|
Rehat machine won't do dns lookup via udp
Redhat 9/Serial Modem/fully updated via apt-get (as of a couple of days ago)/access through kppp.
Hi. I've started a new thread as my problems have changed. I have a machine at home that refuses to work with britishlibrary.net nameservers. Having used dig and downloaded a java DNS client, and tried my other redhat 9 machine at work I find the following. At home, if I try to lookup a name via dns using default settings or udp, I get a timeout, and hence failure. If I force dig or the java client to use tcp, then the name lookup is successful. Suspecting that there might be something weird with the britishlibrary.net dns servers, I tried accessing them from my work machine (redhat 9, connected via ethernet to the university network). In this case, the dns lookup (both via dig and the java client) works fine, even if I specify udp as the protocol. Does anyone know what might be wrong with my machine at home? The IP address of the dns server is: 193.131.248.36 I'd appreciate if someone connecting to linux via a modem could try the following command: $ dig +udp 193.131.248.36 www.google.com and see what happens. I note that the britishlibrary.net support pages recommend turning off header compression. I could only find an option for "vj" compression in ppp, and used the -vj option to turn it off, to no effect. Does anyone know what might be wrong? Cheers, Ross-c |
do u have a firewall running? iptables -L
|
Hi. Thanks for the reply.
I set up the computer to be high security. My work computer was set up (if I recall correctly) to be medium security, and it reports a lot of rules when I run iptables -L. I do notice a line for my work dns server, although it seems a bit dynamic (reports different names linked to the same ip address) each time I run it. I've just phoned home and got my command-line phobic partner to do a /sbin/iptables -L. It lists the working (demon.co.uk) dns server with an accept, but doesn't mention the british library dns servers at all. This could be because we initially set up the demon.co.uk connection with redhat-config-network (or similarly named command), but only set up britishlibrary.net with the kppp dialogue. I'm going to print out some docs (assuming I can find some) on manually configuing the redhat firewall and see if I can fix things this way tonight. Cheers, Ross-c |
OK. This is solved. As suggested, it was the firewall that was causing the problems. I had the firewall on highest security, which didn't allow the dns server to reply by udp. Redhat does "punch a hole through" (their language) the firewall for the dns server. But, I had only my primary internet provider (demon) hand-edited into the /etc/resolv.conf file. kppp was editing the /etc/resolv.conf file to put the britishlibrary.net dns servers in (and remove the demon ones), but wasn't aware of the firewall, so no new "holes" were being "punched" through. This error only occurred when the firewall was set (using redhat-config-securitylevel) to "high". On "medium", (and "no firewall") there was no problem.
I hand-edited the /etc/resolv.conf file to have all four nameservers, two from demon.co.uk, and two from britishlibrary.net. Then, when the firewall was configured (I did a reboot, don't know if it was necessary), it had four "holes" in it, one for each nameserver. Then, when I connected with kppp to the britishlibrary.net, dns works fine. Phew! Cheers, Ross-c |
| All times are GMT -5. The time now is 02:19 AM. |