DNS? 1

[litton1]

This a bit of a long-winded problem and I don’t know if I am in the right forum (so if you can suggest a better one please do) because I don’t know what causing the problem? Here goes, the basic problem is that when browsing the net I can sometimes see a site such as apache.org (cant this morning) but I cannot view a site such as httpd.apache.org., i can always see tek-tips.com or google.co.uk now I am guessing that this is a DNS problem? My setup is as follows: I have a adsl modem connecting me to the Internet that then connects on my side to an Ipcop home built router/firewall via Ethernet this goes to a hub and the hub connects to the rest of the network. All computers on the network have the same problem. Any suggestions appreciated

Binary Intelligence, true or false?

 

[thedaver]

can you sit at a linux prompt and type
"dig

http://www.apache.org",

"dig

http://www.google.co.uk",

"dig

http://www.cisco.com",

"dig

http://www.amazon.co.uk",

etc. and get responses consistently?

You could have two troubles:

1) The DNS resolver you are using is busy or slow to respond which is resulting in intermittent timeouts of DNS lookups.
2) Your network connection has physical faults.

D.E.R. Management - IT Project Management Consulting

http://www.dermanagement.com/

 

[litton1]

thanks for you reply
the result of the apache dig is

# dig [URL unfurl="true"]www.apache.org[/URL]

; <<>> DiG 9.2.4 <<>> [URL unfurl="true"]www.apache.org[/URL]
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27030
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;[URL unfurl="true"]www.apache.org.[/URL]                        IN      A

;; ANSWER SECTION:
[URL unfurl="true"]www.apache.org.[/URL]         1800    IN      A       192.87.106.226

;; Query time: 228 msec
;; SERVER: 4.2.2.1#53(4.2.2.1)
;; WHEN: Fri Jul  1 12:22:17 2005
;; MSG SIZE  rcvd: 48

which looks positive but the browser shows

An error occurred while loading

http://www.apache.org/:

Could not connect to host

http://www.apache.org.

what dose this mean?

Binary Intelligence, true or false?

 

[litton1]

I have now done a dig on them all and the response was similar.

Binary Intelligence, true or false?

 

[thedaver]

try "ping -c30

http://www.cisco.com"

and see if you're dropping packets.

D.E.R. Management - IT Project Management Consulting

http://www.dermanagement.com/

 

[litton1]

hmmmm well that is a mystery, every packet lossed but can still dig ok?

# ping -c30

http://www.apache.org

PING

http://www.apache.org

(192.87.106.226) 56(84) bytes of data.
From 192.168.2.4: icmp_seq=2 Destination Host Unreachable
From 192.168.2.4 icmp_seq=2 Destination Host Unreachable
From 192.168.2.4 icmp_seq=3 Destination Host Unreachable
From 192.168.2.4 icmp_seq=4 Destination Host Unreachable
From 192.168.2.4 icmp_seq=6 Destination Host Unreachable
From 192.168.2.4 icmp_seq=7 Destination Host Unreachable
From 192.168.2.4 icmp_seq=8 Destination Host Unreachable
From 192.168.2.4 icmp_seq=10 Destination Host Unreachable
From 192.168.2.4 icmp_seq=11 Destination Host Unreachable
From 192.168.2.4 icmp_seq=12 Destination Host Unreachable
From 192.168.2.4 icmp_seq=14 Destination Host Unreachable
From 192.168.2.4 icmp_seq=15 Destination Host Unreachable
From 192.168.2.4 icmp_seq=16 Destination Host Unreachable
From 192.168.2.4 icmp_seq=18 Destination Host Unreachable
From 192.168.2.4 icmp_seq=19 Destination Host Unreachable
From 192.168.2.4 icmp_seq=20 Destination Host Unreachable
From 192.168.2.4 icmp_seq=22 Destination Host Unreachable
From 192.168.2.4 icmp_seq=23 Destination Host Unreachable
From 192.168.2.4 icmp_seq=24 Destination Host Unreachable
From 192.168.2.4 icmp_seq=26 Destination Host Unreachable
From 192.168.2.4 icmp_seq=27 Destination Host Unreachable
From 192.168.2.4 icmp_seq=28 Destination Host Unreachable
From 192.168.2.4 icmp_seq=29 Destination Host Unreachable
From 192.168.2.4 icmp_seq=30 Destination Host Unreachable

---

http://www.apache.org

ping statistics ---
30 packets transmitted, 0 received, +24 errors, 100% packet loss, time 29002ms
, pipe 3
asml:~ # dig

http://www.apache.org

; <<>> DiG 9.2.4 <<>>

http://www.apache.org

;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23019
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;

http://www.apache.org.

