[SOLVED] Lost connection with ALL workstations on LAN

mfoley · 05-01-2017, 12:51 PM

I am running Slackware64 14.2 and BIND 9.10.4-P6 in an office LAN. This morning a bit after 8:00AM one user called and said he'd lost Internet access and access to the local shared drive. About 2 hours later another user called, same thing. By shortly after noon 3 more users were having the same problem, but another 3 were accessing Internet and LAN resources OK. I rebooted the DNS server and now nobody has any access at all.

I suspect DNS. I did make a change a couple of days ago to add an 'A' record, but I can't see how that would have done this. I will experiment with restoring the zone file from a couple of days ago.

Here is the interesting wrinkle. Upon restart of named I get the following logged message:

Code:

May  1 12:49:08 mail named[1666]: managed-keys-zone: loaded serial 0
May  1 12:49:08 mail named[1666]: zone 127.in-addr.arpa/IN: loaded serial 1
May  1 12:49:08 mail named[1666]: zone 0.168.192.in-addr.arpa/IN: loaded serial 379
May  1 12:49:08 mail named[1666]: zone hprs.local/IN: loaded serial 2014137944
May  1 12:49:09 mail named[1666]: zone localhost/IN: loaded serial 2
May  1 12:49:09 mail named[1666]: all zones loaded

The zone for hprs.local has serial # 2014137944, yet the zone file I modified: /var/lib/samba/private/dns/hprs.local.zone has serial # 2014134046. I made 2 separate changes to this file and changed the serial number each time. However, the named log output indicates it is getting a zone file with serial 2014137944. How can that be? I suspect this is part of the problem.

From the DNS server, I can get the IP of any host, but cannot ping:

Code:

$ host dbserver
dbserver.hprs.local has address 192.168.0.4

$ ping dbserver
PING dbserver.hprs.local (192.168.0.4) 56(84) bytes of data.
From mail.hprs.local (192.168.0.2) icmp_seq=1 Destination Host Unreachable
From mail.hprs.local (192.168.0.2) icmp_seq=2 Destination Host Unreachable
From mail.hprs.local (192.168.0.2) icmp_seq=3 Destination Host Unreachable
From mail.hprs.local (192.168.0.2) icmp_seq=4 Destination Host Unreachable

The DNS server can resolve IPs for external domains, e.g. yahoo.com.

No workstation on the LAN can connect to external domains, nor can they ping the DNS server or any other host in the LAN.

This is super urgent! Any ideas would be greatly appreciated!!!

more info ...

I'm now getting messages like:

Code:

May  1 13:57:55 mail named[1666]: client 169.254.84.196#64091 (COMMON.hprs.local):  query 'COMMON.hprs.local/SOA/IN' denied

where hosts like COMMON are local LAN hosts. Why are they being denied?

mfoley · 05-01-2017, 01:29 PM

Part of issue resolved. The serial numbers on the zone file were not correct because named was looking in /etc/samba/private/dns instead of the ones I modified in /var/lib/samba/private/dns. This was a result of Slackware changing the location of samba files from Samba version 4.2.14 to 4.4.8. This bit me before. Now when I restart named I do get the correct serial number in the log.

However, I still cannot ping LAN hosts and LAN workstation still cannot connect to the Internet.

mfoley · 05-01-2017, 04:04 PM

My problem was that several days ago I had commented out a static IP definition in /etc/dhcpd.conf, but left a '#' off the front of one line. Therefore, my dhcpd deamon was failing to start. As the workstation leases expired (I assume) there was no DHCPD running and they could not obtain a new IP. I fixed the dhcpd.conf and restarted the daemon. If I had looked in /var/log/syslog I would have seen the error.