LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-26-2018, 06:44 PM   #1
byebyemrgates
Member
 
Registered: Nov 2017
Location: Blue Mountains, Australia!
Distribution: Mint 19
Posts: 150

Rep: Reputation: Disabled
Question Is my DNS working - can someone help troubleshoot?


Hi there again, wonderful Linux world! Here is another question from a bona fide newbie and overall IT "dummy" .. please bear with me ...
I already asked a similar question in the past, but I don't think we got anywhere.
Maybe someone who has time can just look mover all this and pint me in the right direction.
It seems to me that my DNS thingo is not functioning correctly - but it is intermittent. Sometimes (but too often for my liking) a website would not load (Firefox showing a little flag "looking up www. google.com" in bottom l.h. corner", then goes to message "Hmmm... we are having trouble finding that site..."). Also, email client (Evolution) at that same time cannot connect to the server and gives the message "failed to resolve name" or something like that).
So I really don't what I am talking about - but is it a DNS issue?
I am posting the output of a few commands. Interestingly to me, the ping 127.0.1.1 command output just keeps on going forever it seems, like it just keeps pinging non-stop? When I close the terminal, it says that a command is still running, do you want to kill it... but maybe it's normal.
Other details: Linux Mint XFCE
I have a modem/router supplied by ISP with DHCP turned off
To it I connected another modem/router Lan to Lan, with DHCP enabled and DNS set to Open DNS (I did all this because the DNS setting on ISP's router is locked, but I want to use OpenDNS). When everything is working, Open DNS website confirms that I am using their server.
There is another headless PC with Windows 10 connected to same network. I am also running NoMachine app on both to connect them. ISP's modem also has VoIp.
So, is there a way to futther troubleshoot it all?
thank you!!
Attached Thumbnails
Click image for larger version

Name:	ip addr show.png
Views:	29
Size:	82.5 KB
ID:	27086   Click image for larger version

Name:	less  etc resolv.conf.png
Views:	18
Size:	81.8 KB
ID:	27087   Click image for larger version

Name:	ping 127011.png
Views:	22
Size:	65.2 KB
ID:	27088  
 
Old 02-26-2018, 07:33 PM   #2
allend
LQ 5k Club
 
Registered: Oct 2003
Location: Melbourne
Distribution: Slackware-current
Posts: 5,277

Rep: Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919
Quote:
I have a modem/router supplied by ISP with DHCP turned off
This is a bad move. If the connection to the ISP resets, you need the DHCP to get a new IP address. It probably causes that "Hmm ..." message, like I see when my interface is not properly configured.
If you do not want to use your ISP DNS services, then you will need to point your computers to use the DNS supplied by your second router.

Last edited by allend; 02-26-2018 at 08:35 PM. Reason: Err- Add not to the last line.
 
1 members found this post helpful.
Old 02-26-2018, 08:25 PM   #3
scasey
Senior Member
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.6
Posts: 3,796

Rep: Reputation: 1278Reputation: 1278Reputation: 1278Reputation: 1278Reputation: 1278Reputation: 1278Reputation: 1278Reputation: 1278Reputation: 1278
Yes, if you mean that you turned off the DHCP used to get an IP from your ISP, that is indeed bad, and would cause the DNS problem as well, since you want to use the DNS of your ISP to resolve domain names.

If you mean that you turned of the DHCP server in the router so that it no longer provides IP addresses to your attached computers/devices, then you must tell each computer what DNS server to use to resolve domain name. Again, that should be the DNS servers of your ISP, or you can use Google's at 8.8.8.8.
See the man pages referenced at the top of the file.

(all of which, I just realized, echos what allend said)

ping on linux will continue forever unless you specify how many times.
Code:
man ping
Aside: If you copy/paste from the terminal into [code] tags when you post instead of using screen shots, it's easier for us to review what you're posting.
 
1 members found this post helpful.
Old 02-26-2018, 10:18 PM   #4
byebyemrgates
Member
 
Registered: Nov 2017
Location: Blue Mountains, Australia!
Distribution: Mint 19
Posts: 150

Original Poster
Rep: Reputation: Disabled
Thank you, everyone!

Just to clarify - on the second router, where I have DHCP on, I also specified the DNS servers I want.
And so it works - I am using Open DNS servers, according to their website. It is just that I have this intermittent annoying glitch.

So - should I just turn the DHCP server on the first router back on?
Whatever happens - I want to continue using OpenDNS, which I am using now, according to their website.

Can someone explain what allend said here:
"If you do not want to use your ISP DNS services, then you will need to point your computers to use the DNS supplied by your second router."

To follow what he said, I used "Network Connections' Gui, added DNS servers I want there.
Also added the nameservers I want in the gui "network settings"
Was that right?
How can I check which DNS server my Linux PC is pointing to?
When i use "dig" command, it just shows 127.0.1.1 as the server - but I know I am using open DNS... Why does it show 127.0.1.1?
Thanks!

Last edited by byebyemrgates; 02-26-2018 at 11:19 PM.
 
Old 02-27-2018, 07:39 AM   #5
Soadyheid
Senior Member
 
Registered: Aug 2010
Location: Near Edinburgh, Scotland
Distribution: Cinnamon Mint 17.3 (Netbook) and 18.3 (Desktop)
Posts: 1,422

Rep: Reputation: 338Reputation: 338Reputation: 338Reputation: 338
Quote:
Why does it show 127.0.1.1?
this is the loopback address of your system (or anybody's for that matter!). Pinging it just confirms your internal network works.

The ping command in Linux/Unix systems will go on forever unlike Windows which only sends four requests if I remember correctly. You use <Ctrl>C to stop it.

Play Bonny!

 
1 members found this post helpful.
Old 02-27-2018, 08:23 AM   #6
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177
Ordinarily, routers provide DHCP services to the internal network. (And, they usually employ DHCP to obtain their public IP-address from the ISP.)

To my way of thinking, it is extremely logical for a router to perform this service.

Standard console commands include dig and nslookup.

You can use "TCP/IP sniffers" such as tcpdump or (I prefer ...) WireShark™ to watch the interaction between a DHCP server and a device. You will see a "broadcast" being sent by the device, asking for a DHCP server to respond, and then you'll see the subsequent exchange. (Sniffers routinely include a set of standard filter-sets, including this one, to quickly isolate the packets of interest.) If you're having problems of this sort, a "packet sniffer" is a standard way to very-quickly diagnose it.

Last edited by sundialsvcs; 02-27-2018 at 08:24 AM.
 
1 members found this post helpful.
Old 02-27-2018, 08:55 AM   #7
allend
LQ 5k Club
 
Registered: Oct 2003
Location: Melbourne
Distribution: Slackware-current
Posts: 5,277

Rep: Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919Reputation: 1919
Quote:
How can I check which DNS server my Linux PC is pointing to?
Look at the contents of /etc/resolv.conf
 
1 members found this post helpful.
Old 02-27-2018, 10:21 AM   #8
michaelk
Moderator
 
Registered: Aug 2002
Posts: 19,034

Rep: Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892
As I tried to explain in your other thread Mint uses dnsmasq to cache DNS queries which is why you see 127.0.1.1 in your /etc/resolv.conf command versus opendns or your router's IP address. dnsmasq stores the upstream DNS in its configuration files.

https://wiki.archlinux.org/index.php/Dnsmasq

NetworkManager works with dnsmasq and allows you to configure DNS independent of the DHCP server. There is no requirement that the DHCP server needs to run on the same physical device as the gateway or use the ISPs DNS.

Does the Windows PC exhibit the same problems?

I don't remember what configuration files you changed in your other thread.
 
1 members found this post helpful.
Old 02-27-2018, 11:32 AM   #9
Soadyheid
Senior Member
 
Registered: Aug 2010
Location: Near Edinburgh, Scotland
Distribution: Cinnamon Mint 17.3 (Netbook) and 18.3 (Desktop)
Posts: 1,422

Rep: Reputation: 338Reputation: 338Reputation: 338Reputation: 338
Quote:
Look at the contents of /etc/resolv.conf
Interesting, my system gives:
Code:
~ $ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.1.1
which is the local loop back. Hmmm...

