HPE Community
Operating System - HP-UX
1833440 Members
2995 Online
110052 Solutions
New Discussion

Name resolution

 
Sundar_7
Honored Contributor

‎06-30-2004 11:47 AM

‎06-30-2004 11:47 AM

Name resolution

Here is something that I am finding strange - thought may be you folks can help me understand.

11i System - with named version 8.1.2

root@TESTMACHINE: (/root)> uname -r
B.11.11
root@TESTMACHINE: (/root)>
root@TESTMACHINE: (/root)> what /usr/sbin/named | tail -1
named 8.1.2 Tue Feb 15 06:58:53 GMT 2000
root@TESTMACHINE: (/root)>

Added a fake entry for NOHOST in /etc/hosts file

root@TESTMACHINE: (/root)> grep NOHOST /etc/hosts
10.10.10.20 hpoclin hptest hpoclin NOHOST
root@TESTMACHINE: (/root)>

No nsswitch.conf file- have a valid resolv.conf file

root@TESTMACHINE: (/root)> ls -lrt /etc/nsswitch.conf /etc/resolv.conf
/etc/nsswitch.conf not found
-rw------- 1 root sys 189 Jun 29 16:21 /etc/resolv.conf
root@TESTMACHINE: (/root)>

as per the nsquery output, the default policy is to return if not found in DNS

root@TESTMACHINE: (/root)> nsquery hosts NOHOST

No policy for hosts in nsswitch.conf.
Using "dns [NOTFOUND=return TRYAGAIN=return] nis [NOTFOUND=return] files" for the hosts policy.

Searching dns for NOHOST
The Name Service is currently to busy to respond

Switch configuration: Terminates Search
root@TESTMACHINE: (/root)>

nslookup policy contradicts the nsquery output - as per nslookup, the policy is to CONTINUE
If not found in DNS - nslookup resolves the entry I added to /etc/hosts.

root@TESTMACHINE: (/root)> nslookup
Default Name Server: r03.r.com
Address: 10.10.10.40

> policy
#Lookups = 3
dns [RCCC] nis [RCCC] files [RRRR]
> NOHOST
Name Server: r03.r.com
Address: 10.10.10.40

Trying DNS
Name: NOHOST.dew.roche.com

Trying NIS
looking up FILES
Name: hpoclin
Address: 10.10.10.20
Aliases: hptest, hpoclin, NOHOST

> exit
root@TESTMACHINE: (/root)>

ping successfully resolves the hostname and pings it. As per the
nsquery output, ping should not have been able to resolve the hostname

root@TESTMACHINE: (/root)> ping NOHOST
PING hpoclin: 64 byte packets
64 bytes from 10.10.10.20: icmp_seq=0. time=0. ms

----hpoclin PING Statistics----
1 packets transmitted, 1 packets received, 0% packet loss
round-trip (ms) min/avg/max = 0/0/0
root@TESTMACHINE: (/root)>
Learn What to do ,How to do and more importantly When to do ?
0 Kudos
Reply
11 REPLIES 11
KapilRaj
Honored Contributor

‎06-30-2004 02:12 PM

‎06-30-2004 02:12 PM

Re: Name resolution

Sunder,

I think , when u do not have nsswitch.conf system resolves in this order

nis,files,dns i experienced this in AIX

Regds,

Kaps
Nothing is impossible
0 Kudos
Reply
D Block 2
Respected Contributor

‎06-30-2004 03:05 PM

‎06-30-2004 03:05 PM

Re: Name resolution

It seems, DNS is timing-out, too many tries, for the Alias entry "NOHOST".

I wonder...
try: traceroute -i 10.10.10.20
have you try'ed the Full DNS name ?

NOHOST.XXX.COM ?

most likely, this Alias is NOT in DNS, so it will fall out to NIS, then to FILES.

I would take out NIS, if your not using.

Also, try using FILES first, rather than spinning your wheels with DNS, NIS, than FILES.

some minor thoughts are:

try: traceroute NOHOST
try: ping hpoclin

also, not the "arp" for reporting the mac address.

you might try to clear out the ARP tables, then do the same sequence of attempts, ping, nslookup etc.

also, is the NOHOST really an Alias ?

10.10.10.20 hpoclin hptest hpoclin NOHOST

-
Golf is a Good Walk Spoiled, Mark Twain.
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

‎06-30-2004 03:27 PM

‎06-30-2004 03:27 PM

Re: Name resolution

Sundar,

One of the following could be the culprits.

1. Your nsquery is not completely passing the DNS. So, we cannot rule out DNS.
2. Same case with nslookup.

Turn off your named completely and take out your resolv.conf and try again and see if it exhibits the same behaviour. If not, then

3. I believe your ping is not doing as it is supposed to.

Check which ping you are using - My ping is

-r-sr-xr-x 1 root bin 32768 Dec 2 2003 /usr/sbin/ping


30625 64 /usr/sbin/ping (sum)

/usr/sbin/ping:
ping.c $Date: 2002/10/09 04:10:25 $Revision: r11.11/5 PATCH_11.11 (PHNE_27989)
ping.c $Revision: 1.8.119.5 $ $Date: 98/07/23 14:27:01 $


-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Cesare Salvioni
Trusted Contributor

‎07-01-2004 02:36 AM

‎07-01-2004 02:36 AM

Re: Name resolution

maybe i'm getting wong, but i can't see anything working wrong. I mean that if u don't have a nsswith.conf policy for host resolving the default policy is:
RCCC
success return
notfound continue
unavail continue
tryagain continue
as from ur output
so when u try to resolv something notfound in DNS (first try) it falls down to NIS (second try) and then to FILES and find it.
Seems to me completely correct since in HP these are the defaults for the resolving calls.
The ping MUST work as u CAN resolve the hostname.
0 Kudos
Reply
RAC_1
Honored Contributor

‎07-01-2004 02:45 AM

‎07-01-2004 02:45 AM

Re: Name resolution

"DNS server too busy" this messages makes me think that something is wrong here.

