After finding related threads while googling but not getting useful responses, I thought I'd summarize here in the appropriate forum and ask again for help.

I had RH7.2 running and it worked fine getting to the Internet - I can't remember having to do any settings other than specifying using DHCP. I upgraded (not uninstall + install, just upgraded) to RH8.0 and it fails. I can ping valid IPs on my LAN or the Internet but named entries always gives "unknown host". DNS continues to work fine for my non-Linux computers on my LAN, or I wouldn't be able to post this question.

I've gone so far as to use the neat utility and set the DNS Primary and Secondary servers entries myself - I can ping those by IP just fine. It seems, though, that I have to turn off the "Automatically obtain IP information from provider" or it resets Primary to the incorrect entry of 192.168.0.1 (my NetGear) and blanks the Secondary. So when that's unchecked, I've entered the DNS IPs and I
/etc/init.d/network restart
or reboot it still can't resolve a DNS name. Pinging localhost works fine all the time. Hopefully some of this information is useful to anyone who could have a solution.

I'll whine and say this was supposed to be an automatic operation as in RH7.2, why did RH8.0 mess it up?

But what I really want is a 2 minute solution. And if you don't have that, what other questions can I answer to get ANY solution?

Thanks...

I'm pretty convinced that it has something to do with your name servers not being correct. Normally, the dhcp should get the name servers. I would check /etc/resolve.conf and make sure it has the correct primary and secondary address in there.

If they aren't correct, go ahead and manually add them in there and see if dig works.

If that fixes it, you'll probably have to make a more permanent change to your network scripts.

Let us know what happens.

After I'd used neat to specify the primary and secondary, I'd rebooted and looked at resolv.conf - and the 2 IPs I'd set in neat were listed there at the top (used to have domain then nameserver then search, now nameserver (twice), domain and search). I hope this correctly addresses what you suggested.

I really didn't want to have to start editing the files by hand, but I'm open to almost anything at this point.

hmm...you mentioned that you had to disable the "obtain IP information from provider." when you enabled dns.

Is your computer automatically getting asigned an ip address now?

Can you provide the contents of resolv.conf and /etc/hosts files, as that should give us a good starting point to figure out what's wrong.

I was helping a friend with a problem that sounded very similar to this. He could ping the nameserver but couldn't resolve any addresses, just as you described. We found your problem description here before we found our solution. I'll post it in case it helps you.

For us the problem was ipchains. Prior to the RH8 upgrade, he had selected IP firewalling with ipchains. RedHat 8 didn't upgrade that feature correctly. It preserved the ipchains settings in place which deny inbound UDP packets, but not the code in /etc/sysconfig/network-scripts/ifup-post which was adding a hole in the firewall for the nameservers listed in /etc/resolv.conf.

There are several ways to solve this. I couldn't find a GUI tool to modify ipchains (which I think may only be available during RH installation or disappeared in RH8) so I used the ipchains command line utilities. The HOWTO is at http://www.netfilter.org/ipchains/HOWTO.html . You need to enable UDP Port 53 (DNS) packets to come into your machine, at least from your nameserver if not the whole Net.

As root, add a line like this to /etc/sysconfig/ipchains before the REJECT lines.

-A input -s 0.0.0.0/0.0.0.0 53:53 -d 0.0.0.0/0.0.0.0 1025:65535 -p 17 -j ACCEPT

and then run "/sbin/service ipchains start"

There may be a GUI-based solution we hadn't considered. But this got the job done for us.

ikluft - you are apparently correct! Of course the whole system knew I was onto a solution so it took a few minutes for emacs to start up just so I could try it (and no, emacs usually blinks into existence as fast as anything on my machine).

I added the line (above the REJECT line which includes udp), did the command, and I could immediately ping using DNS.

Thanks much!