nslookup: connection timed out; no servers could be reached
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
13:03:44.651110 IP (tos 0x0, ttl 64, id 54273, offset 0, flags [DF], proto 17, length: 57) 192.168.1.22.39106 > 64.81.79.2.53: 63301+ A? bankone.com. (29)
13:03:44.654165 IP (tos 0x0, ttl 58, id 3760, offset 0, flags [DF], proto 17, length: 73) 64.81.79.2.53 > 192.168.1.22.39106: 63301 1/0/0 bankone.com. A 159.53.60.66 (45)
13:03:45.487700 IP (tos 0x0, ttl 64, id 55109, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 11785+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:03:45.490578 IP (tos 0x0, ttl 58, id 20923, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 11785 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:03:45.490916 IP (tos 0x0, ttl 64, id 55113, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 36210+ A? designserver.ahk.nl. (37)
13:03:45.494201 IP (tos 0x0, ttl 58, id 12545, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 36210 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:03:47.846721 IP (tos 0x0, ttl 64, id 57469, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 51859+ A? designserver.ahk.nl. (37)
13:03:47.849899 IP (tos 0x0, ttl 58, id 55609, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 51859 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:03:49.720152 IP (tos 0x0, ttl 64, id 59342, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 47630+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:03:49.722988 IP (tos 0x0, ttl 58, id 20477, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 47630 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:03:49.723328 IP (tos 0x0, ttl 64, id 59346, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 31059+ A? designserver.ahk.nl. (37)
13:03:49.726487 IP (tos 0x0, ttl 58, id 23754, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 31059 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:03:52.079100 IP (tos 0x0, ttl 64, id 61702, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 43040+ A? designserver.ahk.nl. (37)
13:03:52.082184 IP (tos 0x0, ttl 58, id 12591, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 43040 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:03:53.953309 IP (tos 0x0, ttl 64, id 63576, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 51513+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:03:53.963144 IP (tos 0x0, ttl 58, id 39370, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 51513 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:03:53.963466 IP (tos 0x0, ttl 64, id 63586, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 48140+ A? designserver.ahk.nl. (37)
13:03:53.966767 IP (tos 0x0, ttl 58, id 61403, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 48140 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:03:56.318476 IP (tos 0x0, ttl 64, id 406, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 44797+ A? designserver.ahk.nl. (37)
13:03:56.321716 IP (tos 0x0, ttl 58, id 30002, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 44797 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:03:58.191711 IP (tos 0x0, ttl 64, id 2279, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 43573+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:03:58.195055 IP (tos 0x0, ttl 58, id 3114, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 43573 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:03:58.195383 IP (tos 0x0, ttl 64, id 2283, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 54502+ A? designserver.ahk.nl. (37)
13:03:58.198678 IP (tos 0x0, ttl 58, id 7936, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 54502 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:00.550869 IP (tos 0x0, ttl 64, id 4639, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 32461+ A? designserver.ahk.nl. (37)
13:04:00.553877 IP (tos 0x0, ttl 58, id 43268, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 32461 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:02.425223 IP (tos 0x0, ttl 64, id 6513, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 17892+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:04:02.428347 IP (tos 0x0, ttl 58, id 54914, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 17892 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:04:02.428668 IP (tos 0x0, ttl 64, id 6517, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 27663+ A? designserver.ahk.nl. (37)
13:04:02.431588 IP (tos 0x0, ttl 58, id 65023, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 27663 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:04.784255 IP (tos 0x0, ttl 64, id 8873, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 64422+ A? designserver.ahk.nl. (37)
13:04:04.787786 IP (tos 0x0, ttl 58, id 31179, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 64422 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:06.664896 IP (tos 0x0, ttl 64, id 10754, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 7175+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:04:06.667996 IP (tos 0x0, ttl 58, id 12653, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 7175 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:04:06.668321 IP (tos 0x0, ttl 64, id 10757, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 12154+ A? designserver.ahk.nl. (37)
