LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-19-2010, 06:45 AM   #1
kraig22
LQ Newbie
 
Registered: Feb 2010
Posts: 10

Rep: Reputation: 0
Can't connect to ".fr" domains


Hi,

I'm on Debian Lenny/Gnome 2.22.3

Whatever the web browser I try, I can't connect to ".fr" websites.
ping and dig do nothing
dig : connection timed out; no servers could be reached
ping: unknown host google.fr

I still can access any other domain name with absolutely no problem.

What am I supposed to configure to allow .fr too ? Is it a DNS problem or something ?
Please tell me if any of you need more informations about this issue.
 
Old 02-19-2010, 07:06 AM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,885

Rep: Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608
Hi,

How long is this happening?
What gives:
Code:
dig +trace lemonde.fr
 
Old 02-19-2010, 07:10 AM   #3
cantab
Member
 
Registered: Oct 2009
Location: England
Distribution: *buntu, Vector
Posts: 499

Rep: Reputation: 102Reputation: 102
It is most likely that this is a problem with your ISP.
 
Old 02-19-2010, 07:37 AM   #4
kraig22
LQ Newbie
 
Registered: Feb 2010
Posts: 10

Original Poster
Rep: Reputation: 0
It's happening since remote fresh install.

Here's the result :


Code:
~$ dig +trace lemonde.fr

; <<>> DiG 9.5.1-P3 <<>> +trace lemonde.fr
;; global options:  printcmd
.                       153505  IN      NS      E.ROOT-SERVERS.NET.
.                       153505  IN      NS      K.ROOT-SERVERS.NET.
.                       153505  IN      NS      F.ROOT-SERVERS.NET.
.                       153505  IN      NS      A.ROOT-SERVERS.NET.
.                       153505  IN      NS      J.ROOT-SERVERS.NET.
.                       153505  IN      NS      H.ROOT-SERVERS.NET.
.                       153505  IN      NS      D.ROOT-SERVERS.NET.
.                       153505  IN      NS      G.ROOT-SERVERS.NET.
.                       153505  IN      NS      I.ROOT-SERVERS.NET.
.                       153505  IN      NS      M.ROOT-SERVERS.NET.
.                       153505  IN      NS      L.ROOT-SERVERS.NET.
.                       153505  IN      NS      C.ROOT-SERVERS.NET.
.                       153505  IN      NS      B.ROOT-SERVERS.NET.
;; Received 500 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms

fr.                     172800  IN      NS      C.NIC.fr.
fr.                     172800  IN      NS      B.EXT.NIC.fr.
fr.                     172800  IN      NS      F.EXT.NIC.fr.
fr.                     172800  IN      NS      D.EXT.NIC.fr.
fr.                     172800  IN      NS      E.EXT.NIC.fr.
fr.                     172800  IN      NS      A.NIC.fr.
fr.                     172800  IN      NS      D.NIC.fr.
fr.                     172800  IN      NS      G.EXT.NIC.fr.
;; Received 432 bytes from 192.33.4.12#53(C.ROOT-SERVERS.NET) in 81 ms

dig: couldn't get address for 'C.NIC.fr': not found

I'm not sure about this ISP issue, because no one else seems to complain about it. I guess my configuration is the cause.

Thnx
 
Old 02-19-2010, 08:11 AM   #5
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,885

Rep: Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608
That's weird. What's in /etc/resolv.conf?
Check also with:
Code:
dig lemonde.fr +trace +all +recurse
dig lemonde.fr @208.67.222.222
 
Old 02-19-2010, 08:27 AM   #6
kraig22
LQ Newbie
 
Registered: Feb 2010
Posts: 10

Original Poster
Rep: Reputation: 0
Precision : Lenny has been installed and network configured by OVH. They're supposed not to configure anything else. I configured bind9 (and it works) and that's it. No particular rules in iptables... Maybe my weird resolv.conf will tell something?