I had to log in to my router to find the DNS server being used.

Play Bonny!

 
Old 02-27-2018, 03:29 PM   #10
byebyemrgates
Member
 
Registered: Nov 2017
Location: Blue Mountains, Australia!
Distribution: Mint 19
Posts: 150

Original Poster
Rep: Reputation: Disabled
Question

Quote:
Originally Posted by michaelk View Post
As I tried to explain in your other thread Mint uses dnsmasq to cache DNS queries which is why you see 127.0.1.1 in your /etc/resolv.conf command versus opendns or your router's IP address. dnsmasq stores the upstream DNS in its configuration files.

NetworkManager works with dnsmasq and allows you to configure DNS independent of the DHCP server. There is no requirement that the DHCP server needs to run on the same physical device as the gateway or use the ISPs DNS.
.
Thank you all, especially michaelk!
So, things are getting clear and I have these, hopefully, last, questions, that I hope someone (especially michaelk) can answer:

1. So, as I understood - I can set DNS settings in the router (they are in the DHCP server settings) and I can set it in the PC (in /etc/resolv.conf). How can I make sure that when I use a browser, I use the settings of the PC (since I can't change the ones in the router, locked by ISP)?

2. If I edit /etc/resolv.conf (which I realized I can do through gui "Network Settings") - if edit it to only have the DNS server addresses I need and delete 127.0.1.1 - would that ensure my PC uses those DNS addresses I want?

3. Extra general knowledge question: Why are DNS settings of the browser located in the DHCP settings? What does DHCP has to do with DNS?
Thanks!!
 
Old 02-27-2018, 04:09 PM   #11
michaelk
Moderator
 
Registered: Aug 2002
Posts: 19,034

Rep: Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892Reputation: 2892
When a computer is configured to use DHCP, network settings are not stored but received as part of the protocol or negotiation process. The typical information received is IP address/netmask, gateway address and DNS name servers.

DNS is not only used by a web browser but by any TCP/IP process that accesses the internet like finding available updates, ntp (network time protocol), ping command etc. DNS (Domain Name Service) is basically the Yellow pages (US reference) of the internet.

These days NetworkManager and other automatic configuration utilities write to the /etc/resolv.conf file so editing by hand is not recommended any more. Using the applet or other utilities is the preferred method. Although you can configure them to not overwrite the file.
 
1 members found this post helpful.
Old 02-27-2018, 04:13 PM   #12
scasey
Senior Member
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.6
Posts: 3,796

Rep: Reputation: 1278Reputation: 1278Reputation: 1278Reputation: 1278Reputation: 1278Reputation: 1278Reputation: 1278Reputation: 1278Reputation: 1278
Quote:
Originally Posted by byebyemrgates View Post
3. Extra general knowledge question: Why are DNS settings of the browser located in the DHCP settings? What does DHCP has to do with DNS?
Thanks!!
I'm guessing you meant DNS settings of the router yes?
My router says they're optional, but they are there so you can specify to use different DNS servers than that provided by your ISP. I note on mine that they only appear to affect the IP addresses the DHCP server in the router is serving, so they won't affect static IP addresses on the LAN
 
1 members found this post helpful.
Old 02-27-2018, 04:25 PM   #13
byebyemrgates
Member
 
Registered: Nov 2017
Location: Blue Mountains, Australia!
Distribution: Mint 19
Posts: 150

Original Poster
Rep: Reputation: Disabled
Thank you!
Still, my question remains:
How can I make sure that when I use a browser, I use the DNS settings of the PC and NOT of the router(since I can't change the ones in the router, locked by ISP)?

Here is my last experiment:
1. Got rid of 2nd router, plug everything into 1st one (ISP's)
2. Reinstated DHCP server on that router
3. Changed DNS server settings to OpenDNS in the /etc/resolv.conf (using gui), deleted 127.0.1.1 and just left 208.67.222.222 (Open DNS)

(DNS settings are locked in the ISP's browser, there is no way to change them. But I was hoping I will use the DNS I set in the PC's settings.)

