LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 08-17-2011, 09:31 PM   #1
manuel220
LQ Newbie
 
Registered: May 2011
Posts: 3

Rep: Reputation: 0
Question What can be blocking the DNS response going back to my server?


I have a server with a hosting company, but not sure where but it started failing on every DNS request.

I stopped iptables, I see that I can get response from the DNS when using tcp but not udp. What else can be blocking the response from DNS on default udp??


I've requested network team of the hoster to allow udp to my server from the specific DNS server's ip.


Code:
cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 66.96.80.194
nameserver 66.96.80.43

Code:
[root@armadaazteca ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination


Code:
[root@armadaazteca ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
68.233.243.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         68.233.243.1    0.0.0.0         UG    0      0        0 eth0
dig default using udp

Code:
[root@armadaazteca ~]# dig www.yahoo.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> www.yahoo.com
;; global options:  printcmd
;; connection timed out; no servers could be reached
dig using tcp

Code:
[root@armadaazteca ~]# dig +tcp www.yahoo.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> +tcp www.yahoo.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63578
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.yahoo.com.                 IN      A

;; ANSWER SECTION:
www.yahoo.com.          258     IN      CNAME   fp3.wg1.b.yahoo.com.
fp3.wg1.b.yahoo.com.    19      IN      CNAME   any-fp3-lfb.wa1.b.yahoo.com.
any-fp3-lfb.wa1.b.yahoo.com. 259 IN     CNAME   any-fp3-real.wa1.b.yahoo.com.
any-fp3-real.wa1.b.yahoo.com. 19 IN     A       209.191.122.70

;; Query time: 34 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Aug 17 21:26:04 2011
;; MSG SIZE  rcvd: 128
finaly a small packet capture

capture.pcap.txt
 
Old 08-18-2011, 02:46 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,907

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
Hi,

You may try to reduce edns to 512 bytes and see if it helps
Code:
max-udp-size 512;
edns-udp-size 512;
Regards
 
  


Reply

Tags
dns failure, firewall, linux


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
DNS fail: can't resolve subdomains, server giving wrong response sneakyimp Linux - Server 4 07-14-2010 12:24 PM
Dns response and connection Seregwethrin Linux - Networking 9 06-17-2010 09:41 AM
DNS Server is down and will not come back texmansru47 Linux - Networking 1 06-26-2008 04:25 PM
Server back with more features (dynamic dns) Robert0380 LinuxQuestions.org Member Success Stories 0 10-31-2003 03:35 AM
DNS no response antec30 Linux - Networking 3 09-08-2001 03:49 PM


All times are GMT -5. The time now is 11:49 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration