Linux DNS resolution problem with cable ISP

[PDexter]

Linux newbie question.

I just installed RH9 on a system. I am using a small personal router and have a private NAT'd network behind it which the new linux box is a part of. (I do not want the Linux box to be the router)

The router gets a DHCP address from my cable ISP. In general it is working. I can ping everywhere including the DNS server of the ISP, howerver, I am not getting name resolution. e.g. I cannot get to or ping

http://www.google.com

but if I put in google's IP address into my browser it works.

The content of resolve.conf is simply:
nameserver 68.35.172.5

Everything works on my Windows systems and I'm sure the IP of the DNS server is correct. For some reason the Linux system won't talk with the ISPs DNS server.

Is there something I'm missing in my Linux setup?

Thanks in advance for any help.

 

[danielhozac]

Are you running a firewall on the Linux box? Try [tt]iptables -F[/tt] as [tt]root[/tt] to see if that's causing your problems.

//Daniel

 

[PDexter]

When I installed I set the firewall to medium. During troubleshooting I turned off the firewall via the gui but that didn't make any difference.

iptables -L didn't show anything.

Performed iptables -F but the DNS problem is still there.

Thanks.

 

[danielhozac]

If you use [tt]nslookup[/tt], what error does it give you when you perform a lookup?

//Daniel

 

[PDexter]

nslookup for

http://www.google.com

provides the following:

server: 68.53.172.5
address: 68.35.172.5#53

Non-authoritative answer:
Name:

http://www.google.com

Address: 216.239.39.99


So it is resolving but ping and the browser aren't using the address that's returned......

I can type the address into the browser and I can get to google.

Thanks again for the ideas.

 

[danielhozac]

That is really odd.
So the situation is like this (correct me if I'm wrong):
You can resolve names manually.
You can browse and ping by IP.
You can not browse and ping by name.

I'm not sure if [tt]nslookup[/tt] uses internal libraries to query DNS servers or if it uses libc's functions. What does your [tt]/etc/host.conf[/tt] and [tt]/etc/nsswitch.conf[/tt] (only the line beginning with [tt]hosts:[/tt]) say?

//Daniel

 

[PDexter]

Yes, you described the situation correctly.
When I try to ping or browse a name if times out. (unknown host) When I ping or browse by actual IP address it's successful.

etc/hosts contains the following:

127.0.0.1 DiabloRH localhost.localdomain localhost


DiabloRH is the host name.

etc/nsswitch.conf contains the following under #hosts section:

hosts: files dns


Thanks again. Agreed this is strange. I'm loading another system to see how it comes up.

 

[PDexter]

I loaded a completely different system, a laptop, and it has exactly the same problem.

Is it possible my ISP can tell the OS from the DNS request and doesn't respond well to Linux? (that doesn't make sense though since the nslookup returns the IP)

 

[danielhozac]

That looks good. I am out of ideas...
I don't think the ISP would do that (and as you said, you are able to resolve names with [tt]nslookup[/tt]).

//Daniel

 

[mbodempudi]

Hi,

on your firewall machine what is the defalut policy says.

if it says drop for input , output and use the following commands to set input and output to ACCEPT

#iptables -P INPUT ACCEPT
#iptables -P OUTPUT ACCEPT

see if this helps

 

[enorbet]

Hello
I don't mean to backtrak but I'd like to know more about your router setup and perhaps I have a workaround or at least a diagnostic help until you resolve what appears to be a DHCP issue on your intranet and only with linux dhcp client ( since Windows DHCP resolves DNS calls correctly ). So firstly is it correct that you are using DHCP from your router out to Internet and also DHCP inward to your intranet?

DHCP client software can be very different in that some will only work if they are given the Gateway address and absolutely nothing else. Others require Gateway and Primary and Secondary DNS. Still others will fill in whatever you don't provide.

Can you ping directly from your router? I assume that must work whether providing name or IP since the router end DHCP must be functioning if any of the intranet works and your windows end does. So, as a workaround diagnostic, can you change your router's secondary interface from DHCP to fixed such as 192.168.168.100 and allow a range of say, 192.168.168.100 - 192.168.168.120 and assign say f00.110 to doze and f00.120 to the linux box and specify the ISP's DNS, both primary and secondary with f00.100 as the intranet Gateway? ( I'm assuming separate doze and linux boxes not a dual boot. In a dual boot they could have the same address since both are never online at one time ) With assigned addresses and assigned DNS Linux should be forced to work at the very least to be able to ping the doze box and vice versa. You could keep this arrangement or you could gather info from each system once connected ( such as the contents of "host.conf" as well as "resolv.conf" or possibly even Hostname ) and when returned to DHCP discover what is missing or altered. This should lead you to either a missing parameter or one too many. I know this may sound odd but it is true that it is possible to specify too much with some DHCP clients and I'm unfamiliar w/ RH9 and quite familiar w/ Windows DHCP which is as automatic as it gets. Speaking of which I just recaled that Knoppix Live CD ( bootable OS on a CD ) has been able to connect default through any cable modem or router I have ever tried it on and that's about a dozen now which shows it is possible for some DHCP clients to have zero info given. Some can detect it all and are fux0red by adding any.

Jimmy