LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 11-05-2004, 07:39 AM   #1
jmonatsys0
LQ Newbie
 
Registered: Nov 2004
Posts: 5

Rep: Reputation: 0
Question ping does not resolve name while nslookup does


Dear All,

I have just installed an shiny new Suse Linux 9.1 with 2.6.4 kernel. I have configured my eth0 interface with fix IP address and all DNS settings & stuff. Now when I try to ping a server in my LAN, its name is not resolved. But when I use nslookup or host command it does. Like so:

bridgetown:/etc # ping ontario
ping: unknown host ontario
bridgetown:/etc # host ontario
ontario.adelior.local has address 192.168.5.55

I am puzzled...

While I run the two commands above, I have a tcpdump running in a second session. That shows the following:

bridgetown:~ # tcpdump -l -n -i eth0 'port 53'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
14:34:15.327912 IP 192.168.5.23.32922 > 192.168.5.11.53: 19967+ A? ontario. (25)
14:34:15.328323 IP 192.168.5.11.53 > 192.168.5.23.32922: 19967 ServFail 0/0/0 (25)
14:34:15.329125 IP 192.168.5.23.32922 > 192.168.5.18.53: 19967+ A? ontario. (25)
14:34:15.341100 IP 192.168.5.18.53 > 192.168.5.23.32922: 19967 NXDomain 0/1/0 (100)
14:34:15.350770 IP 192.168.5.23.32922 > 192.168.5.11.53: 20171+ A? ontario.adelior.local. (39)
14:34:15.351074 IP 192.168.5.11.53 > 192.168.5.23.32922: 20171* 1/0/0 A[|domain]



My config:

bridgetown:/etc # cat hosts
#
# hosts This file describes a number of hostname-to-address
# mappings for the TCP/IP subsystem. It is mostly
# used at boot time, when no name servers are running.
# On small systems, this file can be used instead of a
# "named" name server.
# Syntax:
#
# IP-Address Full-Qualified-Hostname Short-Hostname
#

127.0.0.1 localhost

192.168.5.11 praia praia.adelior.local
192.168.5.18 guatemala guatemala.adelior.local
192.168.202.1 armonk armonk.adelior.local
192.168.5.23 bridgetown.adelior.local bridgetown
bridgetown:/etc # cat resolv.conf
search adelior.local
nameserver 192.168.5.11
nameserver 192.168.5.18


bridgetown:/etc # cat nsswitch.conf
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# compat Use compatibility setup
# nisplus Use NIS+ (NIS version 3)
# nis Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the /var/db databases
# [NOTFOUND=return] Stop searching if not found so far
#
# For more information, please read the nsswitch.conf.5 manual page.
#

# passwd: files nis
# shadow: files nis
# group: files nis

passwd: compat
group: compat

hosts: files dns
networks: files

services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files
publickey: files

bootparams: files
automount: files nis
aliases: files


bridgetown:/etc # cd sysconfig/
bridgetown:/etc/sysconfig # cd network/
bridgetown:/etc/sysconfig/network # cat ifcfg-eth-id-00\:30\:f1\:13\:07\:48
BOOTPROTO='static'
BROADCAST='192.168.5.255'
IPADDR='192.168.5.23'
MTU=''
NETMASK='255.255.255.0'
NETWORK='192.168.5.0'
REMOTE_IPADDR=''
STARTMODE='onboot'
UNIQUE='oxTw.KD56jqvp6D8'
_nm_name='bus-pci-0000:02:08.0'
bridgetown:/etc/sysconfig/network # cat routes
192.168.202.0 192.168.5.20 255.255.255.252 eth-id-00:30:f1:13:07:48
default 192.168.5.2 - -


bridgetown:/etc/sysconfig/network # route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.202.0 192.168.5.20 255.255.255.252 UG 0 0 0 eth0
192.168.5.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.5.2 0.0.0.0 UG 0 0 0 eth0


bridgetown:/etc/sysconfig/network # ifconfig
eth0 Link encap:Ethernet HWaddr 00:30:F1:13:07:48
inet addr:192.168.5.23 Bcast:192.168.5.255 Mask:255.255.255.0
inet6 addr: fe80::230:f1ff:fe13:748/64 Scope:Link
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:50318 errors:0 dropped:0 overruns:0 frame:0
TX packets:16026 errors:0 dropped:0 overruns:0 carrier:0
collisions:1229 txqueuelen:1000
RX bytes:6896639 (6.5 Mb) TX bytes:6128390 (5.8 Mb)
Interrupt:5 Base address:0xf000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:3184 errors:0 dropped:0 overruns:0 frame:0
TX packets:3184 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:332523 (324.7 Kb) TX bytes:332523 (324.7 Kb)

bridgetown:/etc/sysconfig/network #


HELP!!!

Thanks,

Jantje.
 
Old 11-05-2004, 08:05 AM   #2
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Debian, Arch
Posts: 8,507

Rep: Reputation: 128Reputation: 128
The "search" line in /etc/resolv.conf plays with things.

I had this problem, and removing that line fixed it, though it may break other things. Basically, if you have a search line and it looks for something that does not appear to be a full hostname (i.e. ontario) it appends that for the search when using "standard" (non-DNS) tools.
 
Old 11-05-2004, 08:40 AM   #3
jmonatsys0
LQ Newbie
 
Registered: Nov 2004
Posts: 5

Original Poster
Rep: Reputation: 0
Dear Matir,

Yes, I know. The search line in the resolv.conf is there, because I need it. I need to be able to enter a short name and the system should complete it with the domain name (adelior.local in my case). Anyway, I tried taking the search line out and it does not work either. This is what happens then:

bridgetown:/etc # ping ontario
ping: unknown host ontario
bridgetown:/etc # host ontario
Host ontario not found: 2(SERVFAIL)
bridgetown:/etc # ping ontario.adelior.local
ping: unknown host ontario.adelior.local
bridgetown:/etc # host ontario.adelior.local
ontario.adelior.local has address 192.168.5.55


bridgetown:~ # tcpdump -l -n -i eth0 'port 53'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
15:30:09.305776 IP 192.168.5.23.32933 > 192.168.5.11.53: 7074+ A? ontario. (25)
15:30:09.306088 IP 192.168.5.11.53 > 192.168.5.23.32933: 7074 ServFail 0/0/0 (25)
15:30:09.307000 IP 192.168.5.23.32933 > 192.168.5.18.53: 7074+ A? ontario. (25)
15:30:09.318846 IP 192.168.5.18.53 > 192.168.5.23.32933: 7074 NXDomain 0/1/0 (100)
15:30:09.328835 IP 192.168.5.23.32933 > 192.168.5.11.53: 37114+ A? ontario. (25)
15:30:09.329216 IP 192.168.5.11.53 > 192.168.5.23.32933: 37114 ServFail 0/0/0 (25)
15:31:10.107025 IP 192.168.5.23.32933 > 192.168.5.11.53: 55886+ A? ontario.adelior.local. (39)
15:31:10.107547 IP 192.168.5.11.53 > 192.168.5.23.32933: 55886* 1/0/0 A[|domain]

Then again, the following does work fine:

bridgetown:/etc # ping www.adelior.be
PING www.adelior.be (81.188.22.52) 56(84) bytes of data.
64 bytes from kinshasa.adelior.local (81.188.22.52): icmp_seq=1 ttl=128 time=1.02 ms
64 bytes from kinshasa.adelior.local (81.188.22.52): icmp_seq=2 ttl=128 time=0.851 ms
64 bytes from kinshasa.adelior.local (81.188.22.52): icmp_seq=3 ttl=128 time=0.862 ms

--- www.adelior.be ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.851/0.913/1.027/0.084 ms
bridgetown:/etc # host www.adelior.be
www.adelior.be has address 81.188.22.52

15:34:35.438282 IP 192.168.5.23.32933 > 192.168.5.11.53: 4554+ A? www.adelior.be. (32)
15:34:35.438731 IP 192.168.5.11.53 > 192.168.5.23.32933: 4554 1/0/0 A 81.188.22.52 (48)
15:34:35.440513 IP 192.168.5.23.32933 > 192.168.5.11.53: 4555+ PTR? 52.22.188.81.in-addr.arpa. (43)
15:34:35.440931 IP 192.168.5.11.53 > 192.168.5.23.32933: 4555* 2/0/0[|domain]
15:34:56.042134 IP 192.168.5.23.32933 > 192.168.5.11.53: 17529+ A? www.adelior.be. (32)
15:34:56.042529 IP 192.168.5.11.53 > 192.168.5.23.32933: 17529 1/0/0 A 81.188.22.52 (48)


