Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a caching DNS server at the office and the companies website is being hosted my another web hosting company. Intermittently the problem that I am having is only locally from inside the office network I cannot get to the own companies website. We can go to any other website without any issues, it is only the companies website that nobody can get to it. Outside of the company you are fine! I called the web hosting company and we went to megaproxy.com and tested to see if it was their end or my end and we were able to get to the website from the proxy without any issues. But when I try and get their from with the company it says:
PHP Code:
The requested URL could not be retrieved
While trying to retrieve the URL: http://www.nodomain.com/
The following error was encountered:
Unable to determine IP address from host name for www.nodoamin.com
The dnsserver returned:
Name Error: The domain name does not exist.
This means that:
The cache was not able to resolve the hostname presented in the URL. Check if the address is correct.
Your cache administrator is webmaster. Generated Mon, 23 Jul 2007 15:59:19 GMT by sludge.local.net (squid/2.5.STABLE10)
I tried it from the firewall and it is the same. When I try it from the DMZ I can get to it without any problems. I have a caching DNS server and it forwards requests that it can find locally to an external DNS server. What could this be. Very odd! Another point. I do not have port 53 open to only establish or related tcp connections. Does that make a difference. It has been working! Also I have two domains, daman.com and daman.net. I have daman.net redirect all traffic to daman.com. I can ping daman.net and get a reply but I cannot ping daman.com and I cannot get to either domain!
For security reasons I use nodomain.com as the domain.
Should I add a A record pointing to the IP address of the domain or is that a major security risk?
Last edited by metallica1973; 07-26-2007 at 10:07 PM.
Have you tried pinging www.yourcompany.com? If so, does it resolve with your domain name and static IP address? What are the techologies that you are using to cache dns? Do you have a proxy?
I have tried pinging www.mycompany.com and zero I get nothing. I can ping the ip address and get a response no problems at all. I use Squid as my proxy and dansguardian as my filter but I am doing this directly from my firewall. This issue is intermittent!
Last edited by metallica1973; 07-23-2007 at 11:10 AM.
ok, well intermittent *could* mean that you are using different name servers or something... use a (you guessed it...) packet sniffer to see where your packets are actually going, and also dedicated dns tools like dig and host to just directly inspect the dns infrastructure, rather than just trying to use it within other tools like ping.
There must be some confusion with the local domain NODOMAIN.com and the NODOMAIN.com for my Hosting company. I know that it is local because you can go to megaproxy.com and put it the domain and bam it is there and all of my clients can get to it externally!help!
Last edited by metallica1973; 07-23-2007 at 01:11 PM.
What the heck is going on. Now I can get to www.mycompanydomain.com. It is very intermittent. I had a computer that wouldnt install certain windows update. I just reformatted that machine and now everything is back up to normal. Could a trojan,virus, or something had been causing an issue like this? When you have a caching DNS server like the one that I have at my clients site how does it distinguish what is internal mycompanydomain.com(LAN) traffic and www.mycompanydomain.com(WAN) traffic
Possible. But if you're using squid, then probably you also can't resolve any site since its just a web proxy. Why not trying IPCop? It's an all around proxy,gateway and firewall
I have to rule out the proxy because all of my testing is in front of the proxy and on my firewall. So far so good this morning. I am just trying to understand why it is just my domain. Is there any settings in BIND that should be set so internal request know to go to that IP address. Maybe something is not setup right in BIND?
Ok here is a new update. I can get to the website in the DMZ but not inside of the network on any computer. I know that it has something to due with BIND. Where should I start looking?
Ok here is a new update. I can get to the website in the DMZ but not inside of the network on any computer. I know that it has something to due with BIND. Where should I start looking?
Does your firewall run PAT? If so, you are going to be having problems till hell freezes over. The explanation is rather long, if you are interested, check Cisco's site for details. My suggestion to you is split DNS. Run an internal authoritative DNS server that services only your internal clients, external clients are serviced by your external service provider. Add the forward and reverse records to your DNS tables. That should take care of your woes. Also, check to make sure that Bind is not querying on port 53. A lot of sites hate this. So if you have the line:
and still the same thing! I have a caching DNS server that does split the DNS responsibilities. It resolves internal host fine and then forwards any requests that it cant satisfy to external DNS servers. Where should I begin looking. It is only the #$!@#$!@#$ companies website that we cannot get to0. But from the DMZ I do not have a problem!
Also another note:
The domain inside the network (mycompany.com)is the same as the website(mycompany.com). So how does DNS no the diffence and where to send requests too. In other words internal from external and the other way around!
Last edited by metallica1973; 07-26-2007 at 10:19 PM.
and still the same thing! I have a caching DNS server that does split the DNS responsibilities. It resolves internal host fine and then forwards any requests that it cant satisfy to external DNS servers. Where should I begin looking. It is only the #$!@#$!@#$ companies website that we cannot get to0. But from the DMZ I do not have a problem!
Also another note:
The domain inside the network (mycompany.com)is the same as the website(mycompany.com). So how does DNS no the diffence and where to send requests too. In other words internal from external and the other way around!
Sigh,
Is your firewall running PAT (port address translation)? If it is, you can not use a caching nameserver, period.
Second, from the information that you have posted, it does not sound like you have a split DNS setup correctly. Please post your config files:
/etc/resolv.conf, /etc/named.conf, and your zone files.
$TTL 1W $ORIGIN 0.0.127.in-addr.arpa. @ IN SOA localhost. root.localhost. ( 42 ; serial (d. adams) 2D ; refresh 4H ; retry 6W ; expiry 1W ) ; minimum
IN NS localhost. 1 IN PTR localhost.
/var/named/zone.com.Mycompanydomain
PHP Code:
$TTL 1D ; ; Anythime you make a change to the domain , change the "serial setting below. Here is the format "YYYYMMDDI" ; Mycompanydomain.com. IN SOA DNS_SERVER.Mycompanydomain.com. user.Mycompanydomain.com. (
DNS_SERVER.Mycompanydomain.com. IN A 192.168.3.1 nameserver IN CNAME DNS_SERVER.Mycompanydomain.com. WS_1.Mycompanydomain.com. IN A 192.168.3.2 WS_2.Mycompanydomain.com. IN A 192.168.3.5 WS_3.Mycompanydomain.com. IN A 192.168.3.30 WS_4.Mycompanydomain.com. IN A 192.168.3.27 WS_5.Mycompanydomain.com. IN A 192.168.3.21 ;WS_6.Mycompanydomain.com. IN A 192.168.3.21 ;Mycompanydomain.com IN A ... IP.ADDR.OF.DOMAIN
; Define the authoritative name server IN NS DNS_SERVER.Mycompanydomain.com.
; Our Host, in numeric order 1 IN PTR DNS_SERVER.Mycompanydomain.com. 2 IN PTR WS_1.Mycompanydomain.com 3 IN PTR WS_2.Mycompanydomain.com. 4 IN PTR WS_3.Mycompanydomain.com. 5 IN PTR WS_4.Mycompanydomain.com. 6 IN PTR WS_5.Mycompanydomain.com. 7 IN PTR WS_6.Mycompanydomain.com. ;8 IN PTR WS_7.Mycompanydomain.com.
Last edited by metallica1973; 07-27-2007 at 07:31 PM.
If I understand you, it's just the single name<->ip-address look-up that causes a problem. So why not just put this name/address in the static /etc/hosts table?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.