LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 10-30-2012, 01:52 AM   #1
psycroptic
Member
 
Registered: Aug 2011
Location: USA
Distribution: ArchLinux - 3.0 kernel
Posts: 284

Rep: Reputation: Disabled
clients CAN resolve hostname of server w/nslookup, but CANNOT access by hostname WTF?


Ok, so I'd really like some help into what's going on here.

I have a simple BIND DNS server setup on a LAN, it's the only one running on an Archlinux system. It's up to date. It's been working completely fine as an internal network server for over a year. Now all of a sudden, COMPLETELY AT RANDOM all of my Win7 clients lost the ability to access the server by hostname. IP address access still works, and I can even resolve the hostname of the server via the nslookup command on each system. But pinging the actual hostname (which worked completely fine as of last week) randomly stopped working, as does typing \\servername (in this case pLAN9-server1). What the frick? Nothing was changed by me on the server and clients.

I've attatched a picutre of comman dprompt commands that illustrate whats going on.

Any ideas as to what happened? As usual, it's an issue that started happening completely at RANDOM?????
Attached Images
File Type: png errir.png (111.7 KB, 23 views)
 
Old 10-30-2012, 03:28 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,384

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
Not convinced at all this isn't a windows issue here, but maybe there are search domain mismatches, or the DNS server simply isn't being requested. It's certainly possible to legitmately see this sort of thing on linus, e.g. dig will ONLY use DNS servers, not use the actual NSS stack of hosts files too, so output can differ. Fire up wireshark on that box, and run both commands again. inspect the protocol stuff to see if there's a difference in the traffic to and from the server.
 
Old 10-31-2012, 09:21 PM   #3
psycroptic
Member
 
Registered: Aug 2011
Location: USA
Distribution: ArchLinux - 3.0 kernel
Posts: 284

Original Poster
Rep: Reputation: Disabled
tcpdump shows that when I try to ping "plan9-server1" there is a DNS request from the client but no response back from the server. Whenever this happens, I can't even ping using a FQDN (in this case "pLAN9-Server1.pLAN9.site". Additionally, I've found that running an "ipconfig /flushdns" on the clients fixes the problem for a time, but it's like something expires or gets reset and the clients lose the ability to ping JUST the server by name.
This is stupidly annoying, if for nothing else than the complete irrationality of it. I would ignore it but whenver the issue happens people lose the ability to access the main server on the network, and most of them don't know how to access it by IP so they just conclude that the server is down and email me about it.
 
Old 11-01-2012, 04:41 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,384

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
so if there's no response AT ALL, then hmm, not sure, you should always get back something if it's working. Look at the actual DNS request details in wireshark, see if a domain is being added etc.
 
Old 11-05-2012, 04:09 PM   #5
psycroptic
Member
 
Registered: Aug 2011
Location: USA
Distribution: ArchLinux - 3.0 kernel
Posts: 284

Original Poster
Rep: Reputation: Disabled
bumping. seriously does no one have ANY ideas about whats going on here? this defies all logic to me. if the client can resolve the hostname, AND access it by ip, why can't it access it by hostname? makes no f'ing sense.....
 
Old 11-09-2012, 04:30 AM   #6
DutchGeek
Member
 
Registered: Sep 2006
Distribution: SuSE, Slackware
Posts: 51

Rep: Reputation: 4
try:

ipconfig /displaydns

and see the entries, if they are there check their TTL.

Maybe try wireshark/tcpdump in both cases; when you do an nslookup, and when you ping. Then compare the DNS requests of each, see if you can find a difference ?!

You also might want to check the logs for the BIND server, see why it doesn't response.
 
Old 11-09-2012, 04:49 PM   #7
psycroptic
Member
 
Registered: Aug 2011
Location: USA
Distribution: ArchLinux - 3.0 kernel
Posts: 284

Original Poster
Rep: Reputation: Disabled
Alright, so an ipconfig /displaydns on a machine that currently is having this problem shows the following for plan9-server1:

Code:
    plan9-server1.plan9.site
    ----------------------------------------
    Name does not exist.
Why the frick not? Of course it exists, nslookup confirms that. And worse, now, when I do an ipconfig /flushdns on this particular system, I STILL can't access by hostname, even fully qualified name. I actually had to restart the whole machine to get it back working.

When attemtping to ping plan9-server1, I get the following on a tcpdump of the server:

Code:
IP 172.16.16.13.137 >  172.16.255.255.137: UDP, lenght 50
Where .13 is the machine currently having the problem. No response is sent from the server. This is making absolutely no sense....