IN A

;; ANSWER SECTION:

http://www.apache.org.

521 IN A 192.87.106.226

;; Query time: 91 msec
;; SERVER: 4.2.2.1#53(4.2.2.1)
;; WHEN: Fri Jul 1 21:46:19 2005
;; MSG SIZE rcvd: 48


Binary Intelligence, true or false?

 

[w1nn3r]

Try using an alternate set of DNS servers, you're not required to use your ISP's and I almost always refuse to. Instead try using 4.2.2.1, 4.2.2.2 and 4.2.2.3. These nameservers are second to none in my not so humble opinion. Also, what OS..redhat, mandrake, CentOS, SuSE? Do you have some sort of firewall running or a cronned firewall script that reloads at certain intervals?

 

[thedaver]

Yes, as w1nn3r has alluded to, it is possible that you don't have a DNS issue, but rather a connectivity issue.

My opinion is that you have a firewall or network route problem, or a physical network link problem.

DNS requests are based upon UDP if I recall correctly and utilize at least two potential sources for the same request. Thus it's likely that a physical problem might occur less often with DNS requests than with "normal" traffic.

However, given your dump of the ping to

http://www.cisco.com,

it's pretty clear that your network route to the destination is broken.

D.E.R. Management - IT Project Management Consulting

http://www.dermanagement.com/

 

[litton1]

Hi guys, thanks for your input on this issue that remains unsolved.

what OS..redhat, mandrake, CentOS, SuSE?

as I mentioned, this affects all computers on the network but the firewall to the network is ipcop.

Instead try using 4.2.2.1, 4.2.2.2 and 4.2.2.3.

as shown at the bottom of my previous post I already use 4.2.2.1 but this address is set at each machine? Not at the ipcop

However, given your dump of the ping to

http://www.cisco.com,

the ping was to apache.org, don’t know if this is relevant or not?

DNS requests are based upon UDP if I recall correctly and utilize at least two potential sources for the same request. Thus it's likely that a physical problem might occur less often with DNS requests than with "normal" traffic.

not sure I understand how a physical problem could affect this, please expand.


Binary Intelligence, true or false?

 

[litton1]

ok here is an example of what i mean
i can view apache.org but if you visit that page there is many sub domains on the left-hand side i.e. the top link is to httpd.apache.org and there are many other sub-domains. I cannot view any of these?

Binary Intelligence, true or false?

 

[thedaver]

OK, sorry I didn't pay attention, you pinged apache.org.


Please do
"dig

http://www.cisco.com"

and
"ping -c10

http://www.cisco.com"

and then a
"traceroute -n

http://www.cisco.com"

and then a
"route -n"

Post all that here.

You will be revealing private information about your network paths and configuration, but frankly without that data I'm not sure we can help you here.

D.E.R. Management - IT Project Management Consulting

http://www.dermanagement.com/

 

[litton1]

thanks for that trying now....
here is the result

# dig [URL unfurl="true"]www.cisco.com[/URL]

; <<>> DiG 9.2.4 <<>> [URL unfurl="true"]www.cisco.com[/URL]
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12214
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;[URL unfurl="true"]www.cisco.com.[/URL]                 IN      A

;; ANSWER SECTION:
[URL unfurl="true"]www.cisco.com.[/URL]          42497   IN      A       198.133.219.25