13:04:06.671370 IP (tos 0x0, ttl 58, id 24527, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 12154 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:09.023646 IP (tos 0x0, ttl 64, id 13113, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 48727+ A? designserver.ahk.nl. (37)
13:04:09.028567 IP (tos 0x0, ttl 58, id 44239, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 48727 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:10.901036 IP (tos 0x0, ttl 64, id 14990, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 33427+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:04:10.904155 IP (tos 0x0, ttl 58, id 32886, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 33427 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:04:10.904481 IP (tos 0x0, ttl 64, id 14994, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 55836+ A? designserver.ahk.nl. (37)
13:04:10.908153 IP (tos 0x0, ttl 58, id 45738, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 55836 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:13.260024 IP (tos 0x0, ttl 64, id 17350, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 36241+ A? designserver.ahk.nl. (37)
13:04:13.262977 IP (tos 0x0, ttl 58, id 22696, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 36241 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:15.135220 IP (tos 0x0, ttl 64, id 19225, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 12546+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:04:15.138565 IP (tos 0x0, ttl 58, id 8975, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 12546 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:04:15.138894 IP (tos 0x0, ttl 64, id 19229, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 27925+ A? designserver.ahk.nl. (37)
13:04:15.141813 IP (tos 0x0, ttl 58, id 857, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 27925 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:17.494428 IP (tos 0x0, ttl 64, id 21585, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 14276+ A? designserver.ahk.nl. (37)
13:04:17.497886 IP (tos 0x0, ttl 58, id 60316, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 14276 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:19.368845 IP (tos 0x0, ttl 64, id 23459, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 41405+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:04:19.371849 IP (tos 0x0, ttl 58, id 34857, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 41405 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:04:19.372189 IP (tos 0x0, ttl 64, id 23463, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 9430+ A? designserver.ahk.nl. (37)
13:04:19.375348 IP (tos 0x0, ttl 58, id 32963, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 9430 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:21.727808 IP (tos 0x0, ttl 64, id 25819, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 9511+ A? designserver.ahk.nl. (37)
13:04:21.730795 IP (tos 0x0, ttl 58, id 10078, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 9511 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:23.603074 IP (tos 0x0, ttl 64, id 27694, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 3731+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:04:23.606259 IP (tos 0x0, ttl 58, id 17107, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 3731 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:04:23.606603 IP (tos 0x0, ttl 64, id 27698, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 59388+ A? designserver.ahk.nl. (37)
13:04:23.609757 IP (tos 0x0, ttl 58, id 2890, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 59388 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:25.962199 IP (tos 0x0, ttl 64, id 30054, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 3281+ A? designserver.ahk.nl. (37)
13:04:25.965205 IP (tos 0x0, ttl 58, id 43598, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 3281 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:27.836433 IP (tos 0x0, ttl 64, id 31928, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 65078+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:04:27.839793 IP (tos 0x0, ttl 58, id 61027, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 65078 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:04:27.840116 IP (tos 0x0, ttl 64, id 31932, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 21145+ A? designserver.ahk.nl. (37)
13:04:27.843042 IP (tos 0x0, ttl 58, id 39516, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 21145 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:30.195576 IP (tos 0x0, ttl 64, id 34288, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 43906+ A? designserver.ahk.nl. (37)