Content of resolv.conf :
Code:
:~$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
dig lemonde.fr +trace +all +recurse
Gives :

Code:
~$ dig lemonde.fr +trace +all +recurse

; <<>> DiG 9.5.1-P3 <<>> lemonde.fr +trace +all +recurse
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43888
;; flags: qr ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 14

;; QUESTION SECTION:
;.                              IN      NS

;; ANSWER SECTION:
.                       150779  IN      NS      E.ROOT-SERVERS.NET.
.                       150779  IN      NS      M.ROOT-SERVERS.NET.
.                       150779  IN      NS      J.ROOT-SERVERS.NET.
.                       150779  IN      NS      B.ROOT-SERVERS.NET.
.                       150779  IN      NS      F.ROOT-SERVERS.NET.
.                       150779  IN      NS      H.ROOT-SERVERS.NET.
.                       150779  IN      NS      A.ROOT-SERVERS.NET.
.                       150779  IN      NS      I.ROOT-SERVERS.NET.
.                       150779  IN      NS      L.ROOT-SERVERS.NET.
.                       150779  IN      NS      K.ROOT-SERVERS.NET.
.                       150779  IN      NS      C.ROOT-SERVERS.NET.
.                       150779  IN      NS      D.ROOT-SERVERS.NET.
.                       150779  IN      NS      G.ROOT-SERVERS.NET.

;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET.     448305  IN      A       198.41.0.4
A.ROOT-SERVERS.NET.     448305  IN      AAAA    2001:503:ba3e::2:30
B.ROOT-SERVERS.NET.     448305  IN      A       192.228.79.201
C.ROOT-SERVERS.NET.     448305  IN      A       192.33.4.12
D.ROOT-SERVERS.NET.     448305  IN      A       128.8.10.90
E.ROOT-SERVERS.NET.     448305  IN      A       192.203.230.10
F.ROOT-SERVERS.NET.     448305  IN      A       192.5.5.241
F.ROOT-SERVERS.NET.     448305  IN      AAAA    2001:500:2f::f
G.ROOT-SERVERS.NET.     448305  IN      A       192.112.36.4
H.ROOT-SERVERS.NET.     448305  IN      A       128.63.2.53
H.ROOT-SERVERS.NET.     448305  IN      AAAA    2001:500:1::803f:235
I.ROOT-SERVERS.NET.     448305  IN      A       192.36.148.17
J.ROOT-SERVERS.NET.     237179  IN      A       192.58.128.30
J.ROOT-SERVERS.NET.     237179  IN      AAAA    2001:503:c27::2:30

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Feb 19 14:17:58 2010
;; MSG SIZE  rcvd: 500

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40624
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 8, ADDITIONAL: 13

;; QUESTION SECTION:
;lemonde.fr.                    IN      A

;; AUTHORITY SECTION:
fr.                     172800  IN      NS      a.nic.fr.
fr.                     172800  IN      NS      b.ext.nic.fr.
fr.                     172800  IN      NS      c.nic.fr.
fr.                     172800  IN      NS      d.ext.nic.fr.
fr.                     172800  IN      NS      d.nic.fr.
fr.                     172800  IN      NS      e.ext.nic.fr.
fr.                     172800  IN      NS      f.ext.nic.fr.
fr.                     172800  IN      NS      g.ext.nic.fr.

;; ADDITIONAL SECTION:
a.nic.fr.               172800  IN      A       192.93.0.129
b.ext.nic.fr.           172800  IN      A       192.228.90.21
c.nic.fr.               172800  IN      A       192.134.0.129
d.ext.nic.fr.           172800  IN      A       204.152.184.85
d.nic.fr.               172800  IN      A       194.0.9.1
e.ext.nic.fr.           172800  IN      A       193.176.144.6
f.ext.nic.fr.           172800  IN      A       194.146.106.46
g.ext.nic.fr.           172800  IN      A       204.61.216.39
a.nic.fr.               172800  IN      AAAA    2001:660:3005:3::1:1
c.nic.fr.               172800  IN      AAAA    2001:660:3006:4::1:1
d.ext.nic.fr.           172800  IN      AAAA    2001:4f8:0:2::8
d.nic.fr.               172800  IN      AAAA    2001:678:c:1::1
g.ext.nic.fr.           172800  IN      AAAA    2001:500:14:6039:ad::1

;; Query time: 20 msec
;; SERVER: 193.0.14.129#53(K.ROOT-SERVERS.NET)
;; WHEN: Fri Feb 19 14:17:58 2010
;; MSG SIZE  rcvd: 434

dig: couldn't get address for 'a.nic.fr': not found

And dig lemonde.fr @208.67.222.222
Gives :

Code:
$ dig lemonde.fr @208.67.222.222

; <<>> DiG 9.5.1-P3 <<>> lemonde.fr @208.67.222.222
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52934
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;lemonde.fr.                    IN      A

;; ANSWER SECTION:
lemonde.fr.             600     IN      A       195.154.120.129

;; Query time: 21 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Fri Feb 19 14:19:33 2010
;; MSG SIZE  rcvd: 44
 
Old 02-19-2010, 08:42 AM   #7
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,885

Rep: Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608
Since you're using your own nameserver, check (or post here) its configuration, flush cache and try again:
Code:
dig lemonde.fr
In the meantime you can use opendns (208.67.222.222) and/or google (8.8.8.8)
 
Old 02-19-2010, 10:01 AM   #8
kraig22
LQ Newbie
 
Registered: Feb 2010
Posts: 10

Original Poster
Rep: Reputation: 0
Checked all and it's ok... Still working on it. Could my bind9 configuration be in conflict with resolvconf ?

Code:
$ dig lemonde.fr

; <<>> DiG 9.5.1-P3 <<>> lemonde.fr
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 31001
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;lemonde.fr.                    IN      A

;; Query time: 5 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Feb 19 15:59:56 2010
;; MSG SIZE  rcvd: 28
 
Old 02-19-2010, 10:20 AM   #9
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,885

Rep: Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608
How it's ok since you get a SERVFAIL. How did you setup bind? Is is a caching or a forwarding config?
Could you post named.conf?
 
Old 02-19-2010, 10:34 AM   #10
kraig22
LQ Newbie
 
Registered: Feb 2010
Posts: 10

Original Poster
Rep: Reputation: 0
It SEEMS ok I meant since named-checkconf report no errors. I know there is a problem somewhere.

Here is named.conf

Code:
$ cat /etc/bind/named.conf
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";

// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};

include "/etc/bind/named.conf.local";
Now named.conf.options :
Code:
$ cat /etc/bind/named.conf.options
options {
        directory "/var/cache/bind";

        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.

         forwarders {
                213.186.33.199;
         };

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { ::1; };
        listen-on { any; };
        allow-recursion {127.0.0.1;213.186.33.199;};
        notify yes;
};
(where 213.186... is the secondary DNS )

And named.conf.local :
Code:
$ cat /etc/bind/named.conf.local
//
// Do any local configuration here
//
zone "mydomain.com" {
        type master;
        file "/etc/bind/db.mydomain.com";
};

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
Any advice ?

Last edited by kraig22; 02-19-2010 at 11:58 AM.
 