Last edited by psycroptic; 11-09-2012 at 04:52 PM.
 
Old 11-09-2012, 05:02 PM   #8
psycroptic
Member
 
Registered: Aug 2011
Location: USA
Distribution: ArchLinux - 3.0 kernel
Posts: 284

Original Poster
Rep: Reputation: Disabled
Just for info, posting config files

/etc/samba/smb.conf
Code:
[global]
        workgroup = pLAN9
        server string = "pLAN9-Server1 :: Linux File Server"
        security = share
        interfaces = eth0 tun0 10.11.12.0/24 lo
        hosts deny = 192.168.68.0/24
#       bind interfaces only = yes
        load printers = no
        log file= /var/log/samba/%m.log
        max log size = 1024
        local master = yes
        os level = 65
        preferred master = yes
        domain master = yes
        local master = yes
        printing = bsd
        printcap name = /dev/null
        create mask = 0775

[Shared]
        comment = Shared server directory (150GB)
        path = /smb/shared
        browseable = yes
        writable = yes
        public = yes

[Videos]
        comment = Video files & downloads
        path = /mnt/videos
        writable = yes
        public = yes
        #valid users = wil htpc

[Administrators]
        comment = Server admin directory (150GB)
        path = /smb/admin
        writable = yes
        valid users = wil

[Music]
        comment = Network-wide music
        path = /mnt/music
        browseable = yes
        writable = yes
        public = yes

[Podcasts]
        comment = Podcasts HDD
        path = /mnt/podcasts
        browseable = yes
        writable = yes
        public = yes

[DVD Rips]
        comment = Uncompressed rips from DVDs
        path = /mnt/dvdrips
        browseable = yes
        writable = yes
        public = yes

[Saved Games]
        comment = Saved games (150GB)
        path = /smb/savedgames
        browseable = yes
        writable = yes

[Backgrounds]
        comment = Widescreen desktop wallpaper
        path = /smb/backgrounds
        browseable = yes
        writable = yes

[RESTORE]
        comment = Access to Win7 restore images
        path = /smb/admin/RESTORE
        browseable = no
        writable = yes
Forward BIND zone (/var/named/pLAN9.zone)

Code:
$ORIGIN .
$TTL 2419200    ; 4 weeks
pLAN9.site              IN SOA  pLAN9-Server1.pLAN9.site. root.pLAN9.site. (
                                2011082128 ; serial
                                28800      ; refresh (8 hours)
                                7200       ; retry (2 hours)
                                2419200    ; expire (4 weeks)
                                86400      ; minimum (1 day)
                                )
                        NS      pLAN9-Server1.pLAN9.site.
$ORIGIN pLAN9.site.
$TTL 3600       ; 1 hour
CERT                    A       172.16.16.31
                        TXT     "00fa7be6910d449153c0bbf9db8852928f"
$TTL 2419200    ; 4 weeks
Galt-PC                 A       172.16.16.15
HP102E6C                A       172.16.16.253
pLAN9-Gateway           A       172.16.16.1
pLAN9-HTPC              A       172.16.16.11
pLAN9-Laptop            A       172.16.16.12
pLAN9-Server1           A       172.16.16.2
pLAN9-Server2           A       172.16.16.3
pLAN9-Server3           A       172.16.16.4
$TTL 86400      ; 1 day
pLAN9-WAP               A       172.16.16.254
$TTL 2419200    ; 4 weeks
pLAN9-Wil               A       172.16.16.10
Reverse (var/named/pLAN9.rev)

Code:
$ORIGIN .
$TTL 86400      ; 1 day
16.16.172.in-addr.arpa  IN SOA  pLAN9-Server1.pLAN9.site. root.pLAN9.site. (
                                2011082115 ; serial
                                28800      ; refresh (8 hours)
                                7200       ; retry (2 hours)
                                2419200    ; expire (4 weeks)
                                86400      ; minimum (1 day)
                                )
                        NS      pLAN9-Server1.pLAN9.site.
$ORIGIN 16.16.172.in-addr.arpa.
$TTL 2419200    ; 4 weeks
1                       PTR     pLAN9-Gateway.pLAN9.site.
$TTL 3600       ; 1 hour
10                      PTR     pLAN9-Wil.pLAN9.site.
11                      PTR     pLAN9-HTPC.pLAN9.site.
12                      PTR     pLAN9-Laptop.pLAN9.site.
15                      PTR     Galt-PC.pLAN9.site.
$TTL 86400      ; 1 day
2                       PTR     pLAN9-Server1.pLAN9.site.
$TTL 3600       ; 1 hour
253                     PTR     HP102E6C.pLAN9.site.
254                     PTR     pLAN9-WAP.pLAN9.site.
$TTL 86400      ; 1 day
3                       PTR     pLAN9-Server2.pLAN9.site.
$TTL 3600       ; 1 hour
31                      PTR     CERT.pLAN9.site.
$TTL 2419200    ; 4 weeks
4                       PTR     pLAN9-Server3.pLAN9.site.
/etc/named.conf

Code:
//
// /etc/named.conf
//

options {
        directory "/var/named";
        pid-file "/var/run/named/named.pid";
        auth-nxdomain yes;
        datasize default;
// Uncomment these to enable IPv6 connections support
// IPv4 will still work:
//      listen-on-v6 { any; };
// Add this for no IPv4:
//      listen-on { none; };

        // Default security settings.
        allow-recursion { localnets; localhost; };
        allow-transfer { localnets; localhost; };
        allow-query { localnets; localhost; };
        allow-update { key dhcpupdate; };
        listen-on { 127.0.0.1; 172.16.16.2; };
        forward first;
        forwarders { 208.67.220.220; 208.67.222.222; };

    version none;
    hostname none;
    server-id none;
};

key dhcpupdate {
        algorithm HMAC-MD5;
        secret "xxxxxxxxxxxxxxxx";
};

zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-transfer { any; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "127.0.0.zone";
        allow-transfer { any; };
};

zone "." IN {
        type hint;
        file "root.hint";
};

zone "pLAN9.site." IN {
        type master;
        file "pLAN9.zone";
};

zone "16.16.172.in-addr.arpa" IN {
        type master;
        file "pLAN9.rev";
};

//zone "example.org" IN {
//      type slave;
//      file "example.zone";
//      masters {
//              192.168.1.100;
//      };
//      allow-query { any; };
//      allow-transfer { any; };
//};

logging {
        channel xfer-log {
                file "/var/log/named.log";
                print-category yes;
                print-severity yes;
                print-time yes;
                severity debug;
        };
        category xfer-in { xfer-log; };
        category xfer-out { xfer-log; };
        category notify { xfer-log; };
//      category queries { xfer-log; };
};
 
Old 11-10-2012, 05:23 AM   #9
DutchGeek
Member
 
Registered: Sep 2006
Distribution: SuSE, Slackware
Posts: 51

Rep: Reputation: 4
Hmmm, strange, as acidkewpie said, it might be a windows issue..

So when you do ipconfig /displaydns, it shows you the name not found, i.e it tried previously to resolve it but got negative answer from server.

You said that when you reboot this machine, it works for a while then stops. try to reboot it and save all the relevant info you can from ipconfig, then when it stops working see what the difference is.


Are you logging the queries in your BIND server? if not then run:
# rndc querylog

then do: tail -f /var/log/messages

while you are: pinging the host, and while using nslookup.
 
Old 11-10-2012, 11:24 AM   #10
psycroptic
Member
 
Registered: Aug 2011
Location: USA
Distribution: ArchLinux - 3.0 kernel
Posts: 284

Original Poster
Rep: Reputation: Disabled
Windows would make sense as the problem here, because I recently (a few days) ago loaded linux onto my laptop just to test for this particular issue. Its been a few days and the laptop hasnt had the problem.

If it is a Windows issue, then I find it quite peculiar that I've never heard or run into this problem ANYWHERE else.

When I have time ill see if BIND has any log info for when this happens... I suspect it won't though, as I saw with the packet logs logging zero response from the server..
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Resolve hostname between openvpn clients SystemR89 Linux - Server 4 11-10-2010 04:56 AM
Ubuntu server cant ping or connect external but can resolve hostname and domain avisonjohn Linux - Networking 20 10-16-2009 05:44 AM
nameserver resolves unqualified hostname in nslookup, ping (at CLI) doesn't-- why? lumix Linux - Networking 1 02-29-2008 07:23 PM
Unable to resolve hostname / IP assigned by DHCP server. rmvinodh123 Linux - Networking 1 10-15-2007 07:00 AM
Want Numeric IP of Web Server to resolve to hostname cyrusc Linux - Newbie 2 03-19-2005 02:54 PM


All times are GMT -5. The time now is 04:47 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration