I have set up a simple home network just to play around a little and learn the commands/configs for linux. My setup is like this (from the wall):

1. Cable Modem
2. Older PC with FC1 (eth0) -spoofed MAC addy to make it work correctly with ISP-
3. Second NIC (eth1)
4. Crossover Cable
5. Main Computer FC3 (eth0)

I have it set up with ipforwarding/masquerade on the router box. I can ping the router box (FC1) from the main box (FC3) and vice versa. I can connect to the Internet with the router box and ping by IP and Hostname. However, here's the problem. On the main box (FC3) I can ping by IP but not by hostname. I know that this is a DNS problem on the FC3 box, however I cannot nail it down to a specific cause. I have the nameservers set in the /etc/resolv.conf file..... they are exactly the same as the router box (which works perfectly). I can ping those name servers, but for some reason they won't resolve for me... All internal IPs are statically assigned, and the router box is set up to get the IP from my ISP via DHCP. I am pretty much at my wit's end, as resolv.conf is the only place that I can think of that handles the nameservers for the system. The only thing that I can think of would be that iptables on the FC3 box is blocking this traffic, however I don't think this is the case because I stopped the service and tried and no luck. I would appreciate any suggestions that anyone would be able to offer, and will post the output of anything needed (within reason hehe). Thanks in advance for any advice you can give to me!

one very easy way is there since ur network is very small.
just make the entries in /etc/hosts file for the hosts u want to ping..hopefully that will solve ur problem.
bye

Hi,

Try typing the following at the command prompt
nslookup <enter>
server <enter>

After typing server and hitting enter look at what the IP address is of the name server listed. If it's anything other than your DNS server then there's a problem there. Once we know what the output is, we can work from there.

Well, here are the results:

[root@main ~]# ping router
PING router.home.net (192.168.100.1) 56(84) bytes of data.
64 bytes from router.home.net (192.168.100.1): icmp_seq=0 ttl=64 time=1.28 ms
64 bytes from router.home.net (192.168.100.1): icmp_seq=1 ttl=64 time=0.162 ms

--- router.home.net ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.162/0.721/1.280/0.559 ms, pipe 2

[root@main ~]# ping yahoo.com
ping: unknown host yahoo.com

[root@main ~]# ping 216.109.112.135 ------IP of yahoo.com------
PING 216.109.112.135 (216.109.112.135) 56(84) bytes of data.
64 bytes from 216.109.112.135: icmp_seq=0 ttl=48 time=88.9 ms
64 bytes from 216.109.112.135: icmp_seq=1 ttl=48 time=102 ms

--- 216.109.112.135 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 88.960/95.828/102.697/6.875 ms, pipe 2

[root@main ~]# nslookup
> yahoo.com
--no output--


/etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.100.1 router.home.net router
192.168.100.2 main.home.net main

/etc/resolv.conf
search hsd1.wa.comcast.net.
nameserver 68.87.66.196
nameserver 68.87.64.196

/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
PEERDNS=yes
IPV6INIT=no
NETMASK=255.255.255.0
IPADDR=192.168.100.2
GATEWAY=192.168.100.1

All the above files are from the FC3 box behind the router box, as the router box can access the Internet without problems. It definately has to be a DNS problem, but I can't figure out why or where..... Thanks for the help so far, I look forward to any suggestions you may have!

Hi,

First of all after typing nslookup you were supposed to type "server" instead of yahoo.com. This way, we will know what DNS server is responding to your requests.

Well in either case it should still show my DNS servers, but here is what happens with the "nslookup server" command:

[root@main ~]# nslookup server
;; connection timed out; no servers could be reached

And, here's what happens when I ping my primary DNS server by IP, same with secondary:

[root@main ~]# ping 68.87.66.196
PING 68.87.66.196 (68.87.66.196) 56(84) bytes of data.
64 bytes from 68.87.66.196: icmp_seq=0 ttl=52 time=62.0 ms
64 bytes from 68.87.66.196: icmp_seq=1 ttl=52 time=66.2 ms
64 bytes from 68.87.66.196: icmp_seq=2 ttl=52 time=58.0 ms
64 bytes from 68.87.66.196: icmp_seq=3 ttl=52 time=57.2 ms
64 bytes from 68.87.66.196: icmp_seq=4 ttl=52 time=59.6 ms

--- 68.87.66.196 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 3998ms
rtt min/avg/max/mdev = 57.261/60.648/66.297/3.271 ms, pipe 2

And, on the router box while connected to the cable modem:

[root@router /]# nslookup server
Note: nslookup is deprecated and may be removed from future releases.
Consider using the 'dig' or 'host' programs instead. Run nslookup with
the '-sil[ent]' option to prevent this message from appearing.
Server: 68.87.66.196
Address: 68.87.66.196#53

**server can't find server: NXDOMAIN

Could your FC1 box be blocking port 53 in it's firewall? Have you tried disabling iptables on FC1?

