HPE Community
Operating System - HP-UX
1834150 Members
3534 Online
110064 Solutions
New Discussion

Cannot resolv internet names

 
SOLVED
Go to solution
PSS SYS ADMIN
Super Advisor

‎07-31-2003 04:16 AM

‎07-31-2003 04:16 AM

Cannot resolv internet names

Hi everyone,
I've 2 internal DNS servers, primary and secondary, that are configurated to resolve the internet names using 2 root server.
The problem is that the resolution of the internet names, like www.hp.com, sometimes it goes and sometimes not.
When the resolution doesn't go nothing appears on the root server logs. It seems that the dns server doesn't try to reach the root servers.

Any help there?

Regards
PSS
0 Kudos
Reply
14 REPLIES 14
Steven E. Protter
Exalted Contributor

‎07-31-2003 04:21 AM

‎07-31-2003 04:21 AM

Re: Cannot resolv internet names

Few possibilities.

1) ISP not providing good service.
2) Networking issues between root dns server and isp or secondary servers and root dns server
3) Severs not configured properly to share information
4) Firewall blocking port 53(DNS)

Tests

1) traceroute to and from all the servers traceroute to the external dns server. What happens may provide you some data. Note that if you can't traceroute to your external dns sever, you cant resolve names outside your own local network or wan.

2) Interactive nslookup

nslookup
www.hp.com

See what the response is.

Post anything that can help us track down the problem.

Please let us know if your problem is solved.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Ron Kinner
Honored Contributor

‎07-31-2003 05:56 AM

‎07-31-2003 05:56 AM

Re: Cannot resolv internet names

Just to add to Steven's reply. Try
nslookup -d2 www.hp.com. >>tempfile

This will put the whole sequence of queries and responses/timeouts in tempfile so you can review them. The dot after hp.com tells it that this is a fully qualified domain name and not to try tacking on your local domain name (which would I think just add to the confusion)- you can try it without the dot and see the difference.


Ron

PS Paranoid network admins are turning off responses to traceroute and ping so a failed traceroute may not prove anything. If it does work tho then you will know how the packet gets where it wants to go. If you try it several times and it goes different ways then there may be a routing problem somewhere probably caused by a flapping interface (goes up and down very often).
0 Kudos
Reply
Suresh Patoria
Super Advisor

‎07-31-2003 11:05 PM

‎07-31-2003 11:05 PM

Re: Cannot resolv internet names

Hi,

u put the dns entry of ur Internet localservervice provider in /etc/resolv.conf

then u try,

Thanx

0 Kudos
Reply
PSS SYS ADMIN
Super Advisor

‎08-06-2003 12:58 AM

‎08-06-2003 12:58 AM

Re: Cannot resolv internet names

Steven:

1) The forwardes are successfully used to resolve the internet names by the secondary DNS server.
2) The telnet "forwarder" 53 is successful and net admin says that the port 53 tcp/udp is open in both ways
3)Gimme more info, please
4)Firewall is totally open on the port 53

Ron:
in attachment the debug with the result of the command nslookup -d2 www.hp.com

Suresh:
no way, this not resolved the question

0 Kudos
Reply
PSS SYS ADMIN
Super Advisor

‎08-06-2003 01:06 AM

‎08-06-2003 01:06 AM

Re: Cannot resolv internet names

A new element.
I've tried this on the dns server:

>nslookup
>server "IP_OF_FORWARDER"
>www.hp.com

The result was successfull.
This it means that the network connection between the dns server and the forwarder is fully functional.

0 Kudos
Reply
Massimo Bianchi
Honored Contributor

‎08-06-2003 01:06 AM

‎08-06-2003 01:06 AM

Re: Cannot resolv internet names

Hi,
i'm not very strong in DNS, but i feel strange this:

QUESTION:
www.hp.com.localdomain.it

Why is localdomain.it appended to the query ?
I think there may be a mismatch in some config files.

Massimo
0 Kudos
Reply
U.SivaKumar_2
Honored Contributor

‎08-06-2003 01:07 AM

‎08-06-2003 01:07 AM

Re: Cannot resolv internet names

Hi,

I hope you have not turned off rescursion in any of your root servers or primary servers.

regards,

U.SivaKumar
Innovations are made when conventions are broken
0 Kudos
Reply
U.SivaKumar_2
Honored Contributor

‎08-06-2003 01:30 AM

‎08-06-2003 01:30 AM

Re: Cannot resolv internet names

Hi,

pl show me your /etc/resolv.conf in your clients using DNS servers.

also show your named.conf of ur primary and secondary server.

regards,

U.SivaKumar
Innovations are made when conventions are broken
0 Kudos
Reply
PSS SYS ADMIN
Super Advisor

‎08-06-2003 02:07 AM

‎08-06-2003 02:07 AM

Re: Cannot resolv internet names

Massimo:
OK, this is strange but I don't know why it happens


U.SivaKumar:
There's no named.conf because the bind version is 4.9.7. I have only the named.boot that cannot show you because of reserved info embedded in it.
The /etc/resolv.conf on the primary DNS appears like that:
domain localdomain.it
nameserver IP_OF_THE_PRIMARY_DNS_SERVER
nameserver IP_OF_THE_SECONDARY_DNS_SERVER
On the secondary DNS appears like that:
domain localdomain.it
nameserver IP_OF_THE_SECONDARY_DNS_SERVER
nameserver IP_OF_THE_PRIMARY_DNS_SERVER




0 Kudos
Reply
U.SivaKumar_2
Honored Contributor

‎08-06-2003 02:25 AM

‎08-06-2003 02:25 AM

Re: Cannot resolv internet names

Hi,

Few modifications

nameserver IP_OF_THE_PRIMARY_DNS_SERVER
nameserver IP_OF_THE_SECONDARY_DNS_SERVER

On the secondary DNS appears like this:

nameserver IP_OF_THE_SECONDARY_DNS_SERVER
nameserver IP_OF_THE_PRIMARY_DNS_SERVER

see if the problem comes now.



IF NEEDED ONLY :
search localdomain.it
nameserver IP_OF_THE_PRIMARY_DNS_SERVER
nameserver IP_OF_THE_SECONDARY_DNS_SERVER

On the secondary DNS appears like this:
search localdomain.it
nameserver IP_OF_THE_SECONDARY_DNS_SERVER
nameserver IP_OF_THE_PRIMARY_DNS_SERVER

regards,

U.SivaKumar








Innovations are made when conventions are broken
0 Kudos
Reply
PSS SYS ADMIN
Super Advisor

‎08-06-2003 04:43 AM

‎08-06-2003 04:43 AM

Re: Cannot resolv internet names

U.SivaKumar:
I've done the modification you've suggested with no success.

0 Kudos
Reply
Ron Kinner
Honored Contributor

‎08-06-2003 06:46 AM

‎08-06-2003 06:46 AM

Re: Cannot resolv internet names

From the file you posted:

timeout
timeout
timeout
timeout
SendRequest failed

Indicates no response from the DNS after 4 tries. Possible network error, DNS down.

Can you ping the DNS?

Could be your gateway is sometimes not responding to pings and is being killed off by the dead gateway detection.

Could also be a bottleneck in the network where packets are being dropped because another connection has filled up the queue.

Check
lanadmin
lan
display

to see if you are getting a lot of errors because of a bad cable, bad NIC, bad port, or duplex mismatch.

look at netstat -s to see if you have a lot of retransmissions.

Don't worry about the attempt to find www.hp.com.localdomain.it. That is normal when you leave off the . at the end. It will try adding the local domain to see if it is a local system.

Ron
0 Kudos
Reply
Mark Greene_1
Honored Contributor

‎08-06-2003 06:51 AM

‎08-06-2003 06:51 AM

Solution

Re: Cannot resolv internet names

How old is your cache file? If you are using the file you get with 4.9, you need to update it. dns.org has links to suggested cache file templates.

mark
the future will be a lot like now, only later
Reply
PSS SYS ADMIN
Super Advisor

‎08-06-2003 11:06 PM

‎08-06-2003 11:06 PM

Re: Cannot resolv internet names

Thank you Mark, the problem was in the cache file!
Now the DNS is fully functional.

Regards...
PSS
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.