How about adding retrans and retry options explicitely yo /etc/resolv.conf and trying it??

man 4 resolver for details.
You can also try
nsquery hosts NOHOST dns
nsquery hosts NOHOST hosts

Anil
There is no substitute to HARDWORK
0 Kudos
Reply
Jan Sladky
Trusted Contributor

‎07-01-2004 03:48 AM

‎07-01-2004 03:48 AM

Re: Name resolution

hi Sundar,

It seems on your client side is everything ok,
I suspect some problem on DNS side (busy, down, .. ?), but ...

remove dns from nsswitch.conf and try again, according to result you will recognize where is the problem - nsswitch.conf definition or on DNS

ability of ping to resolve host is ok, because it has taken name from /etc/hosts,where the nsquery haven't come.

br Jan
GSM, Intelligent Networks, UNIX
0 Kudos
Reply
Sundar_7
Honored Contributor

‎07-01-2004 05:23 AM

‎07-01-2004 05:23 AM

Re: Name resolution

Kapil - If there is no nsswitch.conf, the resolution order is DNS NIS FILES

Tom - My DNS servers are perfectly fine. Look at the nslookup command, my DNS server is responding promptly

root@TESTMACHINE: (/root)> nslookup
Default Name Server: r03.r.com
Address: 10.10.10.40

Sri - I am not running named in my client and the DNS server is the corporate DNS server that I have no control over.

root@TESTMACHINE: (/root)> what `which ping`
/usr/sbin/ping:
$Revision: B.11.11_LR
Thu Oct 26 23:25:29 PDT 2000 $
ping.c $Revision: 1.8.119.5 $ $Date: 98/07/23 14:27:01 $
root@TESTMACHINE: (/root)> ls -lrt `which ping`
-r-sr-xr-x 1 root bin 24576 Nov 14 2000 /usr/sbin/ping
root@TESTMACHINE: (/root)>

Anil - My DNS servers are perfectly healthy

Jan - no issues with my DNS server
Learn What to do ,How to do and more importantly When to do ?
0 Kudos
Reply
Mel Burslan
Honored Contributor

‎07-01-2004 06:25 AM

‎07-01-2004 06:25 AM

Re: Name resolution

For no particular reason, I have seen in some bizzare instances, adding an option to the

dns [NOTFOUND=return TRYAGAIN=return] nis [NOTFOUND=return] files

directive as

FOUND=return

where necessary, changing the behavior of name resolutions. I can not articulate why or how but I have seen it and as a test, I presume this will not hurt anything at the least if you try.

Cheers.
________________________________
UNIX because I majored in cryptology...
0 Kudos
Reply
RAC_1
Honored Contributor

‎07-01-2004 07:14 AM

‎07-01-2004 07:14 AM

Re: Name resolution

Sundar,

nsquery is oding what it is supposed to do and nslookup is doing what it is supposed to do.

Default pociy for nsquery --
"dns [NOTFOUND=return TRYAGAIN=return] nis [NOTFOUND=return] files"

So nsquery does not find HOHOST in dns and does NOTFOUND=return.

nslookup policy
#Lookups = 3
dns [RCCC] nis [RCCC] files [RRRR]
> NOHOST

It starts looking for NOHOSTS.. If successfully return else continue for NOTFOUND= continue, UNAVAIL= continue
TRYAGAIN=continue (Denoted by RCCC), same for nis (RCCC) and then for hosts file. Where it find and returns giving you detail.

Read man page of nslookup carefully. Particulary policy section.

So nslookup is doing what it is supposed to and nsquery is doing what it is supposed to do

Anil


There is no substitute to HARDWORK
0 Kudos
Reply
Sundar_7
Honored Contributor

‎07-01-2004 11:41 AM

‎07-01-2004 11:41 AM

Re: Name resolution

Anil,

I understand nsquery and nslookup are doing what they are supposed to do but I am concerned that ping/telnet are doing what they are NOT supposed to do :-)

nsquery tells you the name resoultion being used - with NOTFOUND=return for DNS, I would expect ping to fail.
Learn What to do ,How to do and more importantly When to do ?
0 Kudos
Reply
Cesare Salvioni
Trusted Contributor

‎07-02-2004 04:24 AM

‎07-02-2004 04:24 AM

Re: Name resolution

In my opinion, but i'm really not sure, ping, telnet and ALL services using standard resolving calls use default policy as NSLOOKUP not nsquery, so i expect ping to work.

For what i know the only one which could not work is sendmail which has a switching and resolving mechanism slightly different

At least this is what i usually see on hpux machines, but i never read carefully the manuals about hpux internals.

By the way ... nice discussion anyway :-))
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.