;; Query time: 96 msec
;; SERVER: 4.2.2.1#53(4.2.2.1)
;; WHEN: Tue Jul  5 19:44:09 2005
;; MSG SIZE  rcvd: 47

that is the dig

# ping -c10 [URL unfurl="true"]www.cisco.com[/URL]
PING [URL unfurl="true"]www.cisco.com[/URL] (198.133.219.25) 56(84) bytes of data.
64 bytes from [URL unfurl="true"]www.cisco.com[/URL] (198.133.219.25): icmp_seq=1 ttl=101 time=163 ms
64 bytes from [URL unfurl="true"]www.cisco.com[/URL] (198.133.219.25): icmp_seq=2 ttl=101 time=166 ms
64 bytes from [URL unfurl="true"]www.cisco.com[/URL] (198.133.219.25): icmp_seq=3 ttl=101 time=163 ms
64 bytes from [URL unfurl="true"]www.cisco.com[/URL] (198.133.219.25): icmp_seq=4 ttl=101 time=167 ms
64 bytes from [URL unfurl="true"]www.cisco.com[/URL] (198.133.219.25): icmp_seq=5 ttl=101 time=163 ms
64 bytes from [URL unfurl="true"]www.cisco.com[/URL] (198.133.219.25): icmp_seq=6 ttl=101 time=164 ms
64 bytes from [URL unfurl="true"]www.cisco.com[/URL] (198.133.219.25): icmp_seq=7 ttl=101 time=210 ms
64 bytes from [URL unfurl="true"]www.cisco.com[/URL] (198.133.219.25): icmp_seq=8 ttl=101 time=166 ms
64 bytes from [URL unfurl="true"]www.cisco.com[/URL] (198.133.219.25): icmp_seq=9 ttl=101 time=163 ms
64 bytes from [URL unfurl="true"]www.cisco.com[/URL] (198.133.219.25): icmp_seq=10 ttl=101 time=167 ms

--- [URL unfurl="true"]www.cisco.com[/URL] ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 9008ms
rtt min/avg/max/mdev = 163.204/169.705/210.530/13.692 ms

that is the ping and here comes the traceroute

# traceroute -n [URL unfurl="true"]www.cisco.com[/URL]
traceroute to [URL unfurl="true"]www.cisco.com[/URL] (198.133.219.25), 30 hops max, 40 byte packets
 1  192.168.2.1  0.388 ms   0.269 ms   0.332 ms
 2  * * *
 3  217.41.165.58  20.038 ms   22.196 ms   22.955 ms
 4  217.41.165.161  22.658 ms   22.141 ms   26.079 ms
 5  217.41.173.21  25.373 ms   25.136 ms   29.164 ms
 6  217.41.173.65  31.162 ms   32.943 ms   33.291 ms
 7  217.41.173.114  33.253 ms   36.810 ms   39.141 ms
 8  217.41.173.58  14.923 ms   13.867 ms   16.470 ms
 9  217.47.108.242  17.307 ms   21.177 ms   19.924 ms
10  194.72.2.181  25.330 ms   23.924 ms   25.269 ms
11  62.6.196.122  29.267 ms   30.291 ms   32.216 ms
12  62.6.204.29  36.093 ms   37.276 ms   40.781 ms
13  194.72.17.82  41.671 ms   43.323 ms   45.275 ms
14  166.49.168.33  47.282 ms   49.236 ms   48.290 ms
15  212.113.11.253  50.429 ms   52.392 ms   54.166 ms
16  4.68.124.65  53.787 ms   55.380 ms   56.147 ms
17  64.159.1.133  199.367 ms   199.392 ms 64.159.1.130  199.464 ms
18  4.68.123.105  192.465 ms 4.68.123.169  194.916 ms 4.68.123.41  195.105 ms
19  4.0.26.14  196.366 ms   198.312 ms   198.263 ms
20  128.107.239.9  197.994 ms   200.514 ms   202.376 ms
21  128.107.224.77  197.414 ms   200.347 ms   197.868 ms
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *

interpretations welcome

Binary Intelligence, true or false?

 

[thedaver]

This looks fine. Try it for something that doesn't work.

D.E.R. Management - IT Project Management Consulting

http://www.dermanagement.com/

 

[litton1]

i think this tells a different story

# dig httpd.apache.org

; <<>> DiG 9.2.4 <<>> httpd.apache.org
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43041
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;httpd.apache.org.              IN      A

;; ANSWER SECTION:
httpd.apache.org.       1800    IN      A       192.87.106.226

;; Query time: 354 msec
;; SERVER: 4.2.2.1#53(4.2.2.1)
;; WHEN: Tue Jul  5 22:26:58 2005
;; MSG SIZE  rcvd: 50

asml:~ # ping -c10 httpd.apache.org
PING httpd.apache.org (192.87.106.226) 56(84) bytes of data.
From 192.168.2.4: icmp_seq=2 Destination Host Unreachable
From 192.168.2.4 icmp_seq=2 Destination Host Unreachable
From 192.168.2.4 icmp_seq=3 Destination Host Unreachable
From 192.168.2.4 icmp_seq=4 Destination Host Unreachable
From 192.168.2.4 icmp_seq=6 Destination Host Unreachable
From 192.168.2.4 icmp_seq=7 Destination Host Unreachable
From 192.168.2.4 icmp_seq=8 Destination Host Unreachable
From 192.168.2.4 icmp_seq=9 Destination Host Unreachable
From 192.168.2.4 icmp_seq=10 Destination Host Unreachable

--- httpd.apache.org ping statistics ---
10 packets transmitted, 0 received, +9 errors, 100% packet loss, time 9000ms
, pipe 3
asml:~ # traceroute -n httpd.apache.org
traceroute to httpd.apache.org (192.87.106.226), 30 hops max, 40 byte packets
 1  * * *
 2  * * *
 3  * * *
 4  * * *
 5  * * *
 6  192.168.2.4(H!)  2969.486 ms (H!)  2967.499 ms (H!)  2965.498 ms

can you see this page?

Binary Intelligence, true or false?

 

[thedaver]

Works fine for me.
Please paste the output of the "route" and "route -n" output from your machine.

D.E.R. Management - IT Project Management Consulting

http://www.dermanagement.com/

 

[litton1]

sorry i dont understand, do you mean the traceroute? if yes then it is above at the end of my last post.

Binary Intelligence, true or false?

 

[thedaver]

No, I want to see the output of your "route" command, it is different from "traceroute". "route -n" and "route" will display the default routes out of your machine.

D.E.R. Management - IT Project Management Consulting

http://www.dermanagement.com/

 

[litton1]

o right never used that one kwl

# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
192.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         192.168.2.1     0.0.0.0         UG    0      0        0 eth0
asml:~ # route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
link-local      *               255.255.0.0     U     0      0        0 eth0
192.0.0.0       *               255.0.0.0       U     0      0        0 eth0
loopback        *               255.0.0.0       U     0      0        0 lo
default         192.168.2.1     0.0.0.0         UG    0      0        0 eth0

Binary Intelligence, true or false?

 

[thedaver]

Yeah, OK, that's the issue.
Your routing table is flawed for the 192.0.0.0 IP space.

192.168.0.0/16 is the private IP space you're using (with your ISP?) to provide private network connections by way of your gateway on 192.168.2.1

192.0.0.0/8 contains a number of valid IPs in the PUBLIC IP space (see results for dig httpd.apache.org).

I haven't taken a lot of time to figure this out, but you have a routing flaw that is trying to route PUBLIC 192.0.0.0/8 addresses to some network route that doesn't allow it.... Sorry I can't offer more for the money, but it's free help right?!

You should have something that says 192.168.0.0 is routed by eth0 device and that 192.168.2.1 is your default gateway for 0.0.0.0 Somewhere in your routing build this got hosed.

D.E.R. Management - IT Project Management Consulting

http://www.dermanagement.com/

 

[litton1]

hmm well you have done very well to narrow that down. you have done far better than I have. I am not sure i fully understand what you are saying but i get the jist of it.
I wonder if when I have set the gateway on each computer I have issued the wrong gateway or worse set a the gateway wrong on the actual computer (the ipcop). at the moment the ISDN internal IP is 10.0.0.1 this then connects to a computer that is the IPcop computer which has 2 Ethernet cards in it. The first 1 that connects to the isdn via Ethernet has an IP of 10.0.0.5 the second one that sends the connection of to the network is 192.168.2.1 and the other computers reside in that space i.e. 192.168.2.2 …198.162.2.3 ... and so on. But I bet that I have messed the gateway addressing up. I think I should take this to a network forum and see if it can be resolved there. Thank you for taking so much of your time and I give you a star for your continuous attempts in resolving this issue.

Binary Intelligence, true or false?