Cannot sort out how my IP is being resolved
I have a set of servers that I moved from a 192.168.1.x network to 131.92.54.x, and they don't seem to be resolving their names correctly. I'm pretty stumped, so I'll just start by listing what I have right now. (I've obscured the domain since this is a work machine. I do assure you though, they are consistant)
First, the IP is being obtained correctly via DHCP:
[max@icarus ~]$ /sbin/ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:30:48:8B:35:0E
inet addr:18.104.22.168 Bcast:22.214.171.124 Mask:255.255.255.128
inet6 addr: fe80::230:48ff:fe8b:350e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Second, the name is correctly resolved by nslookup:
[max@icarus ~]$ nslookup icarus
Finally, my /etc/hosts file is as simple as can be:
[max@icarus ~]$ cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
However, if I run a command like ping:
[max@icarus ~]$ ping icarus
PING icarus.xxxxxx.xxx (192.168.1.6) 56(84) bytes of data.
--- icarus.modsim.mil ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 1999ms
Boom! I get the old IP. This must be listed in a file somewhere, but I can't find it. I've checked everything in /etc/sysconfig that looks plausible and I jsut don't see an IP listed anywhere. Has anyone else had this issue? I'm running CentOS 5.6.
What is in your /etc/nsswitch.conf file - specifically the hosts: line?
What is in your /etc/resolv.conf? Does it specify domain to search?
What happens if you use dig instead of nslookup? It should give you more information as to what server responded.
What happens if you do nslookup, ping and "dig -x" on the two IPs (old and new)?
What happens if you do nslookup, ping and dig on the fully qualified domain name (FQDN) instead of just the short name? (That is icaraus.example.com rather than just icarus.)
In our work environment we have 4 Windows DNS servers for internal use (and 2 Linux for external). I've seen scenarios where one or more of the Windows DNS servers had the wrong (old) IP cached and had to have the Windows admins clear the cache. Similarly Linux DNS (BIND) can cache so it may be you need to check for a cached entry. (Cached entries typically go away within 48-72 hours by themselves.)
So, nsswitch.conf is pretty boring:
hosts: files nis dns
Also, although there are hosts published via NIS, they aren't applicable:
126.96.36.199 zeus.xxxxxx.xxx zeus
188.8.131.52 hera.xxxxxx.xxx hera
184.108.40.206 filer.xxxxxx.xxx filer
resolv.conf doesn't provide much more information either.
[max@icarus ~]$ cat /etc/resolv.conf
; generated by /sbin/dhclient-script
Ok... I just started playing with dig and now everything seems to be working. I only have the one DNS server, so I'm sure it isn't a server side issue, but perhaps a client side caching problem. I removed a bad IP line out of the /etc/hosts file before lunch (when I sent the initial email), and nothing was working. Now, without changing anything it's 2 hours later and things appear to be fine. I wonder if there isn't some sort of local caching that I'm unaware of.
I just found another box with the same issue. We'll see if this doesn't resolve itself.
I'm not sure it's "fixed", but it is working.
Glad it is working for you.
"nslookup" is actually "deprecated" in favor of "host" though many systems still (or only) have nslookup. Dig gives you a lot more information based on the flags you use. You can even get dig for your Windows systems if you want. Whenever troubleshooting lookups dig should be your tool of choice.
|All times are GMT -5. The time now is 04:04 AM.|