Problem with DNS lookup

kaplan71 · 03-31-2008, 08:33 AM

Hi there --

I have one of our servers set up to reference two nameservers and two search domains via the /etc/resolv.conf file. Here is a filtered version of the file:

Quote:

nameserver <ip address>
nameserver <ip address>
search <first domain> <second domain>
# generated by NetworkManager, do not edit!

I am trying to do lookups, via the nslookup and host commands, of remote servers, but I am getting errors which indicate that when the search is done, the above search domains are concatenated to hostname being searched. Here is an example:

Quote:

host database.clamav.net
Host database.clamav.net.<second domain> not found: 3(NXDOMAIN)

If I remove either of the domains from the search line, the output has the other domain attached to the output. If I remove the entire search line, I get a REFUSED error message.

The server in question is outside our company's firewall, and it is using iptables as its security. There is an exception that allows DNS to go outbound from the server. Here is the syntax:

Code:

$IPTABLES -A OUTPUT -p tcp --dport 53 -m state --state NEW -j ACCEPT
$IPTABLES -A OUTPUT -p udp --dport 53 -m state --state NEW -j ACCEPT

What is causing this to occur, and how can I correct it? Thanks.

datopdog · 03-31-2008, 12:02 PM

Refused means the DNS server is configured not to respond to your queries, make sure that those servers allow your network to query them before using them

kaplan71 · 03-31-2008, 12:05 PM

Hi there --

I spoke with our Information Security people, and I was able to configure the system in question to resolve to a different set of DNS servers. Once that was done, I reran freshclam, and this time the update completed successfully.