SO, after these changes
- when I $ dig google.com, it shows me that the Dns server is 208.67.222.222 - that's good ...
OpenDNS site shows that I am using OpenDNS - that's good...
BUT! BUT! BUT! When I actually access, via a browser, a site that I BLOCKED in my OpenDNS user account (I blocked porn sites, for example) - it just goes right in! As if it is not blocked by OpenDNS! What is the story?!

It did not happen with my first set-up (with two routers). So I now reinstated that first set-up and - it blocks the sites...
Does anyone (michaelk in particular, as the apparently most knowledgeable party) have any idea what's happening?
Thanks!

Last edited by byebyemrgates; 02-27-2018 at 05:07 PM.
 
Old 03-03-2018, 02:06 AM   #14
byebyemrgates
Member
 
Registered: Nov 2017
Location: Blue Mountains, Australia!
Distribution: Mint 19
Posts: 150

Original Poster
Rep: Reputation: Disabled
Ok, everyone, probably my last post was in "too hard basket", and I understand why. BUT - since then I have done more work, so here is another question (and please tell me if I should have started a new thread with this one):
With the help of OpenDNS support team, I have worked out that, somehow, something is closing, intermittently, ports 443 and 5353 (more info below)
So, my question - HOW CAN I FIND OUT WHAT APP IS CLOSING THEM AND WHY?
I know it is not GUFW because it happens with it is turned off.
In the GUFW report, is lists in the "report" tab: UPD6 protocol, port 5353, address *, application avahi-daemon
I can't find any documentation showing what the "report" tab in GUFW is actually showing.
MORE INFO if you are interested:
the OpenDNS support got me to run this commands:

nslookup -type=txt debug.opendns.com. 208.67.222.222 -port=443
nslookup -type=txt debug.opendns.com. 208.67.222.222 -port=5353

when the issue I described was happening, these returned:

;; connection timed out; no servers could be reached

but when everything was OK, they returned this:

bekor@Lab1 ~ $ nslookup -type=txt debug.opendns.com. 208.67.222.222 -port=443
Server: 208.67.222.222
Address: 208.67.222.222#443

Non-authoritative answer:
debug.opendns.com text = "server m33.syd"
debug.opendns.com text = "flags 20 0 50 39500007E00400014C3"
debug.opendns.com text = "originid 55659598"
debug.opendns.com text = "actype 2"
debug.opendns.com text = "bundle 9077860"
debug.opendns.com text = "source 123.243.37.178:36245"

Last edited by byebyemrgates; 03-03-2018 at 06:36 AM.
 
Old 03-03-2018, 09:09 PM   #15
selfprogrammed
Member
 
Registered: Jan 2010
Location: Minnesota, USA
Distribution: Slackware 13.37, 14.2
Posts: 387

Rep: Reputation: 81
DNS is cached by a number of entities.
You could even have a DNS server running on your machine (and not be aware of it) that is caching DNS entries.
Each DNS server will check its cache, and when it does not find the name, will bounce the request to another DNS server, up until it reaches the host site.
There are some commands


> dig badsite.com +trace
- large printout of all DNS servers queried.
- the very last line will show you who supplied the address
- if it fails to find the site, then it could be the browser caching the address ? maybe
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to troubleshoot if 'suspend' not working rng Linux - General 17 07-21-2017 12:43 AM
Cron stopped working - How do I troubleshoot? mufy AIX 1 04-11-2010 03:33 AM
sound quits working after upgrade..how to troubleshoot? adrianmariano Linux - Software 33 06-22-2009 09:26 AM
How to troubleshoot configuration errors on dns master server ? Revathi17 Linux - Newbie 1 05-21-2009 06:53 AM
can any Troubleshoot the DNS er_gaurav22 Linux - Server 3 08-31-2006 08:23 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 06:06 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration