Lost DNS lookup

John Cornelius jc at hangarpilot.net
Fri Jun 13 23:16:36 UTC 2008 

The most likely problem is that you have been issued a bogus name server 
address by DHCP or you have a good one but you can't access it. First 
you should check the order in which nslookups are done in 
/etc/nsswitch.conf and be certain that DNS is the first choice. Then 
doing an nslookup or dig will either do the right thing or report that 
it cannot get a name for the name server address.

If the problem is in DHCP then it will spread to other machines. If the 
name server address is correct but you cannot access it check your 
routing tables and try a traceroute to the name server to ensure that 
you can get to it. It never hurts to check /etc/resolv.conf either. If 
the machine has been hacked the file may not be writeable and DHCP 
client won't be able to write to it. With Linux there are a lot of 
things to check so besides doing cat and ls do a lsattr on the file. All 
of the attributes should be off. While you're at it do a netstat -r to 
check the route to the name server (usually the default route).

John Cornelius

McGuffey, David C. wrote:
> A few days ago, a workstation in a lab stopped doing DNS lookups to
> support connectivity to SMTP, POP, and web services.  As I think back,
> the behavior started in close proximity in time to a stunnel update.
>
> Checked the usual locations and all seems to be ok.  /etc/resolv.conf,
> /etc/nsswitch.conf, /etc/host and /etc/networks files look ok.  Running
> ifconfig in a terminal shows that DHCP on the boundary firewall gave it
> a good address, netmask, and gateway. The machine still serves up an
> ext3 partition via samba to some windowze machines on the 192.168.1.0
> network, and still prints to two network printers via cups (same
> 192.168.1.0 network), so it is not a hardware problem. The two other
> windowze machines on the network can reach the web via Firefox, but the
> fedora 7 box won't, so I don't believe it is a firewall problem (nothing
> has changed there).
>
> As a last resort, I executed the normal windowze solution...a reboot.
> That did not solve the problem.
>
> Lights on the local 8-port switch don't seem to indicate any network
> traffic when an nslookup command is issued.  I don't believe it is
> issuing DNS requests through the gateway to the dns server...but will
> confirm with tshark later today/this evening.
>
> Any ideas?
>
> Dave McGuffey
> Principal Information System Security Engineer // NSA-IEM, NSA-IAM
> SAIC, IISBU, Columbia, MD
>
>
>   
> ------------------------------------------------------------------------
>
>
> No virus found in this incoming message.
> Checked by AVG. 
> Version: 8.0.100 / Virus Database: 270.2.0/1495 - Release Date: 6/10/2008 5:11 PM
>

More information about the fedora-list mailing list