LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 12-09-2002, 09:39 PM   #1
chris_mate
LQ Newbie
 
Registered: Dec 2002
Posts: 4

Rep: Reputation: 0
Question DNS lookup going out for "localhost"??


I'm in a bit of a mess...

I have a Linux server that uses exim to relay mail out via a dial-up connection.

Workstation mail clients send mail using SMTP via this server.

Recently outgoing mail has been failing from the workstations.

Using tethereal on the ppp0 interface, and running exim in -bh mode, I can think that the mail clients are timing out waiting for a DNS lookup going out to the internet for "localhost", which takes longer to time out than the client is prepared to wait for.

The exim configuration includes localhost as an err... local host. I can't see why it would try a DNS lookup when localhost is clearly in /etc/hosts as 127.0.0.1

I've seen some web pages that talk about using a bind to run a caching-only nameserver to take care of localhost lookups but I'm also running squid, which should be caching dns lookups but doesn't seem to be. I think.

Can you help me
a) why do we ever try a dns lookup out to the internet for localhost?
b) should i run a caching-only nameserver using bind or should squid being doing the same job?

I'm using debian linux.

Thanks!
 
Old 12-10-2002, 03:45 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,675
Blog Entries: 54

Rep: Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954
Does your /etc/hosts.conf say "order hosts, bind" and
does your /etc/nsswitch.conf also have files first in "hosts: files dns <other> <other> <other>"?
 
Old 12-10-2002, 12:46 PM   #3
chris_mate
LQ Newbie
 
Registered: Dec 2002
Posts: 4

Original Poster
Rep: Reputation: 0
Thank you for your help.

Err.. I don't have a hosts.conf anywhere.

nsswitch.conf does have the line you say.

I've installed bind since I posted the query and that seems to have fixed the problem, it was easier than I thought it would be to install it. Had to work out that pppconfig overwrites the resolv.conf file everytime, taking a per-provider skeleton where I put the localhost dns entry.
 
Old 12-10-2002, 12:50 PM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,415

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
try /etc/host.conf - not plural
 
Old 12-11-2002, 08:50 AM   #5
chris_mate
LQ Newbie
 
Registered: Dec 2002
Posts: 4

Original Poster
Rep: Reputation: 0
Doh, yes, I do have a host.conf. It does say "order hosts, bind". I guess that got there when I installed bind. So everything's ok now. Thank you for your help.

I still don't understand DNS stuff very well - haven't taken the time to learn which is obviously my fault. Is it easy to make bind cache dns lookups locally? At the moment I think my local bind is just using the static lookup for localhost=127.0.0.1 that's configured?
 
Old 12-11-2002, 09:38 AM   #6
chris_mate
LQ Newbie
 
Registered: Dec 2002
Posts: 4

Original Poster
Rep: Reputation: 0
OK, I think part of the problem was my ipchains firewall blocking some of the DNS responses. If I bring down the firewall, my DNS lookups are cached and I don't see repetitive requests for the same addresses (as before - e.g. the ones from db.root).

The basic policy is to deny all traffic on the input of the ppp0 interface except

Allow to http, pop3, https ports from port above 1024 & vice versa

Allow DNS type traffic using the lines:

ipchains -A input -s $DNS1 -d $LOCALIP -p UDP -j ACCEPT -i ppp0 -b
ipchains -A input -s $DNS2 -d $LOCALIP -p UDP -j ACCEPT -i ppp0 -b

But now I'm running bind, I get replys from more than just the DNS ip addresses my ISP tells me about. How can I change the rules to make it work better? Thanks again!
 
Old 12-22-2002, 03:24 AM   #7
NegativeZERO
LQ Newbie
 
Registered: Jun 2002
Posts: 5

Rep: Reputation: 0
What would be the rules to add to the rc.firewall for IPtables? I want to allow internal network DNS and I want to allow DNS from outside my network as well. Also how would I allow unrestricted from the computers with in my own lan? I want the computers on the IP's 192.168.1.0/7 to have n restrictions from the internal firewall. But I dont want them to pass through my extarnal my net sid of my network, just my lan.


Thanks
NegativeZERO

Last edited by NegativeZERO; 12-22-2002 at 03:30 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Why "bash-2.05b$" in Terminal instead of "username@localhost username" jayelitumbiolo Linux - General 9 10-04-2009 04:16 AM
CUPS problem! "localhost:631, connection refused"!!! robbow52 Debian 5 03-04-2009 02:27 PM
Traceroute, Ping, Domain Name Server (DNS) Lookup, WHOIS, and DNS Records Lookup netoknet General 1 05-09-2005 04:43 AM
" [drm-i830-wait-ring] *Error*Lookup" zameer_india Linux - Networking 1 10-05-2004 12:46 AM
IPv6 stopping DNS lookup on localhost movery Linux - Networking 1 07-19-2004 04:12 PM


All times are GMT -5. The time now is 10:26 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration