[SOLVED] nslookup timed out, but only from localhost

damateem · 08-14-2021, 11:12 PM

I've configured bind9 on Ubuntu 14.04.6 LTS.

The server running bind (localhost), is at static IP 192.168.0.2 (server1).

Executing nslookup from other hosts on the LAN works great.

Code:

$ nslookup google.com
Non-authoritative answer:
Server:  UnKnown
Address:  192.168.0.2


Name:    google.com
Addresses:  2607:f8b0:4009:819::200e
          142.250.191.206

However, executing the same command from localhost results in a time out.

Code:

root@server1:/etc/bind# nslookup google.com
;; connection timed out; no servers could be reached

Here is my named.conf.options:

Code:

// Allow the following to query the DNS.
acl goodclients {
        localhost;      // This host.
        localnets;      // All hosts on the LAN.
        10.8.0.0/24;    // Hosts coming from VPN tunnels.
};


options {
        directory "/var/cache/bind";


        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113


        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.


        allow-query { goodclients; };


        forwarders {
                // Google DNS servers
                8.8.8.8;
                8.8.4.4;
        };


        //========================================================================
        // If BIND logs error messages about the root key being expired,
        // you will need to update your keys.  See https://www.isc.org/bind-keys
        //========================================================================
        dnssec-validation auto;


        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
};

What could cause bind to not be reachable from localhost?

bathory · 08-15-2021, 02:30 AM

Quote:

However, executing the same command from localhost results in a time out.

root@server1:/etc/bind# nslookup google.com
;; connection timed out; no servers could be reached

What's in /etc/resolv.conf?
Or what happens when you run:

Code:

dig google.com @127.0.0.1

damateem · 08-15-2021, 09:40 AM

/etc/resolv.conf:

Code:

$ cat /etc/resolv.conf
domain attlocal.net
search attlocal.net
nameserver 192.168.1.254

dig google.com @127.0.0.1:

Code:

$ dig google.com @127.0.0.1

; <<>> DiG 9.9.5-3ubuntu0.19-Ubuntu <<>> google.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4710
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com.                    IN      A

;; ANSWER SECTION:
google.com.             299     IN      A       172.217.4.46

;; AUTHORITY SECTION:
.                       400     IN      NS      e.root-servers.net.
.                       400     IN      NS      g.root-servers.net.
.                       400     IN      NS      i.root-servers.net.
.                       400     IN      NS      c.root-servers.net.
.                       400     IN      NS      b.root-servers.net.
.                       400     IN      NS      h.root-servers.net.
.                       400     IN      NS      f.root-servers.net.
.                       400     IN      NS      j.root-servers.net.
.                       400     IN      NS      d.root-servers.net.
.                       400     IN      NS      a.root-servers.net.
.                       400     IN      NS      m.root-servers.net.
.                       400     IN      NS      l.root-servers.net.
.                       400     IN      NS      k.root-servers.net.

;; Query time: 51 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Aug 15 10:29:38 EDT 2021
;; MSG SIZE  rcvd: 266

I'm not familiar with dig. What is this telling me? Is it correct?

It looks like resolv.conf is the issue. We recently switched ISP and the entries in resolv.conf belong to the old ISP. I could update these to the new ISP, but that doesn't seem right to me. What is the proper way to configure it so that localhost uses the local bind server?

Thanks for the help!

bathory · 08-15-2021, 11:35 AM

Quote:

I'm not familiar with dig. What is this telling me? Is it correct?

Yes, it's correct

Quote:

$ cat /etc/resolv.conf
domain attlocal.net
search attlocal.net
nameserver 192.168.1.254

It looks like resolv.conf is the issue. We recently switched ISP and the entries in resolv.conf belong to the old ISP. I could update these to the new ISP, but that doesn't seem right to me. What is the proper way to configure it so that localhost uses the local bind server?

I don't know about the domainame in the domain/search options, but the IP is a private IP.
You should replace it with 127.0.0.1 in /etc/resolv.conf. How to do that depends if you use Network Manager, resolvconf or some other tool to configure your network.

BTW Ubuntu 14.04.6 LTS will soon be obsoleted

damateem · 08-15-2021, 12:36 PM

It's not as simple as directly editing /etc/resolv.conf and restarting the appropriate service?

Yes, you are right. This server badly needs an upgrade.

bathory · 08-15-2021, 04:44 PM

Quote:

It's not as simple as directly editing /etc/resolv.conf and restarting the appropriate service?

I'm running Slackware and it's as simple as editing directly /etc/resolv.conf.
You can try it at your Ubuntu and see if changes in /etc/resolv.conf persist reboots.

damateem · 08-23-2021, 03:52 PM

Changing nameserver to 127.0.0.1 resolved the issue. I also removed domain and search.

Code:

$ cat /etc/resolv.conf
nameserver 127.0.0.1

After having some time to think about it, I realized the previous setting were used to configure a static IP for this server, before I had configured the dns on it. That static IP remains, but now used localhost for dns.

Thanks for the awesome help!