13:04:30.198990 IP (tos 0x0, ttl 58, id 7077, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 43906 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:32.070035 IP (tos 0x0, ttl 64, id 36162, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 12381+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:04:32.073705 IP (tos 0x0, ttl 58, id 6368, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 12381 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:04:32.074063 IP (tos 0x0, ttl 64, id 36166, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 55296+ A? designserver.ahk.nl. (37)
13:04:32.076951 IP (tos 0x0, ttl 58, id 121, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 55296 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:34.428963 IP (tos 0x0, ttl 64, id 38522, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 46223+ A? designserver.ahk.nl. (37)
13:04:34.432025 IP (tos 0x0, ttl 58, id 15104, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 46223 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:36.303386 IP (tos 0x0, ttl 64, id 40396, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 41462+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:04:36.306489 IP (tos 0x0, ttl 58, id 41755, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 41462 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:04:36.306812 IP (tos 0x0, ttl 64, id 40400, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 42637+ A? designserver.ahk.nl. (37)
13:04:36.309862 IP (tos 0x0, ttl 58, id 37396, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 42637 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:38.021875 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto 17, length: 69) 192.168.1.22.39106 > 64.81.79.2.53: 12413+ PTR? 2.79.81.64.in-addr.arpa. (41)
13:04:38.024915 IP (tos 0x0, ttl 58, id 40077, offset 0, flags [DF], proto 17, length: 105) 64.81.79.2.53 > 192.168.1.22.39106: 12413 1/0/0 2.79.81.64.in-addr.arpa. PTR[|domain]
13:04:38.662353 IP (tos 0x0, ttl 64, id 42756, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 20958+ A? designserver.ahk.nl. (37)
13:04:38.665934 IP (tos 0x0, ttl 58, id 38997, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 20958 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:40.540804 IP (tos 0x0, ttl 64, id 44634, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 364+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:04:40.543896 IP (tos 0x0, ttl 58, id 8833, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 364 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:04:40.544219 IP (tos 0x0, ttl 64, id 44638, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 22951+ A? designserver.ahk.nl. (37)
13:04:40.547145 IP (tos 0x0, ttl 58, id 27597, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 22951 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:42.899753 IP (tos 0x0, ttl 64, id 46994, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 53894+ A? designserver.ahk.nl. (37)
13:04:42.902718 IP (tos 0x0, ttl 58, id 22166, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 53894 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:44.773042 IP (tos 0x0, ttl 64, id 48867, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 63133+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:04:44.775932 IP (tos 0x0, ttl 58, id 60247, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 63133 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:04:44.776277 IP (tos 0x0, ttl 64, id 48871, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 50558+ A? designserver.ahk.nl. (37)
13:04:44.779306 IP (tos 0x0, ttl 58, id 49236, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 50558 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:45.551443 IP (tos 0x0, ttl 64, id 49646, offset 0, flags [DF], proto 17, length: 55) 192.168.1.22.39106 > 64.81.79.2.53: 49048+ AAAA? yahoo.com. (27)
13:04:45.554501 IP (tos 0x0, ttl 58, id 59517, offset 0, flags [DF], proto 17, length: 55) 64.81.79.2.53 > 192.168.1.22.39106: 49048 0/0/0 (27)
13:04:45.554600 IP (tos 0x0, ttl 64, id 49649, offset 0, flags [DF], proto 17, length: 55) 192.168.1.22.39106 > 64.81.79.2.53: 12763+ A? yahoo.com. (27)
13:04:45.557750 IP (tos 0x0, ttl 58, id 56076, offset 0, flags [DF], proto 17, length: 87) 64.81.79.2.53 > 192.168.1.22.39106: 12763 2/0/0 yahoo.com. A 206.190.60.37, yahoo.com. (59)
13:04:47.131124 IP (tos 0x0, ttl 64, id 51226, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 8095+ A? designserver.ahk.nl. (37)
13:04:47.134379 IP (tos 0x0, ttl 58, id 58157, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 8095 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:49.004504 IP (tos 0x0, ttl 64, id 53099, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 12416+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:04:49.009592 IP (tos 0x0, ttl 58, id 13701, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 12416 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:04:49.009923 IP (tos 0x0, ttl 64, id 53105, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 9513+ A? designserver.ahk.nl. (37)
13:04:49.012840 IP (tos 0x0, ttl 58, id 1216, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 9513 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:51.365527 IP (tos 0x0, ttl 64, id 55461, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 36694+ A? designserver.ahk.nl. (37)
13:04:51.368538 IP (tos 0x0, ttl 58, id 15896, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 36694 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:53.240055 IP (tos 0x0, ttl 64, id 57336, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 39053+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:04:53.243127 IP (tos 0x0, ttl 58, id 871, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 39053 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:04:53.243448 IP (tos 0x0, ttl 64, id 57339, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 45166+ A? designserver.ahk.nl. (37)
13:04:53.246500 IP (tos 0x0, ttl 58, id 12051, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 45166 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:55.598908 IP (tos 0x0, ttl 64, id 59695, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 47053+ A? designserver.ahk.nl. (37)
13:04:55.601948 IP (tos 0x0, ttl 58, id 57190, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 47053 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:57.476674 IP (tos 0x0, ttl 64, id 61573, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 31919+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:04:57.479659 IP (tos 0x0, ttl 58, id 7257, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 31919 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:04:57.479988 IP (tos 0x0, ttl 64, id 61576, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 8394+ A? designserver.ahk.nl. (37)
13:04:57.483033 IP (tos 0x0, ttl 58, id 29700, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 8394 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:04:59.835296 IP (tos 0x0, ttl 64, id 63932, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 13521+ A? designserver.ahk.nl. (37)
13:04:59.838231 IP (tos 0x0, ttl 58, id 14637, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 13521 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:05:01.709718 IP (tos 0x0, ttl 64, id 270, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 60731+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:05:01.712821 IP (tos 0x0, ttl 58, id 34509, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 60731 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:05:01.713160 IP (tos 0x0, ttl 64, id 274, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 36230+ A? designserver.ahk.nl. (37)
13:05:01.716317 IP (tos 0x0, ttl 58, id 48076, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 36230 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:05:04.069745 IP (tos 0x0, ttl 64, id 2631, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 19079+ A? designserver.ahk.nl. (37)
13:05:04.084135 IP (tos 0x0, ttl 58, id 59235, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 19079 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:05:05.954860 IP (tos 0x0, ttl 64, id 4516, offset 0, flags [DF], proto 17, length: 74) 192.168.1.22.39106 > 64.81.79.2.53: 45250+ PTR? 130.112.102.145.in-addr.arpa. (46)
13:05:05.957973 IP (tos 0x0, ttl 58, id 23078, offset 0, flags [DF], proto 17, length: 107) 64.81.79.2.53 > 192.168.1.22.39106: 45250 1/0/0 130.112.102.145.in-addr.arpa. (79)
13:05:05.958314 IP (tos 0x0, ttl 64, id 4520, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 27157+ A? designserver.ahk.nl. (37)
13:05:05.961596 IP (tos 0x0, ttl 58, id 24769, offset 0, flags [DF], proto 17, length: 81) 64.81.79.2.53 > 192.168.1.22.39106: 27157 1/0/0 designserver.ahk.nl. A 145.102.112.130 (53)
13:05:08.314070 IP (tos 0x0, ttl 64, id 6876, offset 0, flags [DF], proto 17, length: 65) 192.168.1.22.39106 > 64.81.79.2.53: 41533+ A? designserver.ahk.nl. (37)
It's not surprising insomuch as it is doing lots of live email relaying. I'm still unclear what the problem is on xmail1, I noticed a lot of traffic on other local servers showing up in the tcpdump output, but it seemed unrelated to xmail1 itself. What does 192.168.1.19 have to do with xmail1's inability to get a response from the DNS servers that xmail2 can talk to? Thanks so much for your help, I'm really in over my head here I think.
The problem that xmail1 is having is that it is not talking to any of those other DNS servers that you see when you do the trace on xmail2. For reasons that I cannot fully see from out here, xmail1 thinks that its first task (in resolving an IP address under nslookup, at least) is to resolve the address 192.168.1.19 to a DNS name. This is indicated by the first line in your xmail1 trace:
This report says that xmail1 sent a query to 64.81.79.2 (dns.sfo1.speakeasy.net) asking for the reverse-mapping (PTR record) corresponding to 192.168.1.19. That request is doomed, for the reasons I noted in my previous posting.
I am sure that you believe that xmail1 is set up just like xmail2, and I am equally sure that this is not actually the case. Somewhere in xmail1's configuration, there must be a line specifying 192.168.1.19 as a server that needs to be consulted about DNS names. If it is not in whatever config file is actually being used by the resolver library, and you are not running a cacheing DNS server on xmail1, I am not certain where else to look. Perhaps a shotgun approach may be the best:
Code:
#grep -r 192\.168\.1\.19 /etc
This will report all the filenames containing references to this address anywhere within the /etc directory tree, and may give us some clues about where else to look.
On the contrary, I am absolutely convinced that it's configured differently! Here's the output from 'grep -r 192\.168\.1\.19 /etc':
Code:
[root@xmail1 ~]# grep -r 192\.168\.1\.19 /etc
grep: /etc/httpd/run/avahi-daemon/socket: No such device or address
grep: /etc/httpd/run/rpcbind.sock: No such device or address
grep: /etc/httpd/run/sdp: No such device or address
grep: /etc/httpd/run/acpid.socket: No such device or address
grep: /etc/httpd/run/dbus/system_bus_socket: No such device or address
grep: /etc/httpd/run/pcscd.comm: No such device or address
I'm running the same command on / now. I'd love to eliminate the resolver library configuration file (is that something not '/etc/resolv.conf') possibility; I did post something about a creating a symbolic link at /etc/sysconfig/networking/profiles/default/resolv.conf to /etc/resolv.conf that seemed to have something to do with SELinux. And I see a symbolic link from /etc/named.conf to /var/named/chroot/etc/named.conf but nothing is running from a 'ps -ax | grep named' command. Again, thanks so much for your help.
Don't know what you are running for mail, but I ran into a dns issue on my mail server
and even after fixing the problem on the system (/etc/resolv.conf) it was still broken for email.
Debian by default runs postfix in a jail. a quick postfix check showed me
that the resolv.conf in the jail did not match the one for the system so all dns lookups
from postfix were failing while they worked fine at the command line for the system.
Since you mentioned a jail, you may want to compare all those resolv.conf files..
I recommend using dig for testing rather than nslookup I think it's more informative,
and can do directed queries by supplying the dns server you want to query. you can then see
if you force the dns server to query if it works like it's supposed to..
dig @64.81.79.2 www.google.com Queries specified DNS server for www.google.com
so if the first dig query fails, but the second one (the one you direct to your external DNS serer) succeeds, then your system is using a resolv.conf file that isn't correct..
I'm with farslayer. Your previous post indicated that if you had been running named, it would have been put in a chroot jail; it is entirely possible that other daemons may be running under similar confinement. This still doesn't explain the nslookup problem that xmail1 has, but investigation in the recommended direction might turn up some clues.
[root@xmail1 etc]# dig www.google.com
; <<>> DiG 9.5.0a6 <<>> www.google.com
;; global options: printcmd
;; connection timed out; no servers could be reached
[root@xmail1 etc]# dig @64.81.79.2 www.google.com
; <<>> DiG 9.5.0a6 <<>> @64.81.79.2 www.google.com
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
Curiously, mule (192.168.1.19) had the reverse situation from what you described:
Code:
[root@mule ~]# dig www.google.com
; <<>> DiG 9.3.2 <<>> www.google.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42020
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 7, ADDITIONAL: 7
;; QUESTION SECTION:
;www.google.com. IN A
;; ANSWER SECTION:
www.google.com. 289491 IN CNAME www.l.google.com.
www.l.google.com. 178 IN A 74.125.19.104
www.l.google.com. 178 IN A 74.125.19.147
www.l.google.com. 178 IN A 74.125.19.99
www.l.google.com. 178 IN A 74.125.19.103
;; AUTHORITY SECTION:
l.google.com. 30217 IN NS b.l.google.com.
l.google.com. 30217 IN NS c.l.google.com.
l.google.com. 30217 IN NS d.l.google.com.
l.google.com. 30217 IN NS e.l.google.com.
l.google.com. 30217 IN NS f.l.google.com.
l.google.com. 30217 IN NS g.l.google.com.
l.google.com. 30217 IN NS a.l.google.com.
;; ADDITIONAL SECTION:
a.l.google.com. 30403 IN A 209.85.139.9
b.l.google.com. 30233 IN A 64.233.179.9
c.l.google.com. 30321 IN A 64.233.161.9
d.l.google.com. 30306 IN A 66.249.93.9
e.l.google.com. 30272 IN A 209.85.137.9
f.l.google.com. 30233 IN A 72.14.235.9
g.l.google.com. 30257 IN A 64.233.167.9
;; Query time: 5 msec
;; SERVER: 209.213.223.118#53(209.213.223.118)
;; WHEN: Wed Jun 18 16:04:23 2008
;; MSG SIZE rcvd: 340
[root@mule ~]# dig @64.79.81.2 www.google.com
; <<>> DiG 9.3.2 <<>> @64.79.81.2 www.google.com
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
I use sendmail on Fedora Core 8, is there a 'check' analogue like for postfix?
At this point I would be doing a tcpdump on the Firewall box and checking to see if:
1. the dns query from the host is getting to the firewall..
2. if it's leaving the firewall and being forwarded to the DNS server
3. if the response is coming back from the DNS server to the firewall,
4. then being forwarded back to the originating host.
A couple of observations on these traces, and a recommendation.
First, even xmail2 is querying the DNS servers on the public net for reverse lookups of 192.168.1.x addresses (and contrary to my previous posting, the server is replying "No Such Domain" rather than remaining silent). These queries should not be getting out onto the Internet; this is tied into my second observation of the traces: your machines on the Private Network really need to be served by a local DNS server, which will cache the responses to queries on behalf of all the machines behind the firewall, and will then make them available to future inquirers. This server should also be configured as authoritative for the local zone (you can make one up, like local.net), and to supply inverse mappings for the zone 1.168.192.in-addr.arpa (this is the magic name that handles address-to-name lookups. Perhaps trusty is a good spot to run a named daemon, since it has a foot on both the public and private sides.
Second, did your trace on trusty specify any interface? It looks like it might not have, and it looks further like eth0 is probably facing the local net, and eth1 is facing the public Internet connection. If you could re-do this experiment while asking tcpdump to report only traffic on the public side, then we can tell if the DNS packets are actually escaping onto the Internet. So far, it seems that we only know that they are arriving at trusty.
And I must apologize for failing to ask one other question: does trusty have some firewall rules that are doing NAT for you? These can be examined with
Code:
# iptables -t nat
There is definitely something going on that is getting in xmail1's way here.
OK, assuming that your "grep" didn't remove anything interesting from the trace, is there anything else between you and your ISP that could be filtering out these packets? It appears clear that they are leaving trusty just fine, but the answers are not returning.
I checked with my ISP and they say there's nothing filtering packets between my gateway machine and the Internet. I also reinstalled FC 8 and made sure SELinux and the local firewall was disabled, just to check and the error persists. I'm going to try the new Fedora Core 9 install and then later tonight I'll take down the firewall and see if that fixes it. Other than that, I'm running out of ideas here.
One of the reasons that tcpdump has all the filtering rules built into it is so that there won't be a whole lot of irrelevant output. I highly recommend that you use its filtering rules, so that we are sure that it is capturing the actual traffic we care about. In this case, set up the following on trusty:
Code:
#tcpdump -i eth1 -nn udp port 53 host 64.81.79.2
This trace will capture any packet that might be involved in the attempted conversation between the speakeasy DNS server and any machine on your net. I am hoping that, if we can see all these packets, we may find something going astray (which is getting filtered out if you grep a less-restricted trace).
I have assumed (again) that eth1 is the interface that faces the public Internet, and that eth0 is facing your local net. If this is not so, please adjust the parameter in the tcpdump command. It is important that we trace the actual stuff going out onto the Internet, not some intermediate version that is going to be subjected to further processing before it goes out on your wire to the world.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.