Old 02-19-2010, 10:42 AM   #11
kraig22
LQ Newbie
 
Registered: Feb 2010
Posts: 10

Original Poster
Rep: Reputation: 0
Btw with the forwarders you can see in my last post :

Code:
$ dig lemonde.fr

; <<>> DiG 9.5.1-P3 <<>> lemonde.fr
;; global options:  printcmd
;; connection timed out; no servers could be reached
and ...
Code:
; <<>> DiG 9.5.1-P3 <<>> yahoo.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59511
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 7, ADDITIONAL: 2

;; QUESTION SECTION:
;yahoo.com.                     IN      A

;; ANSWER SECTION:
yahoo.com.              21600   IN      A       209.131.36.159
yahoo.com.              21600   IN      A       209.191.93.53
yahoo.com.              21600   IN      A       69.147.114.224

;; AUTHORITY SECTION:
yahoo.com.              172800  IN      NS      ns2.yahoo.com.
yahoo.com.              172800  IN      NS      ns3.yahoo.com.
yahoo.com.              172800  IN      NS      ns1.yahoo.com.
yahoo.com.              172800  IN      NS      ns8.yahoo.com.
yahoo.com.              172800  IN      NS      ns6.yahoo.com.
yahoo.com.              172800  IN      NS      ns4.yahoo.com.
yahoo.com.              172800  IN      NS      ns5.yahoo.com.

;; ADDITIONAL SECTION:
ns6.yahoo.com.          172800  IN      A       202.43.223.170
ns8.yahoo.com.          172800  IN      A       202.165.104.22

;; Query time: 247 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Feb 19 16:43:58 2010
;; MSG SIZE  rcvd: 233
Still looking for answers on the net and on the server...

Last edited by kraig22; 02-19-2010 at 10:45 AM.
 
Old 02-19-2010, 10:46 AM   #12
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,885

Rep: Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608
Ditch forwarders and see what happens
 
Old 02-19-2010, 10:55 AM   #13
kraig22
LQ Newbie
 
Registered: Feb 2010
Posts: 10

Original Poster
Rep: Reputation: 0
I thought I gave your last idea a try and I didn't. Now it works...

Code:
; <<>> DiG 9.5.1-P3 <<>> lemonde.fr
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15214
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;lemonde.fr.                    IN      A

;; ANSWER SECTION:
lemonde.fr.             600     IN      A       195.154.120.129

;; AUTHORITY SECTION:
lemonde.fr.             28800   IN      NS      nsa.bookmyname.com.
lemonde.fr.             28800   IN      NS      nsc.bookmyname.com.
lemonde.fr.             28800   IN      NS      nsb.bookmyname.com.

;; ADDITIONAL SECTION:
nsa.bookmyname.com.     172800  IN      A       88.191.249.135
nsb.bookmyname.com.     172800  IN      A       217.24.82.34
nsc.bookmyname.com.     172800  IN      A       195.154.228.229

;; Query time: 414 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Feb 19 16:51:56 2010
;; MSG SIZE  rcvd: 160
Could you please explain me how ? And do I have to keep forwarders commented ? Actually I don't really get how it works, that's why I posted in the newbie section. Cause I am.

Thanks anyway.
 
Old 02-19-2010, 11:36 AM   #14
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,885

Rep: Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608Reputation: 1608
Forwarding works like this:
When you query your dns, it will forward the query first to the forwarder(s) and if it does not find an answer, then your dns will try to do it by itself.
Since you have setup caching (that is the hint "." zone) you don't need any forwarders.

Glad to see it works now. You can mark the thread as "solved" using the thread tools

Cheers
 
1 members found this post helpful.
Old 02-19-2010, 11:56 AM   #15
kraig22
LQ Newbie
 
Registered: Feb 2010
Posts: 10

Original Poster
Rep: Reputation: 0
Thanx a lot for your time and help =)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to specify "myorigin" for virtual domains in postfix??? haariseshu Linux - Server 2 11-20-2009 12:07 AM
"Domains" with custom .conf and modified DocumentRoot needs email makenoiz Linux - Server 1 07-26-2008 08:30 PM
system commands like "ls" says "cannot connect to database" Rams3377 Debian 8 11-20-2007 11:01 AM
re "cant connect to internet using suse10" and "will this work?" beejayess Linux - Newbie 12 07-11-2006 03:16 PM
User Manager for Domains "for Linux" labr@ Linux - Software 0 07-02-2003 01:35 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:46 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration