DNS lookups not working on dialup connection

foboldfky · 12-02-2003, 05:50 AM

Well, this sucks... I've been trying to set up a Linux internet machine for my family LAN. Basically, all it has to do is sit there making sure it's connected to the net, and doing IP Masq. for the rest of the internal network. I didn't think it would be a walk in the park, but it's just starting to peeve me off now...

Here's where I'm at: I can get pppd to dial up to my ISP ok. I can ping the ISP's server, the dns servers, and an on-the-net IP (provided by the guide mentioned below). I got the DNS servers from our Windows machine which we're currently using to connect to the net by running `ipconfig /all', and the guide I used to setup PPP was "How to hook up PPP on Linux" by W. G. Unruh (axion.physics.ubc.ca/ppp-linux.html) (BTW: the LDP's HOWTOs on the subject were like trying to read gibberish).

Now, I've tried everything that I could find in that guide, the PPP-HOWTO, NET-HOWTO, and I've searched on google and this message board for about three hours now, and I totally give up. Nothing seems to work.

Below, I've posted the contents of the config files that are related to this (as far as I know), and the output of some commands. Absolutely ANY help as to what's going on would be greatly appreciated. I've changed the IP addresses, phone number, etc. Don't know if that can be used in some malicious way, but better safe than sorry. If there's something else you need to know, please tell me so I can tell you

pppd version: 2.4.1
kernel version: 2.4.18-14
Red Hat Linux 8.0 3.2-7

Output of `hostname`

Code:

gatekeeper.cairns.net.au

Output of `ifconfig`

Code:

eth0      Link encap:Ethernet  HWaddr 00:60:67:65:BD:A2  
          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:52912 errors:0 dropped:0 overruns:0 frame:0
          TX packets:60578 errors:0 dropped:0 overruns:0 carrier:0
          collisions:1658 txqueuelen:100 
          RX bytes:39316209 (37.4 Mb)  TX bytes:6413412 (6.1 Mb)
          Interrupt:10 Base address:0xe800 

lo        Link encap:Local Loopback  
          ...

ppp0      Link encap:Point-to-Point Protocol  
          inet addr:210.11.xxx.xxx  P-t-P:172.16.xxx.xxx  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:576  Metric:1
          RX packets:105 errors:1 dropped:0 overruns:0 frame:0
          TX packets:190 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3 
          RX bytes:12458 (12.1 Kb)  TX bytes:21261 (20.7 Kb)

Output of `route -n`

Code:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
172.16.xxx.xxx  0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         172.16.xxx.xxx  0.0.0.0         UG    0      0        0 ppp0

Contents of /etc/host.conf

Code:

order hosts,bind
multi on

Contents of /etc/hosts

Code:

127.0.0.1	localhost loopback
192.168.0.1	gatekeeper.keeperlan

Contents of /etc/hosts.allow

Code:

ALL: 127.0.0.1 127.0.0.0 192.168.0.0/255.255.255.0

Contents of /etc/hosts.deny

Code:

ALL:ALL

Extract from /etc/nsswitch.conf (I'm not posting the whole thing :P)

Code:

...
hosts:      files nisplus dns
...

Contents of /etc/resolv.conf

Code:

domain		cairns.net.au
nameserver	202.4.31.130
nameserver	203.55.215.34
options		debug

Contents of /etc/ppp/options

Code:

lock
crtscts
defaultroute
noauth
nobsdcomp

Greatly abbreviated output from a single PPP session (logged to /var/log/ppp)
I also broke up the longer lines a bit

Code:

pppd: pppd 2.4.1 started by root, uid 0
chat: send (ATZ^M)
chat: expect (OK)
chat: ATZ^M^M
chat: OK
chat:  -- got it 
chat: send (ATM1L1^M)
chat: expect (OK)
chat: ^M
chat: ATM1L1^M^M
chat: OK
chat:  -- got it 
chat: send (ATDT183240nnnnnn^M)
chat: expect (CONNECT)
chat: ^M
chat: ATDT183240nnnnnn^M^M
chat: CONNECT
chat:  -- got it 
chat: send (\d)
pppd: Serial connection established.
pppd: using channel 1
pppd: Using interface ppp0
pppd: Connect: ppp0 <--> /dev/modem
pppd: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x2f72f6bc> <pcomp> <accomp>]
pppd: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x2f72f6bc> <pcomp> <accomp>]
pppd: rcvd [LCP ConfReq id=0x9b <mru 576> <magic 0xcf8581> <asyncmap 0x0> <mrru 1600>
   < 17 04 01 16> <auth pap> <endpoint [MAC:08:00:03:04:06:dc]>]
pppd: sent [LCP ConfRej id=0x9b <mrru 1600> < 17 04 01 16>]
pppd: rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x2f72f6bc> <pcomp> <accomp>]
pppd: rcvd [LCP ConfReq id=0x9c <mru 576> <magic 0xcf8581> <asyncmap 0x0> <auth pap>
   <endpoint [MAC:08:00:03:04:06:dc]>]
pppd: sent [LCP ConfAck id=0x9c <mru 576> <magic 0xcf8581> <asyncmap 0x0> <auth pap>
   <endpoint [MAC:08:00:03:04:06:dc]>]
pppd: sent [PAP AuthReq id=0x1 user="myusername" password=<hidden>]
pppd: sent [PAP AuthReq id=0x2 user="myusername" password=<hidden>]
pppd: rcvd [PAP AuthAck id=0x2 "Access permitted for user \"myusername\"\r\n"]
pppd: Remote message: Access permitted for user "myusername"^M^J
pppd: sent [IPCP ConfReq id=0x1 <addr 0.0.0.0> <compress VJ 0f 01>]
pppd: sent [CCP ConfReq id=0x1 <deflate 15> <deflate(old#) 15>]
pppd: rcvd [IPCP ConfReq id=0x1 <addr 172.16.xxx.xxx>]
pppd: sent [IPCP ConfAck id=0x1 <addr 172.16.xxx.xxx>]
pppd: rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]
pppd: sent [IPCP ConfReq id=0x2 <addr 0.0.0.0>]
pppd: rcvd [LCP ProtRej id=0x9d 80 fd 01 01 00 0c 1a 04 78 00 18 04 78 00]
pppd: rcvd [IPCP ConfNak id=0x2 <addr 210.11.xxx.xxx>]
pppd: sent [IPCP ConfReq id=0x3 <addr 210.11.xxx.xxx>]
pppd: rcvd [IPCP ConfAck id=0x3 <addr 210.11.xxx.xxx>]
pppd: local  IP address 210.11.xxx.xxx
pppd: remote IP address 172.16.xxx.xxx
pppd: Script /etc/ppp/ip-up started (pid 3823)
pppd: Script /etc/ppp/ip-up finished (pid 3823), status = 0x0
pppd: Terminating on signal 15.
pppd: Script /etc/ppp/ip-down started (pid 4275)
pppd: sent [LCP TermReq id=0x2 "User request"]
pppd: Script /etc/ppp/ip-down finished (pid 4275), status = 0x0
pppd: sent [LCP TermReq id=0x3 "User request"]
pppd: Connection terminated.
pppd: Connect time 43.0 minutes.
pppd: Sent 21746 bytes, received 12761 bytes.
pppd: Exit.

zaphodiv · 12-02-2003, 08:13 AM

> I've changed the IP addresses
If the machine is insecure it will get owned anyway. Constant scans
are a part of being conneted to the internet these days.

I assume that internet access by ip address works?

Extract from /etc/nsswitch.conf
hosts: files nisplus dns

Shouldn't that be just
hosts: files dns

paul.nel · 12-02-2003, 08:39 AM

What does your firewall rules look like? Please post teh output of iptables -L. For a start try to disable your firewall with service iptables stop. If this works I suggest you rebuild your firewall. The IP Maquarade How To at www.tldp.org. has some good pointers.

Regards
p.n

foboldfky · 12-02-2003, 08:50 AM

Quote:

Shouldn't that be just
hosts: files dns

The guide I was following said that it wouldn't make any difference, so long as those two were in the right order. I'll try removing it, and see if it helps.

Also, here's the output of iptables -L:

Code:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Lokkit-0-50-INPUT  all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Lokkit-0-50-INPUT (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
REJECT     tcp  --  anywhere             anywhere           tcp
   flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT     udp  --  anywhere             anywhere           udp
   reject-with icmp-port-unreachable

I have no idea what it means

( /me is

)

Actually, I'd forgotten about the firewall; since it was going to be a net router/machine, I set it to high in the Red Hat config. My idea was to basically get it connecting to the net first, then setting up IP masquerading, and then fine-tune the firewall. I'll try disabling it tomorrow. It's late over here, and to test the machine, I have to pull the modem out of this machine, and stick it in the Linux box. But first, I need sleep

Also, as for the IP masquerading HOWTO, I've read that one too... I think most of it went over my head, although I'm planning on re-reading it when I come to setting that up. I was lucky enough to get a set of Linux CDs with the entire set of HOWTOs (although just how `complete' this is is anyone's guess) on them. For now, I'd be happy if I could just ping google

paul.nel · 12-02-2003, 11:58 AM

OK, this does not look right:

Quote:

REJECT tcp -- anywhere anywhere tcp
flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable

As I mentioned, try with your firewall stopped "service iptabels stop" and try to ping google. After that, set a firewall as explained in the HOW TO I referred to. It is a rather long HOW TO but absolutely briliantly laid out and easy to follow.

Let us know how you are doing.

Regards

p.n

foboldfky · 12-03-2003, 09:53 AM

I've nailed the bugger.

Turns out it WAS Redhat's firewall keeping me from doing DNS resolution. Thanks to everyone's advice; I've now got the net working on the Linux machine, PLUS I've managed to get IQ Masq working, too. Wai! ^_^.

All I have to do now is setup some remote control procedure to directly control the firewall settings/net connection from the other machines, dial on demand, and work out why filesharing with the windows boxes suddenly died (whopsie, think I broke something :P)

Once again, thanks for everyone's help.