Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,338
Rep:
DNS issue
I setted up a local DNS server so I can have fake domains on my LAN such as www.iceteks.loc which connects to my local version of my site, but every now and then it "dies" and on the clients I need to do an ipconfig /renew for it to work again. It seems to do this like every 15 minutes. It's VERY annoying. Is there a way to fix this? I'm thinking it's more of a client issue then the server itself but it's hard to tell.
Have a look at the log files of your DHCP server as well as the /var/log/messages log to see if you can spot anything strange when this happens
Questions to ask:
Do the server get the DHCP request? Do the server send a correct lease to the client?
What are the settings for the DHCP server? Lease time?
Do the client send any request when things get wrong? If so what does it say?
Tip: Use this command to show the last few lines of a file and let it monitor that file for new entries.
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,338
Original Poster
Rep:
The DHCP server is not running linux, but is a router, it has the server as primary DNS and my isp's as secondary (I can't change that since it ads it on by default, I would need 3 local DNS servers to avoid this) and is outside the DHCP range and has a static IP, while the clients are both Windows 2000, but DNS is DNS so wether they're windows or not does not matter. I should be able to connect any machine and it should directly be able to resolve the local domains correctly.
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,338
Original Poster
Rep:
It seems to do it more and more often now, at first I only had to do ipconfig /renew for local domains to work, now I have to do it like every 5 minutes since everything just "dies" and it can't resolve nothing but real domains. What's up with this anyway? And what does ipconfig have to do with dns? (I don't even know what made me think of trying that in first place) I really need this fixed once and for all, it's driving me insane.
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,338
Original Poster
Rep:
Code:
*** Can't find server name for address 192.168.1.10: Non-existent domain
Server: ns1.nt.net
Address: 209.226.51.10
*** ns1.nt.net can't find www.iceteks.loc: Non-existent domain
From the looks of it it's still trying to connect to my ISP's server for some reason. I'm using a linksys router, is there a way to stop it from automaticly apending the ISP server as secondary? I tried just putting my server for all 3 servers but that just screwed everything up. I can't afford 2 more local servers so that's not an option.
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,338
Original Poster
Rep:
"Can't find server name for address 192.168.1.10" This part makes no sense, why would I need a domain for a DNS server? That would be impossible, since I would need to have a different DNS server to then tell what the IP of the name is, but then I'd get the same problem with that server so I'd need another server etc... it's recursive.
Is there a way around this? But first off I really need to get this thing to work all the time, and not just when it feels like it, like it's doing now. Also, I get that error regardless of if it works or not, so I don't think it's even related.
Don't know what is causing your problem, but I can shed some light on what nslookup is reporting.
The first thing nslookup does is try to do a reverse lookup on the IP address of the name server specified. In your case 192.168.1.10. If it can't find the name for that IP address, it will report that. But... it should still query the DNS server. If the DNS server is not answering queries, then nslookup (resolver libs actually) will try the next DNS server and so on until it gets an answer or times out.
Nslookup also has a good debug feature that might help you diagnose your porblem. Simply type:
nslookup -debug www.whatever.com
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,338
Original Poster
Rep:
Ok this is really weird, here is the output of it.
Code:
C:\>nslookup -debug www.iceteks.loc
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
10.1.168.192.in-addr.arpa, type = PTR, class = IN
AUTHORITY RECORDS:
-> 168.192.in-addr.arpa
ttl = 1391 (23 mins 11 secs)
primary name server = prisoner.iana.org
responsible mail addr = hostmaster.root-servers.org
serial = 2002040800
refresh = 1800 (30 mins)
retry = 900 (15 mins)
expire = 604800 (7 days)
default TTL = 604800 (7 days)
------------
*** Can't find server name for address 192.168.1.10: Non-existent domain
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 2, additional = 2
QUESTIONS:
10.51.226.209.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 10.51.226.209.in-addr.arpa
name = ns1.nt.net
ttl = 86400 (1 day)
AUTHORITY RECORDS:
-> 51.226.209.in-addr.arpa
nameserver = ns1.nt.net
ttl = 86400 (1 day)
-> 51.226.209.in-addr.arpa
nameserver = ns3.bellglobal.com
ttl = 86400 (1 day)
ADDITIONAL RECORDS:
-> ns1.nt.net
internet address = 209.226.51.10
ttl = 86400 (1 day)
-> ns3.bellglobal.com
internet address = 198.235.216.130
ttl = 80829 (22 hours 27 mins 9 secs)
------------
Server: ns1.nt.net
Address: 209.226.51.10
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
www.iceteks.loc.dsl.nt.net, type = A, class = IN
AUTHORITY RECORDS:
-> nt.net
ttl = 28800 (8 hours)
primary name server = ns1.nt.net
responsible mail addr = admin.nt.net
serial = 2004102202
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
default TTL = 28800 (8 hours)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 4, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
www.iceteks.loc.nt.net, type = A, class = IN
AUTHORITY RECORDS:
-> nt.net
ttl = 28800 (8 hours)
primary name server = ns1.nt.net
responsible mail addr = admin.nt.net
serial = 2004102202
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
default TTL = 28800 (8 hours)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 5, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
www.iceteks.loc, type = A, class = IN
AUTHORITY RECORDS:
-> (root)
ttl = 10767 (2 hours 59 mins 27 secs)
primary name server = A.ROOT-SERVERS.NET
responsible mail addr = NSTLD.VERISIGN-GRS.COM
serial = 2004103001
refresh = 1800 (30 mins)
retry = 900 (15 mins)
expire = 604800 (7 days)
default TTL = 86400 (1 day)
------------
*** ns1.nt.net can't find www.iceteks.loc: Non-existent domain
And nslookup -d2 gives this:
Code:
------------
SendRequest(), len 43
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
10.1.168.192.in-addr.arpa, type = PTR, class = IN
------------
------------
Got answer (120 bytes):
HEADER:
opcode = QUERY, id = 1, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
10.1.168.192.in-addr.arpa, type = PTR, class = IN
AUTHORITY RECORDS:
-> 168.192.in-addr.arpa
type = SOA, class = IN, dlen = 65
ttl = 1164 (19 mins 24 secs)
primary name server = prisoner.iana.org
responsible mail addr = hostmaster.root-servers.org
serial = 2002040800
refresh = 1800 (30 mins)
retry = 900 (15 mins)
expire = 604800 (7 days)
default TTL = 604800 (7 days)
------------
------------
SendRequest(), len 44
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
10.51.226.209.in-addr.arpa, type = PTR, class = IN
------------
------------
Got answer (169 bytes):
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 2, additional = 2
QUESTIONS:
10.51.226.209.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 10.51.226.209.in-addr.arpa
type = PTR, class = IN, dlen = 12
name = ns1.nt.net
ttl = 86400 (1 day)
AUTHORITY RECORDS:
-> 51.226.209.in-addr.arpa
type = NS, class = IN, dlen = 2
nameserver = ns1.nt.net
ttl = 86400 (1 day)
-> 51.226.209.in-addr.arpa
type = NS, class = IN, dlen = 20
nameserver = ns3.bellglobal.com
ttl = 86400 (1 day)
ADDITIONAL RECORDS:
-> ns1.nt.net
type = A, class = IN, dlen = 4
internet address = 209.226.51.10
ttl = 86400 (1 day)
-> ns3.bellglobal.com
type = A, class = IN, dlen = 4
internet address = 198.235.216.130
ttl = 80602 (22 hours 23 mins 22 secs)
------------
Server: ns1.nt.net
Address: 209.226.51.10
------------
SendRequest(), len 44
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
www.iceteks.loc.dsl.nt.net, type = A, class = IN
------------
------------
Got answer (96 bytes):
HEADER:
opcode = QUERY, id = 3, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
www.iceteks.loc.dsl.nt.net, type = A, class = IN
AUTHORITY RECORDS:
-> nt.net
type = SOA, class = IN, dlen = 34
ttl = 28800 (8 hours)
primary name server = ns1.nt.net
responsible mail addr = admin.nt.net
serial = 2004102202
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
default TTL = 28800 (8 hours)
------------
------------
SendRequest(), len 40
HEADER:
opcode = QUERY, id = 4, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
www.iceteks.loc.nt.net, type = A, class = IN
------------
------------
Got answer (92 bytes):
HEADER:
opcode = QUERY, id = 4, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
www.iceteks.loc.nt.net, type = A, class = IN
AUTHORITY RECORDS:
-> nt.net
type = SOA, class = IN, dlen = 34
ttl = 28800 (8 hours)
primary name server = ns1.nt.net
responsible mail addr = admin.nt.net
serial = 2004102202
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
default TTL = 28800 (8 hours)
------------
------------
SendRequest(), len 33
HEADER:
opcode = QUERY, id = 5, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
www.iceteks.loc, type = A, class = IN
------------
------------
Got answer (108 bytes):
HEADER:
opcode = QUERY, id = 5, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
www.iceteks.loc, type = A, class = IN
AUTHORITY RECORDS:
-> (root)
type = SOA, class = IN, dlen = 64
ttl = 10540 (2 hours 55 mins 40 secs)
primary name server = A.ROOT-SERVERS.NET
responsible mail addr = NSTLD.VERISIGN-GRS.COM
serial = 2004103001
refresh = 1800 (30 mins)
retry = 900 (15 mins)
expire = 604800 (7 days)
default TTL = 86400 (1 day)
------------
I'm not too sure what exactly is going on, but it does not look good. I'm seeing stuff that should not be there, such as root servers and stuff that is not even on my LAN. In the first section prisoner.iana.org is interesting, since I have no clue where it comes from, and that's what I'm going to be if it turns out I did something to screw up with root DNS servers.
Your server is NOT answering queries. So your systems resolver libs are using the next server listed. Which looks to be your ISP's. There is not way in hell that your ISP's name server is going to answer any queries for your "private (.loc)" network, but it tried by going to the root name servers which returned NXDOMAIN. Which in this case would be a normal response.
Lets take a big step backwards and verify that your DNS server is actually...
1) running
2) answering queries for your icetek.loc domain
3) answering queries for the reverse lookups on 192.160.1.0/24
Do NOT use nslookup from your winders box, but rather login into your linux system and use the following commands.
1) # rndc status
2) # dig www.iceteks.loc a
3) # dig -x 192.168.1.10
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,338
Original Poster
Rep:
This is what I get:
Code:
[root@localhost root]# rndc status
number of zones: 5
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
server is up and running
[root@localhost root]# dig www.iceteks.loc a
; <<>> DiG 9.2.1 <<>> www.iceteks.loc a
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21123
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;www.iceteks.loc. IN A
;; ANSWER SECTION:
www.iceteks.loc. 259200 IN CNAME server.loc.
server.loc. 259200 IN A 192.168.1.10
;; AUTHORITY SECTION:
loc. 259200 IN NS server.loc.
;; Query time: 1 msec
;; SERVER: 192.168.1.10#53(192.168.1.10)
;; WHEN: Sat Oct 30 22:54:39 2004
;; MSG SIZE rcvd: 84
[root@localhost root]# dig +x 192.168.1.10
Invalid option: +x
Usage: dig [@global-server] [domain] [q-type] [q-class] {q-opt}
{global-d-opt} host [@local-server] {local-d-opt}
[ host [@local-server] {local-d-opt} [...]]
Use "dig -h" (or "dig -h | more") for complete list of options
[root@localhost root]#
I also ran Ethereal on my windows machine and went on various domains including local ones and all the DNS requests were pointing to my lan server which is kind of odd.
Also, why is it that sometimes the domains work, sometimes they don't. If the server has something wrong with it, it should not work at all. This is what is confusing me the most.
Sorry, step 3 should have been:
# dig -x 192.168.1.10
I updated my previous post.
Anyway, your DNS server seems to be running and it returned an answer for www.iceteks.loc. Although the authority section for the query seems odd. i.e. loc.
I still think running ethereal is going to help you find the source of your problem. You might need to run ethereal on both your winders client and your DNS server to see where this breakdown is occuring.
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,338
Original Poster
Rep:
loc is just what I named it, since I did not want to use a valid top level domain for my local network. I ran ethereal and it seems to always check my server for queries, all the connections were going to it as far as DNS goes.
Originally posted by scowles
Nslookup also has a good debug feature that might help you diagnose your porblem. Simply type:
nslookup -debug www.whatever.com
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.