# cp /etc/nsswitch.dns /etc/nsswitch.conf

does ping with an IP number work? If it does then there is something wrong
with nsswitch.conf or possibly nscd or even /etc/hosts.

Try viewing a webpage by IP address for example:
http://209.249.116.195 (Sun Site)
If this don't work then it's a routing problem; if it does, then you
need to check your dns files: resolv.conf et all.

Also worth (as suggested by someone else) posting the output of:

dig www.sun.com @204.186.23.65
and maybe,
dig www.sun.com @192.18.128.11

dns2 is outside my main network 204.184.23.65
dig @dns2 google.com works
dig google.com works
dig @gate google.com does not work, as expected, since it is not a
dns server

I think that since I can go to websites by ip fine, my defaultroute
must be correct, same with netmasks
( it has to be 255.255.0.0 since we use both 192.168.10 and 192.168.20
on this section of the network.

double check /etc/nsswitch.conf is called exactly that and has appropriate
perms, I don't know what they _should_ be but 644 shouldn't hurt. And it
contains at least

hosts: files dns

double check /etc/resolv.conf is called exactly that and contains
appropriate entries.

then pick an external address that you *know* won't be in /etc/hosts
OR have been cached by nscd. But one that you know has at least one
IP address

then try

getent hosts your.chosen.host

getent is an interface to your system resolvers and is dictated by
/etc/nsswitch.conf and if appropriate, /etc/resolv.conf

If this displays nothing "echo $?" will show the return of the getent
- a failed lookup is "2". A successful one is "0".

A successful one though, should show you an address and stuff,

If this fails try rebuilding /etc/nsswitch.conf and /etc/resolv.conf
to ensure there is no parsing errors or the like...

'nslookup' uses the DNS resolver libraries directly. It thus bypasses
the name service switch (configured via /etc/nsswitch.conf). If
you're seeing applications fail to resolve addresses, but nslookup
works fine, then the next thing to try is this:

% getent hosts "host name here"

If that works, then it's an application problem of some sort. The
application is just misconfigured (perhaps it has a SOCKS proxy
configured that it doesn't need, or needs one and doesn't have it).

If that doesn't work, then the problem is almost certainly in
/etc/nsswitch.conf.

Check the firewall, whether port 53 tcp and udp are passed. My guess is
that only one of them may pass.

0 Comments:

Post a Comment

<< Home