clients CAN resolve hostname of server w/nslookup, but CANNOT access by hostname WTF?
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
clients CAN resolve hostname of server w/nslookup, but CANNOT access by hostname WTF?
Ok, so I'd really like some help into what's going on here.
I have a simple BIND DNS server setup on a LAN, it's the only one running on an Archlinux system. It's up to date. It's been working completely fine as an internal network server for over a year. Now all of a sudden, COMPLETELY AT RANDOM all of my Win7 clients lost the ability to access the server by hostname. IP address access still works, and I can even resolve the hostname of the server via the nslookup command on each system. But pinging the actual hostname (which worked completely fine as of last week) randomly stopped working, as does typing \\servername (in this case pLAN9-server1). What the frick? Nothing was changed by me on the server and clients.
I've attatched a picutre of comman dprompt commands that illustrate whats going on.
Any ideas as to what happened? As usual, it's an issue that started happening completely at RANDOM?????
Not convinced at all this isn't a windows issue here, but maybe there are search domain mismatches, or the DNS server simply isn't being requested. It's certainly possible to legitmately see this sort of thing on linus, e.g. dig will ONLY use DNS servers, not use the actual NSS stack of hosts files too, so output can differ. Fire up wireshark on that box, and run both commands again. inspect the protocol stuff to see if there's a difference in the traffic to and from the server.
tcpdump shows that when I try to ping "plan9-server1" there is a DNS request from the client but no response back from the server. Whenever this happens, I can't even ping using a FQDN (in this case "pLAN9-Server1.pLAN9.site". Additionally, I've found that running an "ipconfig /flushdns" on the clients fixes the problem for a time, but it's like something expires or gets reset and the clients lose the ability to ping JUST the server by name.
This is stupidly annoying, if for nothing else than the complete irrationality of it. I would ignore it but whenver the issue happens people lose the ability to access the main server on the network, and most of them don't know how to access it by IP so they just conclude that the server is down and email me about it.
so if there's no response AT ALL, then hmm, not sure, you should always get back something if it's working. Look at the actual DNS request details in wireshark, see if a domain is being added etc.
bumping. seriously does no one have ANY ideas about whats going on here? this defies all logic to me. if the client can resolve the hostname, AND access it by ip, why can't it access it by hostname? makes no f'ing sense.....
and see the entries, if they are there check their TTL.
Maybe try wireshark/tcpdump in both cases; when you do an nslookup, and when you ping. Then compare the DNS requests of each, see if you can find a difference ?!
You also might want to check the logs for the BIND server, see why it doesn't response.
Alright, so an ipconfig /displaydns on a machine that currently is having this problem shows the following for plan9-server1:
Code:
plan9-server1.plan9.site
----------------------------------------
Name does not exist.
Why the frick not? Of course it exists, nslookup confirms that. And worse, now, when I do an ipconfig /flushdns on this particular system, I STILL can't access by hostname, even fully qualified name. I actually had to restart the whole machine to get it back working.
When attemtping to ping plan9-server1, I get the following on a tcpdump of the server:
Code:
IP 172.16.16.13.137 > 172.16.255.255.137: UDP, lenght 50
Where .13 is the machine currently having the problem. No response is sent from the server. This is making absolutely no sense....
Last edited by psycroptic; 11-09-2012 at 04:52 PM.
Hmmm, strange, as acidkewpie said, it might be a windows issue..
So when you do ipconfig /displaydns, it shows you the name not found, i.e it tried previously to resolve it but got negative answer from server.
You said that when you reboot this machine, it works for a while then stops. try to reboot it and save all the relevant info you can from ipconfig, then when it stops working see what the difference is.
Are you logging the queries in your BIND server? if not then run:
# rndc querylog
then do: tail -f /var/log/messages
while you are: pinging the host, and while using nslookup.
Windows would make sense as the problem here, because I recently (a few days) ago loaded linux onto my laptop just to test for this particular issue. Its been a few days and the laptop hasnt had the problem.
If it is a Windows issue, then I find it quite peculiar that I've never heard or run into this problem ANYWHERE else.
When I have time ill see if BIND has any log info for when this happens... I suspect it won't though, as I saw with the packet logs logging zero response from the server..
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.