LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   DNS lookups not working on dialup connection (https://www.linuxquestions.org/questions/linux-networking-3/dns-lookups-not-working-on-dialup-connection-121901/)

foboldfky 12-02-2003 05:50 AM
DNS lookups not working on dialup connection
 
Well, this sucks... I've been trying to set up a Linux internet machine for my family LAN. Basically, all it has to do is sit there making sure it's connected to the net, and doing IP Masq. for the rest of the internal network. I didn't think it would be a walk in the park, but it's just starting to peeve me off now...

Here's where I'm at: I can get pppd to dial up to my ISP ok. I can ping the ISP's server, the dns servers, and an on-the-net IP (provided by the guide mentioned below). I got the DNS servers from our Windows machine which we're currently using to connect to the net by running `ipconfig /all', and the guide I used to setup PPP was "How to hook up PPP on Linux" by W. G. Unruh (axion.physics.ubc.ca/ppp-linux.html) (BTW: the LDP's HOWTOs on the subject were like trying to read gibberish).

Now, I've tried everything that I could find in that guide, the PPP-HOWTO, NET-HOWTO, and I've searched on google and this message board for about three hours now, and I totally give up. Nothing seems to work.

Below, I've posted the contents of the config files that are related to this (as far as I know), and the output of some commands. Absolutely ANY help as to what's going on would be greatly appreciated. I've changed the IP addresses, phone number, etc. Don't know if that can be used in some malicious way, but better safe than sorry. If there's something else you need to know, please tell me so I can tell you :)

pppd version: 2.4.1
kernel version: 2.4.18-14
Red Hat Linux 8.0 3.2-7

Output of `hostname`
Code:
gatekeeper.cairns.net.au
Output of `ifconfig`
Code:
eth0      Link encap:Ethernet  HWaddr 00:60:67:65:BD:A2 
          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:52912 errors:0 dropped:0 overruns:0 frame:0
          TX packets:60578 errors:0 dropped:0 overruns:0 carrier:0
          collisions:1658 txqueuelen:100
          RX bytes:39316209 (37.4 Mb)  TX bytes:6413412 (6.1 Mb)
          Interrupt:10 Base address:0xe800

lo        Link encap:Local Loopback 
          ...

ppp0      Link encap:Point-to-Point Protocol 
          inet addr:210.11.xxx.xxx  P-t-P:172.16.xxx.xxx  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:576  Metric:1
          RX packets:105 errors:1 dropped:0 overruns:0 frame:0
          TX packets:190 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:12458 (12.1 Kb)  TX bytes:21261 (20.7 Kb)
Output of `route -n`
Code:
Kernel IP routing table
Destination    Gateway        Genmask        Flags Metric Ref    Use Iface
172.16.xxx.xxx  0.0.0.0        255.255.255.255 UH    0      0        0 ppp0
192.168.0.0    0.0.0.0        255.255.255.0  U    0      0        0 eth0
127.0.0.0      0.0.0.0        255.0.0.0      U    0      0        0 lo
0.0.0.0        172.16.xxx.xxx  0.0.0.0        UG    0      0        0 ppp0
Contents of /etc/host.conf
Code:
order hosts,bind
multi on
Contents of /etc/hosts
Code:
127.0.0.1        localhost loopback
192.168.0.1        gatekeeper.keeperlan
Contents of /etc/hosts.allow
Code:
ALL: 127.0.0.1 127.0.0.0 192.168.0.0/255.255.255.0
Contents of /etc/hosts.deny
Code:
ALL:ALL
Extract from /etc/nsswitch.conf (I'm not posting the whole thing :P)
Code:
...
hosts:      files nisplus dns
...
Contents of /etc/resolv.conf
Code:
domain                cairns.net.au
nameserver        202.4.31.130
nameserver        203.55.215.34
options                debug
Contents of /etc/ppp/options
Code:
lock
crtscts
defaultroute
noauth
nobsdcomp
Greatly abbreviated output from a single PPP session (logged to /var/log/ppp)
I also broke up the longer lines a bit
Code:
pppd: pppd 2.4.1 started by root, uid 0
chat: send (ATZ^M)
chat: expect (OK)
chat: ATZ^M^M
chat: OK
chat:  -- got it
chat: send (ATM1L1^M)
chat: expect (OK)
chat: ^M
chat: ATM1L1^M^M
chat: OK
chat:  -- got it
chat: send (ATDT183240nnnnnn^M)
chat: expect (CONNECT)
chat: ^M
chat: ATDT183240nnnnnn^M^M
chat: CONNECT
chat:  -- got it
chat: send (\d)
pppd: Serial connection established.
pppd: using channel 1
pppd: Using interface ppp0
pppd: Connect: ppp0 <--> /dev/modem
pppd: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x2f72f6bc> <pcomp> <accomp>]
pppd: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x2f72f6bc> <pcomp> <accomp>]
pppd: rcvd [LCP ConfReq id=0x9b <mru 576> <magic 0xcf8581> <asyncmap 0x0> <mrru 1600>
  < 17 04 01 16> <auth pap> <endpoint [MAC:08:00:03:04:06:dc]>]
pppd: sent [LCP ConfRej id=0x9b <mrru 1600> < 17 04 01 16>]
pppd: rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x2f72f6bc> <pcomp> <accomp>]
pppd: rcvd [LCP ConfReq id=0x9c <mru 576> <magic 0xcf8581> <asyncmap 0x0> <auth pap>
  <endpoint [MAC:08:00:03:04:06:dc]>]
pppd: sent [LCP ConfAck id=0x9c <mru 576> <magic 0xcf8581> <asyncmap 0x0> <auth pap>
  <endpoint [MAC:08:00:03:04:06:dc]>]
pppd: sent [PAP AuthReq id=0x1 user="myusername" password=<hidden>]
pppd: sent [PAP AuthReq id=0x2 user="myusername" password=<hidden>]
pppd: rcvd [PAP AuthAck id=0x2 "Access permitted for user \"myusername\"\r\n"]
pppd: Remote message: Access permitted for user "myusername"^M^J
pppd: sent [IPCP ConfReq id=0x1 <addr 0.0.0.0> <compress VJ 0f 01>]
pppd: sent [CCP ConfReq id=0x1 <deflate 15> <deflate(old#) 15>]
pppd: rcvd [IPCP ConfReq id=0x1 <addr 172.16.xxx.xxx>]
pppd: sent [IPCP ConfAck id=0x1 <addr 172.16.xxx.xxx>]
pppd: rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]
pppd: sent [IPCP ConfReq id=0x2 <addr 0.0.0.0>]
pppd: rcvd [LCP ProtRej id=0x9d 80 fd 01 01 00 0c 1a 04 78 00 18 04 78 00]
pppd: rcvd [IPCP ConfNak id=0x2 <addr 210.11.xxx.xxx>]
pppd: sent [IPCP ConfReq id=0x3 <addr 210.11.xxx.xxx>]
pppd: rcvd [IPCP ConfAck id=0x3 <addr 210.11.xxx.xxx>]
pppd: local  IP address 210.11.xxx.xxx
pppd: remote IP address 172.16.xxx.xxx
pppd: Script /etc/ppp/ip-up started (pid 3823)
pppd: Script /etc/ppp/ip-up finished (pid 3823), status = 0x0
pppd: Terminating on signal 15.
pppd: Script /etc/ppp/ip-down started (pid 4275)
pppd: sent [LCP TermReq id=0x2 "User request"]
pppd: Script /etc/ppp/ip-down finished (pid 4275), status = 0x0
pppd: sent [LCP TermReq id=0x3 "User request"]
pppd: Connection terminated.
pppd: Connect time 43.0 minutes.
pppd: Sent 21746 bytes, received 12761 bytes.
pppd: Exit.

zaphodiv 12-02-2003 08:13 AM
> I've changed the IP addresses
If the machine is insecure it will get owned anyway. Constant scans
are a part of being conneted to the internet these days.

I assume that internet access by ip address works?

Extract from /etc/nsswitch.conf
hosts: files nisplus dns

Shouldn't that be just
hosts: files dns

paul.nel 12-02-2003 08:39 AM
What does your firewall rules look like? Please post teh output of iptables -L. For a start try to disable your firewall with service iptables stop. If this works I suggest you rebuild your firewall. The IP Maquarade How To at www.tldp.org. has some good pointers.

Regards
p.n

foboldfky 12-02-2003 08:50 AM
Quote:
Shouldn't that be just
hosts: files dns
The guide I was following said that it wouldn't make any difference, so long as those two were in the right order. I'll try removing it, and see if it helps.

Also, here's the output of iptables -L:
Code:
Chain INPUT (policy ACCEPT)
target    prot opt source              destination
RH-Lokkit-0-50-INPUT  all  --  anywhere            anywhere

Chain FORWARD (policy ACCEPT)
target    prot opt source              destination

Chain OUTPUT (policy ACCEPT)
target    prot opt source              destination

Chain RH-Lokkit-0-50-INPUT (1 references)
target    prot opt source              destination
ACCEPT    all  --  anywhere            anywhere
ACCEPT    all  --  anywhere            anywhere
REJECT    tcp  --  anywhere            anywhere          tcp
  flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT    udp  --  anywhere            anywhere          udp
  reject-with icmp-port-unreachable
I have no idea what it means :D ( /me is :newbie: )

Actually, I'd forgotten about the firewall; since it was going to be a net router/machine, I set it to high in the Red Hat config. My idea was to basically get it connecting to the net first, then setting up IP masquerading, and then fine-tune the firewall. I'll try disabling it tomorrow. It's late over here, and to test the machine, I have to pull the modem out of this machine, and stick it in the Linux box. But first, I need sleep :)

Also, as for the IP masquerading HOWTO, I've read that one too... I think most of it went over my head, although I'm planning on re-reading it when I come to setting that up. I was lucky enough to get a set of Linux CDs with the entire set of HOWTOs (although just how `complete' this is is anyone's guess) on them. For now, I'd be happy if I could just ping google :)

paul.nel 12-02-2003 11:58 AM
OK, this does not look right:

Quote:
REJECT tcp -- anywhere anywhere tcp
flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
As I mentioned, try with your firewall stopped "service iptabels stop" and try to ping google. After that, set a firewall as explained in the HOW TO I referred to. It is a rather long HOW TO but absolutely briliantly laid out and easy to follow.

Let us know how you are doing.

Regards

p.n

foboldfky 12-03-2003 09:53 AM
I've nailed the bugger.

Turns out it WAS Redhat's firewall keeping me from doing DNS resolution. Thanks to everyone's advice; I've now got the net working on the Linux machine, PLUS I've managed to get IQ Masq working, too. Wai! ^_^.

All I have to do now is setup some remote control procedure to directly control the firewall settings/net connection from the other machines, dial on demand, and work out why filesharing with the windows boxes suddenly died (whopsie, think I broke something :P)

Once again, thanks for everyone's help.


All times are GMT -5. The time now is 12:31 AM.