Yes, I've tried disabling iptables on both machines at the same time by using "service iptables stop", then trying to access the Internet on the FC3 box with the same results. That's why I'm so confused, I don't see any reason why I would be able to ping by IP only and not be able to resolve hostnames.... there could be a routing problem from the FC1 box but from the research that I've done I just can't seem to find where and why.... Is there a different way I should be disabling iptables or is there another config file that sets up routes for DNS resolution? I have done a lot of googling and research and am mystified at this point..... Perhaps I should start over with the FC1 box and set up the masquerading, nat, and iptables rules again.... I've used numerous guides that I have found on the Internet to help me set everything up, perhaps by using so many different guides I have missed something or overwritten some rules somewhere.... Do you have any ideas on a specific guide to use that you know will work?

Thanks for all your ideas up to this point, I really appreciate all the help that you have been trying to give me!

First try setting PEERDNS=no in your eth0 config. If that doesn't work post your /etc/nsswitch.conf file for FC3 and just for the heck of it, post the output of ifconfig for FC1 and FC3.

Setting PEERDNS=no in ifcfg-eth0 resulted in no change after "service network restart"

FC3 /etc/nsswitch.conf --without "commented out" instructions at the beginning
passwd: files
shadow: files
group: files

hosts: db files nisplus nis dns

# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files

bootparams: nisplus [NOTFOUND=return] files

ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files

netgroup: files

publickey: nisplus

automount: files
aliases: files nisplus

FC3 ifconfig

eth0 Link encap:Ethernet HWaddr 00:50:8D:FD:98:97
inet addr:192.168.100.2 Bcast:192.168.100.255 Mask:255.255.255.0
inet6 addr: fe80::250:8dff:fefd:9897/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4625 errors:0 dropped:0 overruns:0 frame:0
TX packets:262 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:367895 (359.2 KiB) TX bytes:31217 (30.4 KiB)
Interrupt:11 Base address:0xa000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1255 errors:0 dropped:0 overruns:0 frame:0
TX packets:1255 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1411976 (1.3 MiB) TX bytes:1411976 (1.3 MiB)

FC1 ifconfig
eth0 Link encap:Ethernet HWaddr 00:50:8D:FD:98:97 <--spoofed for ISP account
inet addr:24.17.238.96 Bcast:255.255.255.255 Mask:255.255.252.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:10334 errors:0 dropped:0 overruns:0 frame:0
TX packets:41 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000
RX bytes:642989 (627.9 Kb) TX bytes:4023 (3.9 Kb)
Interrupt:11 Base address:0xc000

eth1 Link encap:Ethernet HWaddr 00:D0:B7:20:84:65
inet addr:192.168.100.1 Bcast:192.168.100.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:53 errors:0 dropped:0 overruns:0 frame:0
TX packets:57 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000
RX bytes:3514 (3.4 Kb) TX bytes:5134 (5.0 Kb)
Interrupt:11 Base address:0x2440 Memory:41300000-41300038

lo Link encap:Local Loopback
inet addr: 127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:10 errors:0 dropped:0 overruns:0 frame:0
TX packets:10 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0
RX bytes:700 (700.0 b) TX bytes:700 (700.0 b)

My next suggestion is to try and remove the search line in /etc/resolv.conf leaving only the nameserver specification.

Unfortunately that also had no effect.... lol Does the output of "route -n" look correct to you?

[root@main etc]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.100.1 0.0.0.0 UG 0 0 0 eth0

Well, I just got back from vacation and removed FC1 from the router box to start fresh. It is now running FC3 the same as my main box. I set everything up (NAT and ipmasquerading) according to a guide I found at another linux forum site, and everything was back to the way it was.... ability to ping both machines from one another and hostnames not resolving on the main box. So, on a hunch, I shut down both firewalls and reran the ipmasquerading script I created on the router box and, to my suprise, I was able to browse the internet on both machines and ping normally from the main box. So, in effect, I have narrowed the problem down to the firewall on the router box. However, I am not very familiar with how to set up the firewall to allow hostname resolution and was wondering if anyone had suggestions on how to do so, as well as creating a good firewall..... this router box will be serving as my main firewall in the future and needs to be quite sound. I would appreciate any help diagnosing the firewall as it is now (to allow hostname resolution) and any suggestions on how to set it up for my needs..... any information needed can be posted when requested. I look forward to any suggestions that you may come up with! Thanks!

One of the problems that I can see is in .

/etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.100.1 router.home.net router
192.168.100.2 main.home.net main

You have a mismatch with these entries , the hosts file should contain
<ip address> <workgroup>.<compname> <alias>
So you really should be having an entry something like

127.0.0.1 localhost.localdomain localhost
192.168.100.1 home.router router
192.168.100.2 home.main main