And when I enter
search adelior.local adelior.be
in the resolv.conf, the following ping does work, but ping to any machine on the local network still not resolves the name.

bridgetown:/etc # ping www
PING www.adelior.be (81.188.22.52) 56(84) bytes of data.
64 bytes from kinshasa.adelior.local (81.188.22.52): icmp_seq=1 ttl=128 time=1.02 ms
64 bytes from kinshasa.adelior.local (81.188.22.52): icmp_seq=2 ttl=128 time=0.851 ms
64 bytes from kinshasa.adelior.local (81.188.22.52): icmp_seq=3 ttl=128 time=0.862 ms


So it looks like ping (or any other command -- I tried telnet, ftp, etc.) does not even invoke DNS resolution if the fully qualified name (either explicitely specified or inferred from using the search) is on the local domain. How come?

Thanks for your help,

Jantje.
 
Old 11-16-2004, 02:54 AM   #4
jmonatsys0
LQ Newbie
 
Registered: Nov 2004
Posts: 5

Original Poster
Rep: Reputation: 0
Exclamation

OK, so I finally got Ethereal to work and it sheds some light on this issue...

When Suse 9.1 sees a .local domain, it switches to mdns (Multicast DNS) and uses _only_ that to try to resolve the name. Now, obviously, this does not yield any result; none of the other machines in my network is aware of mdns.

So that is the diagnosis. Anyone care for a remedy? How can I disable the use of mdns in Suse 9.1?

Cheers,

Jantje.
 
Old 11-22-2004, 06:46 AM   #5
jmonatsys0
LQ Newbie
 
Registered: Nov 2004
Posts: 5

Original Poster
Rep: Reputation: 0
Thumbs up

OK, so Suze messed up a little bit... Fact is that, when trying to resolve any name in the .local domain, Suze 9.1 uses only Multicast DNS resolution. And this is sufficiently new to merrit a configuration parameter, except that there isn't one.

My network is (obviously) not set up to use MDNS.

The workaround is to use an older (pre-9.1) /lib/libresolv.so.2

I used the one from the 9.0 Live Eval. Just go to single user, mv the current one (for backup) and copy the older module in place. Go to run level 5 again and Hey Presto.

Cheers,

Jantje.
 
Old 08-23-2005, 02:30 PM   #6
vandevegt
LQ Newbie
 
Registered: Aug 2005
Distribution: SLES
Posts: 2

Rep: Reputation: 0
Question Partial Disable of mDNS possible

I've found recent documentation indicates that creating an empty /etc/mdns.allow will disable all mDNS lookups.

If the file is not present or unreadable the default resolution is for:
.local.
.local

Update 2010-09-07:
To stop a system from attempting multicast DNS resolution (asking the network via mDNS for a name resolution), edit the file /etc/host.conf and add the line:

mdns off

The empty mdns.allow may also work, but I have not tested it.

Last edited by vandevegt; 09-07-2010 at 09:47 PM. Reason: Additional Information
 
Old 09-07-2010, 03:00 PM   #7
nidelius
LQ Newbie
 
Registered: Dec 2007
Posts: 3

Rep: Reputation: 0
Have the same issue in Ubuntu linux 10.04 LTS.

I found the issue to be resolved by changing the configuration of the following file:

/etc/nsswitch.conf

As it sets up the order of how to do the searches
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Ping can't resolve names; Firefox can tiktok Linux - Networking 7 06-21-2005 02:25 PM
ProxyServer: how to ping,nslookup,wget,curl etc from client PC ~=gr3p=~ Linux - Networking 2 06-10-2005 07:16 AM
nslookup works, ping doesn't coolnicklas Linux - Networking 5 04-16-2005 08:23 PM
Can't Resolve Sites, But Can Ping Ody Linux - Networking 1 12-30-2002 10:39 PM
Nslookup cannot resolve DNS..what is the problem??? cpinyit Linux - Networking 1 03-01-2002 09:00 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 04:23 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration