LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-28-2014, 09:57 AM   #16
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529

Quote:
Originally Posted by ASTRAPI View Post
Then i notice that i got to:
hosts file:
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
Sounds wrong to me. First 2 lines should read and in exactly that order:
Code:
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6

Quote:
Originally Posted by ASTRAPI View Post
and on nameservers i got a line:
search ip-37-187-151.eu
I thought that this can happen if it can't use ipv4 and try to connect using ipv6...[/code]
The "search" line has nothing to do with IP Suite protocols (see 'man resolv.conf') and for IPv6 you either need direct IPv6 connectivity (and you would know if you got that) or an IPv6-to-IPv4 stack.


Quote:
Originally Posted by ASTRAPI View Post
The one who fix this for me and give me this korean dns told me:
Quote:
Your have networking problem outside from server (hosting and upper)
You have given evidence that you can successfully:
0) reach name servers and repositories,
1) query name servers,
...so there is no apparent problem with either interconnectivity or accessing or getting responses from servers.
Which makes me wonder how this person diagnosed things.
If there's any commands / output do post it.
 
Old 12-28-2014, 10:14 AM   #17
ASTRAPI
Member
 
Registered: Feb 2007
Posts: 210

Original Poster
Rep: Reputation: 16
I enable my csf firewall and i run again the iptables-save :

[root@server ~]# iptables-save
# Generated by iptables-save v1.4.7 on Sun Dec 28 17:02:54 2014
*mangle
:PREROUTING ACCEPT [422517:884479177]
:INPUT ACCEPT [422517:884479177]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [406367:918704798]
:POSTROUTING ACCEPT [406346:918702795]
COMMIT
# Completed on Sun Dec 28 17:02:54 2014
# Generated by iptables-save v1.4.7 on Sun Dec 28 17:02:54 2014
*nat
:PREROUTING ACCEPT [2072:127195]
:POSTROUTING ACCEPT [6488:392490]
:OUTPUT ACCEPT [6497:394013]
COMMIT
# Completed on Sun Dec 28 17:02:54 2014
# Generated by iptables-save v1.4.7 on Sun Dec 28 17:02:54 2014
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:ALLOWIN - [0:0]
:ALLOWOUT - [0:0]
ENYIN - [0:0]
ENYOUT - [0:0]
:INVALID - [0:0]
:INVDROP - [0:0]
:LOCALINPUT - [0:0]
:LOCALOUTPUT - [0:0]
:LOGDROPIN - [0:0]
:LOGDROPOUT - [0:0]
:UDPFLOOD - [0:0]
-A INPUT -s 208.67.220.220/32 ! -i lo -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -s 208.67.220.220/32 ! -i lo -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -s 208.67.220.220/32 ! -i lo -p tcp -m tcp --sport 53 -j ACCEPT
-A INPUT -s 208.67.220.220/32 ! -i lo -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -s 208.67.222.222/32 ! -i lo -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -s 208.67.222.222/32 ! -i lo -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -s 208.67.222.222/32 ! -i lo -p tcp -m tcp --sport 53 -j ACCEPT
-A INPUT -s 208.67.222.222/32 ! -i lo -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -s 8.8.4.4/32 ! -i lo -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -s 8.8.4.4/32 ! -i lo -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -s 8.8.4.4/32 ! -i lo -p tcp -m tcp --sport 53 -j ACCEPT
-A INPUT -s 8.8.4.4/32 ! -i lo -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -s 8.8.8.8/32 ! -i lo -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -s 8.8.8.8/32 ! -i lo -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -s 8.8.8.8/32 ! -i lo -p tcp -m tcp --sport 53 -j ACCEPT
-A INPUT -s 8.8.8.8/32 ! -i lo -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -s 211.238.186.4/32 ! -i lo -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -s 211.238.186.4/32 ! -i lo -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -s 211.238.186.4/32 ! -i lo -p tcp -m tcp --sport 53 -j ACCEPT
-A INPUT -s 211.238.186.4/32 ! -i lo -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -s 164.124.101.88/32 ! -i lo -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -s 164.124.101.88/32 ! -i lo -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -s 164.124.101.88/32 ! -i lo -p tcp -m tcp --sport 53 -j ACCEPT
-A INPUT -s 164.124.101.88/32 ! -i lo -p udp -m udp --sport 53 -j ACCEPT
-A INPUT ! -i lo -j LOCALINPUT
-A INPUT -i lo -j ACCEPT
-A INPUT ! -i lo -p tcp -j INVALID
-A INPUT ! -i lo -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 1021 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 111 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 143 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 161 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 465 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 587 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 993 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 995 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 1110 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 1186 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 1194 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 2202 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 11211 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 11212 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 11213 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 11214 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 2049 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 2112 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 22000 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 22001 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 2222 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 3000 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 3334 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 8888 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 81 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 9000 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 9001 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 9312 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 9418 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 10000 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 10500 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 10501 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 6081 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 6082 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 30865 -j ACCEPT
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 3000:3050 -j ACCEPT
-A INPUT ! -i lo -p udp -m state --state NEW -m udp --dport 67 -j ACCEPT
-A INPUT ! -i lo -p udp -m state --state NEW -m udp --dport 68 -j ACCEPT
-A INPUT ! -i lo -p udp -m state --state NEW -m udp --dport 111 -j ACCEPT
-A INPUT ! -i lo -p udp -m state --state NEW -m udp --dport 2049 -j ACCEPT
-A INPUT ! -i lo -p udp -m state --state NEW -m udp --dport 1110 -j ACCEPT
-A INPUT ! -i lo -p udp -m state --state NEW -m udp --dport 33434:33534 -j ACCEPT
-A INPUT ! -i lo -p udp -m state --state NEW -m udp --dport 20 -j ACCEPT
-A INPUT ! -i lo -p udp -m state --state NEW -m udp --dport 21 -j ACCEPT
-A INPUT ! -i lo -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
-A INPUT ! -i lo -p icmp -m icmp --icmp-type 8 -m limit --limit 1/sec -j ACCEPT
-A INPUT ! -i lo -p icmp -m icmp --icmp-type 0 -m limit --limit 1/sec -j ACCEPT
-A INPUT ! -i lo -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A INPUT ! -i lo -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A INPUT ! -i lo -j LOGDROPIN
-A OUTPUT -d 208.67.220.220/32 ! -o lo -p tcp -m tcp --dport 53 -j ACCEPT
-A OUTPUT -d 208.67.220.220/32 ! -o lo -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -d 208.67.220.220/32 ! -o lo -p tcp -m tcp --sport 53 -j ACCEPT
-A OUTPUT -d 208.67.220.220/32 ! -o lo -p udp -m udp --sport 53 -j ACCEPT
-A OUTPUT -d 208.67.222.222/32 ! -o lo -p tcp -m tcp --dport 53 -j ACCEPT
-A OUTPUT -d 208.67.222.222/32 ! -o lo -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -d 208.67.222.222/32 ! -o lo -p tcp -m tcp --sport 53 -j ACCEPT
-A OUTPUT -d 208.67.222.222/32 ! -o lo -p udp -m udp --sport 53 -j ACCEPT
-A OUTPUT -d 8.8.4.4/32 ! -o lo -p tcp -m tcp --dport 53 -j ACCEPT
-A OUTPUT -d 8.8.4.4/32 ! -o lo -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -d 8.8.4.4/32 ! -o lo -p tcp -m tcp --sport 53 -j ACCEPT
-A OUTPUT -d 8.8.4.4/32 ! -o lo -p udp -m udp --sport 53 -j ACCEPT
-A OUTPUT -d 8.8.8.8/32 ! -o lo -p tcp -m tcp --dport 53 -j ACCEPT
-A OUTPUT -d 8.8.8.8/32 ! -o lo -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -d 8.8.8.8/32 ! -o lo -p tcp -m tcp --sport 53 -j ACCEPT
-A OUTPUT -d 8.8.8.8/32 ! -o lo -p udp -m udp --sport 53 -j ACCEPT
-A OUTPUT -d 211.238.186.4/32 ! -o lo -p tcp -m tcp --dport 53 -j ACCEPT
-A OUTPUT -d 211.238.186.4/32 ! -o lo -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -d 211.238.186.4/32 ! -o lo -p tcp -m tcp --sport 53 -j ACCEPT
-A OUTPUT -d 211.238.186.4/32 ! -o lo -p udp -m udp --sport 53 -j ACCEPT
-A OUTPUT -d 164.124.101.88/32 ! -o lo -p tcp -m tcp --dport 53 -j ACCEPT
-A OUTPUT -d 164.124.101.88/32 ! -o lo -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -d 164.124.101.88/32 ! -o lo -p tcp -m tcp --sport 53 -j ACCEPT
-A OUTPUT -d 164.124.101.88/32 ! -o lo -p udp -m udp --sport 53 -j ACCEPT
-A OUTPUT ! -o lo -j LOCALOUTPUT
-A OUTPUT ! -o lo -p tcp -m tcp --dport 53 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m tcp --sport 53 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m udp --sport 53 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT ! -o lo -p tcp -j INVALID
-A OUTPUT ! -o lo -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 465 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 587 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 111 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 2049 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 1110 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 1194 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 9418 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 1021 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 113 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 993 -j ACCEPT
-A OUTPUT ! -o lo -p tcp -m state --state NEW -m tcp --dport 995 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 67 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 68 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 111 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 2049 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 1110 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 33434:33534 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 20 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 21 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 113 -j ACCEPT
-A OUTPUT ! -o lo -p udp -m state --state NEW -m udp --dport 123 -j ACCEPT
-A OUTPUT ! -o lo -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A OUTPUT ! -o lo -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT ! -o lo -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A OUTPUT ! -o lo -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A OUTPUT ! -o lo -j LOGDROPOUT
-A ALLOWIN -m set --match-set chain_ALLOW src -j ACCEPT
-A ALLOWOUT -m set --match-set chain_ALLOW dst -j ACCEPT
-A DENYIN -m set --match-set chain_DENY src -j DROP
-A DENYOUT -m set --match-set chain_DENY dst -j LOGDROPOUT
-A INVALID -m state --state INVALID -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags FIN,ACK FIN -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags PSH,ACK PSH -j INVDROP
-A INVALID -p tcp -m tcp --tcp-flags ACK,URG URG -j INVDROP
-A INVALID -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j INVDROP
-A INVDROP -j DROP
-A LOCALINPUT ! -i lo -j ALLOWIN
-A LOCALINPUT ! -i lo -j DENYIN
-A LOCALOUTPUT ! -o lo -j ALLOWOUT
-A LOCALOUTPUT ! -o lo -j DENYOUT
-A LOCALOUTPUT ! -o lo -p udp -j UDPFLOOD
-A LOGDROPIN -p tcp -m tcp --dport 111 -j DROP
-A LOGDROPIN -p udp -m udp --dport 111 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 113 -j DROP
-A LOGDROPIN -p udp -m udp --dport 113 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 135:139 -j DROP
-A LOGDROPIN -p udp -m udp --dport 135:139 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 445 -j DROP
-A LOGDROPIN -p udp -m udp --dport 445 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 500 -j DROP
-A LOGDROPIN -p udp -m udp --dport 500 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 513 -j DROP
-A LOGDROPIN -p udp -m udp --dport 513 -j DROP
-A LOGDROPIN -p tcp -m tcp --dport 520 -j DROP
-A LOGDROPIN -p udp -m udp --dport 520 -j DROP
-A LOGDROPIN -p tcp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *TCP_IN Blocked* "
-A LOGDROPIN -p udp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *UDP_IN Blocked* "
-A LOGDROPIN -p icmp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *ICMP_IN Blocked* "
-A LOGDROPIN -j DROP
-A LOGDROPOUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 30/min -j LOG --log-prefix "Firewall: *TCP_OUT Blocked* " --lo g-uid
-A LOGDROPOUT -p udp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *UDP_OUT Blocked* " --log-uid
-A LOGDROPOUT -p icmp -m limit --limit 30/min -j LOG --log-prefix "Firewall: *ICMP_OUT Blocked* " --log-uid
-A LOGDROPOUT -j DROP
-A UDPFLOOD -p udp -m owner --uid-owner root -j RETURN
-A UDPFLOOD ! -o lo -p udp -m limit --limit 100/sec --limit-burst 500 -j RETURN
-A UDPFLOOD -m limit --limit 30/min -j LOG --log-prefix "Firewall: *UDPFLOOD* " --log-uid
-A UDPFLOOD ! -o lo -p udp -j DROP
COMMIT
# Completed on Sun Dec 28 17:02:54 2014

On /etc/hosts i have:


127.0.0.1 localhost localhost.localdomain
37.187.151.21 server.mydomain.com server



Quote:
Which makes me wonder how this person diagnosed things.
I explain why on my previous post....

I was not able to ping almost anything and also i got wget errors and yum errors and postfx problems that i still have if i change now the Korean nameserver....

Also check this using Google's nameserver:

http://mirror-fr1.bbln.org/centos/6....ta/repomd.xml: [Errno 14] PYCURL ERROR 6 - "Couldn't resolve host 'mirror-fr1.bbln.org'"

Couldn't resolve host is the problem that i have with all those nameservers..... even if i can ping fine...

Now with the Google nameservers i can ping but i am getting the same problems.

Changing to Korean nameserver all are fine....

Last edited by ASTRAPI; 12-28-2014 at 10:32 AM.
 
Old 12-28-2014, 11:08 AM   #18
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529
Quote:
Originally Posted by ASTRAPI View Post
I enable my csf firewall and i run again the iptables-save
The rule set looks decidedly horrendous.
But at least it allows some DNS IP addresses.


Quote:
Originally Posted by ASTRAPI View Post
I explain why on my previous post...
No, you (nor the other person) explained it.
At least not in a technical way I can understand.


Quote:
Originally Posted by ASTRAPI View Post
Changing to Korean nameserver all are fine....
Then use that until you find a fix.
Note that running a caching name server (pdnsd, dnsmasq, hell even ISC BINDs caching name server) may save time with repeated lookups.


Quote:
Originally Posted by ASTRAPI View Post
;; Truncated, retrying in TCP mode.
Missed that one BTW.
The only way I know to combat that would be to use pdnsd as it is the only caching name server I know that can actively decide to use TCP first and fall back to using UDP ("-mtu").
 
Old 12-28-2014, 04:35 PM   #19
ASTRAPI
Member
 
Registered: Feb 2007
Posts: 210

Original Poster
Rep: Reputation: 16
Ok thanks for your help

Let's hope that i found a more reliable dns provider close to France until i found a fix for Google's nameservers
 
Old 12-28-2014, 05:09 PM   #20
ASTRAPI
Member
 
Registered: Feb 2007
Posts: 210

Original Poster
Rep: Reputation: 16
How can i manually ping domains with custom nameserver on the command so i can test before do the change on resolv file?

Is it also possible to do this for a wget command?

Thanks
 
Old 12-28-2014, 05:41 PM   #21
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529
No idea what you're trying to do but if you want to gauge the response speed of a Domain Name Server you could use a script like this:
Code:
#!/bin/sh
PROGN="dnsspeed.sh"; [ `id -u` -eq 0 ] && exit 127; _help() { echo "${PROGN}: give \
IP address of Name Server as argument"; exit 0; }; CHAR="${1:0:1}"; [ $# -eq 0 -o \
$# -gt 1 -o "${CHAR}" = "${CHAR//[0-9]/}" ] && _help; NSIP="$1"; QUERY="-t A google\
.com"; /usr/bin/dig +norecurse +noanswer +nocmd +noquestion +nocomments $QUERY @\
"${NSIP}" 2>&1|awk -v NS="${NSIP}" '/Query time:/{print NS":",$4, $5}'; exit 0
Use:
Code:
/usr/local/bin/dnsspeed.sh 8.8.8.8
8.8.8.8: 10 msec
 
Old 12-28-2014, 06:23 PM   #22
ASTRAPI
Member
 
Registered: Feb 2007
Posts: 210

Original Poster
Rep: Reputation: 16
Not the speed but test resolve with custom nameserver every time like so i can see if i can resolve guthub.com with 8.8.8.8 and then the same with 8.8.4.4 and so on:

So if i found a dns that can resolve github.com for example i think it will work for the rest also...
 
Old 12-28-2014, 08:28 PM   #23
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529
Code:
#!/bin/sh
PROGN="resolvecheck.sh"; [ `id -u` -eq 0 ] && exit 127; _help() { echo "${PROGN}: give \
IP address of Name Server as argument"; exit 0; }; CHAR="${1:0:1}"; [ $# -eq 0 -o \
$# -gt 1 -o "${CHAR}" = "${CHAR//[0-9]/}" ] && _help; NSIP="$1"; QUERY="-t A github\
.com"; RES="192.30.252.128"; RAW=($(/usr/bin/dig +nostats +nocmd +noquestion +nocomments \
$QUERY @"${NSIP}" 2>/dev/null)); [ "${RAW[4]}" = "${RES}" ] && echo "${NSIP}: OK" || echo \
"${NSIP}: EPIC FAIL"; exit 0
 
1 members found this post helpful.
Old 12-29-2014, 07:26 AM   #24
ASTRAPI
Member
 
Registered: Feb 2007
Posts: 210

Original Poster
Rep: Reputation: 16
Thanks
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Centos 6.5: search domain not added to /etc/resolv.conf (IPv6 DNS server) JohanHarmsen Linux - Newbie 4 08-27-2014 10:20 AM
Newbie DNS server & /etc/resolv.conf problem (CentOS 5.x) aspasia Linux - Newbie 0 03-24-2008 06:10 PM
DNS Hosts.conf or resolv.conf problem mac_casey SUSE / openSUSE 0 03-26-2006 10:21 AM
where does system-config-network put dns info, besides /etc/resolv.conf ? bdp Fedora 1 09-03-2004 01:09 AM
Resolv.conf tristan_vdv Linux - Networking 2 11-20-2001 07:49 PM


All times are GMT -5. The time now is 10:19 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration