LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 02-20-2017, 12:15 PM   #1
mattlyons
LQ Newbie
 
Registered: Feb 2017
Posts: 16

Rep: Reputation: Disabled
DNS resolving IP but not resolving hostnames; ping unknown host google.com


I like to start most of my threads off with I'm a novice at Linux and more of a Windows guy. With that said, I am running RHEL Server 6.7 on x86_64.

I have eth0 set to static. Below are some outputs.

Code:
[root@tmipmc ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 3C:97:0E:90:D4:F7
          inet addr:192.168.1.101  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::3e97:eff:fe90:d4f7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:928 (928.0 b)  TX bytes:1140 (1.1 KiB)
          Interrupt:20 Memory:f3900000-f3920000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
Code:
[root@tmipmc ~]# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=43 time=38.4 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=43 time=37.8 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=43 time=37.7 ms
^C
Code:
[root@tmipmc ~]# ping google.com
ping: unknown host google.com
And the only line in found in "vi /etc/resolv.conf" is "nameserver 8.8.8.8".

What am I missing to get ping to work for hostnames?
 
Old 02-20-2017, 01:22 PM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,154
Blog Entries: 1

Rep: Reputation: 2019Reputation: 2019Reputation: 2019Reputation: 2019Reputation: 2019Reputation: 2019Reputation: 2019Reputation: 2019Reputation: 2019Reputation: 2019Reputation: 2019
Quote:
And the only line in found in "vi /etc/resolv.conf" is "nameserver 8.8.8.8".

What am I missing to get ping to work for hostnames?
The namserver entry in /etc/resolv.conf is correct (8.8.8.8 is the google dns)
The fact that it's not resolving hostnames, maybe it's because your ISP is blocking dns queries, in order to use theirs dns.
You should ask them and see what they'll answer.

Regards
 
Old 02-20-2017, 01:38 PM   #3
mattlyons
LQ Newbie
 
Registered: Feb 2017
Posts: 16

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bathory View Post
The namserver entry in /etc/resolv.conf is correct (8.8.8.8 is the google dns)
The fact that it's not resolving hostnames, maybe it's because your ISP is blocking dns queries, in order to use theirs dns.
You should ask them and see what they'll answer.

Regards
My internet connection runs from my desk phone at work to a router on my desk. The router then goes to several computers I have including the RHEL box and my Windows work laptop. On my Windows work laptop, I can ping 8.8.8.8 and google.com with no issues. Correct me if I'm wrong, but I believe that means means my ISP is not blocking dns queries? I am no networking guru so I may be mistaken.
 
Old 02-20-2017, 01:52 PM   #4
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,278

Rep: Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693
Easy enough to check:

Code:
nslookup google.com 8.8.8.8
This uses 8.8.8.8 as your dns server and looks up google.com, if it is working you will see something like:

Code:
[root@tools ~]# nslookup google.com 8.8.8.8
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
Name:	google.com
Address: 172.217.4.46
You will want to share your hosts, resolv and nssswitch files if you are unable to resolve without nslookup.

Code:
cat /etc/hosts
cat /etc/resolv.conf
cat /etc/nsswitch.conf | grep -v ^#

Last edited by szboardstretcher; 02-20-2017 at 01:55 PM.
 
Old 02-20-2017, 02:10 PM   #5
mattlyons
LQ Newbie
 
Registered: Feb 2017
Posts: 16

Original Poster
Rep: Reputation: Disabled
Code:
[root@tmipmc ~]# nslookup google.com 8.8.8.8
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached
Code:
[root@tmipmc ~]# cat /etc/hosts
127.0.0.1    localhost localhost.localdomain localhost4 localhost4.localdomain4
::1          localhost localhost.localdomain localhost6 localhost6.localdomain6
Code:
[root@tmipmc ~]# cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
I just added 8.8.4.4 since my opening post. ^^^

Code:
[root@tmipmc ~]# cat /etc/nsswitch.conf | grep ^#

passwd: files
shadow: files
group: files

hosts: files dns

bootparams: nisplus [NOTFOUND=return] files

ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files

netgroup: nisplus

publickey: nisplus

automount: files nisplus
aliases: files nisplus
 
Old 02-20-2017, 02:16 PM   #6
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,278

Rep: Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693
Looks like DNS *IS* blocked. Try this. Open 2 terminals, in the first run this:

Code:
tcpdump -i eth0 udp port 53
In the second, run nslookup again:

Code:
nslookup google.com 8.8.8.8
nslookup google.com 4.2.2.2
Post the info from the TCPdump terminal if you don't mind.
 
Old 02-20-2017, 02:23 PM   #7
mattlyons
LQ Newbie
 
Registered: Feb 2017
Posts: 16

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by szboardstretcher View Post
Looks like DNS *IS* blocked. Try this. Open 2 terminals, in the first run this:

Code:
tcpdump -i eth0 udp port 53
In the second, run nslookup again:

Code:
nslookup google.com 8.8.8.8
nslookup google.com 4.2.2.2
Post the info from the TCPdump terminal if you don't mind.
Uh, sorry if this seems noobish but how do you open multiple terminals in RHEL? There is no GUI so everything is already terminal. I'll continue googling after this post in case I am missing something.
 
Old 02-20-2017, 03:09 PM   #8
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,278

Rep: Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693
No gui? Ctrl-alt-F1, ctrl-alt-f2 etc.. They should already exist, you are just 'changing' to them in that case.
 
Old 02-20-2017, 03:37 PM   #9
mattlyons
LQ Newbie
 
Registered: Feb 2017
Posts: 16

Original Poster
Rep: Reputation: Disabled
Well how about that, I learn something new every day with this RHEL server. Didn't know you could toggle between terminals like that.

I attached a PhotoBucket link below to the output for the tcpdump.

http://i1325.photobucket.com/albums/...pshvh4vfg0.jpg
 
Old 02-20-2017, 03:46 PM   #10
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,278

Rep: Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693Reputation: 1693
Same here - I learned that photobucket still exists!

You seem to be filtered. The next question I would ask is whether your local firewall(s) is/are blocking this traffic or something upstream.
 
Old 02-20-2017, 05:13 PM   #11
mattlyons
LQ Newbie
 
Registered: Feb 2017
Posts: 16

Original Poster
Rep: Reputation: Disabled
Glad to help educate.

Did some quick googling and saw there is a local firewall in RHEL with commands about ip6tables. The RHEL box is at work so I'll have access again in the morning and I'll try disabling the local firewall and try again pinging a hostname and report back.

Thank you for your help so far.
 
Old 02-21-2017, 07:46 AM   #12
mattlyons
LQ Newbie
 
Registered: Feb 2017
Posts: 16

Original Poster
Rep: Reputation: Disabled
Disabled the local firewall with below commands.

Code:
# service iptables save
# service iptables stop
# chkconfig iptables off
Rebooted the box and still could not ping the google hostname. Did the tcpdump again. I was able to include an attachment this time with this post with a picture of the output. Looks almost identical to the previous tcpdump.

I have a super old RHEL 5.1.19 box on my desk that I used to use and it worked with pinging hostnames, executing YUM updates, etc and it was coming from the same router so I know it is possible. The old RHEL's configurations have been altered so it's not as simple as copying over the configurations to my new RHEL box. That is why I am here, hoping we can crack the code together.

Any other suggestions?
Attached Thumbnails
Click image for larger version

Name:	tcpdump2.jpg
Views:	298
Size:	269.8 KB
ID:	24307  
 
Old 02-21-2017, 11:43 AM   #13
mattlyons
LQ Newbie
 
Registered: Feb 2017
Posts: 16

Original Poster
Rep: Reputation: Disabled
Continuing a lot of googling and troubleshooting on my end. When I remove the ethernet and plug into a Windows laptop, I can ping IPs and hostnames with no issues. This tells me it is something on this RHEL box.

Are there any other files in /etc/ that I can show that would help (/etc/nsswitch.conf, /etc/resolv.conf, /etc/hosts, etc)? Also, this doesn't have to stay static; DHCP would be fine as well if that helps. 'nslookup' also times out on every try. If I do add '8.8.8.8 google.com' to /etc/hosts, I can ping the hostname then but nslookup still doesn't work.

Would not having my RHEL "activated" matter? I tried activating via 'subscription-manager' but it would fail every time because of this current DNS/internet problem, I believe.

I'm just spitting out what I've done and ideas to hopefully help someone else come up with an idea that might resolve the problem.
 
Old 02-21-2017, 02:21 PM   #14
r3sistance
Senior Member
 
Registered: Mar 2004
Location: UK
Distribution: CentOS 6/7
Posts: 1,375

Rep: Reputation: 217Reputation: 217Reputation: 217
Well 192.168.1.101 is an internal IP, this means you have something performing NAT like a gateway or router, have you checked that isn't blocking outbound port 53 traffic? Also what kind of environment is this hosted in? Office, Home, Datacenter, etc? Also last Q, the device doing the NAT isn't hosting you on an IPv6 public address is it? unlikely but just worthwhile to cross off the list.
 
Old 02-23-2017, 05:34 PM   #15
jayjwa
Member
 
Registered: Jul 2003
Location: NY
Distribution: Slackware, Termux
Posts: 713

Rep: Reputation: 216Reputation: 216Reputation: 216
Looks like you've got no global IP address. I HIGHLY doubt anyone is blocking DNS. I'm guessing routing issue.

Code:
[root@tmipmc ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 3C:97:0E:90:D4:F7
          inet addr:192.168.1.101  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::3e97:eff:fe90:d4f7/64 Scope:Link
How are those packets supposed to get out? If you're going IPv4, you need to tell them were to go. Ex:

Code:
[ jayjwa@vdrl:~>] ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:26:55:40:69:61 brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.2/24 brd 192.168.10.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 2604:6000:140e:805c:226:55ff:fe40:6961/64 scope global mngtmpaddr dynamic 
       valid_lft 86227sec preferred_lft 14227sec
    inet6 fe80::226:55ff:fe40:6961/64 scope link 
       valid_lft forever preferred_lft forever
No global ipv4 addr above, but there's a path for ipv4 packets to take, the default route. Did you set a default route?

Code:
[ jayjwa@vdrl:~>] ip route show
default via 192.168.10.1 dev eth0 
127.0.0.0/8 dev lo  scope link 
192.168.10.0/24 dev eth0  proto kernel  scope link  src 192.168.10.2
Above is 192.168.10.2. On 192.168.10.1 (where the default route points):

Code:
iptables -t nat -A POSTROUTING -m comment --comment "Masquerade rfc1918 addresses" -s 192.168.0.0/16 -j MASQUERADE
As long as where you're sending your packets to routes them on (and doesn't block them), you should be OK. That host will have to set some sysctl parameters (for ip forwarding) as well, and ipv6 is a different matter.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
My local dns is not resolving particularly one host name . call_krushna Linux - Server 7 05-23-2012 08:29 AM
Internal host names resolving through external DNS?!? dschuett Linux - Networking 2 02-06-2011 04:14 PM
DNS not resolving internet hostnames KeenAs Linux - Networking 9 02-05-2009 04:20 AM
DHCP host (not) resolving trough DNS jamezdin Linux - Networking 3 05-30-2004 02:38 PM
/etc/hosts resolving before DNS resolving ? markraem Linux - Networking 4 11-02-2003 05:54 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:58 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration