The most likely problem is that you have been issued a bogus name server
address by DHCP or you have a good one but you can't access it. First
you should check the order in which nslookups are done in
/etc/nsswitch.conf and be certain that DNS is the first choice. Then
doing an nslookup or dig will either do the right thing or report that
it cannot get a name for the name server address.
If the problem is in DHCP then it will spread to other machines. If the
name server address is correct but you cannot access it check your
routing tables and try a traceroute to the name server to ensure that
you can get to it. It never hurts to check /etc/resolv.conf either. If
the machine has been hacked the file may not be writeable and DHCP
client won't be able to write to it. With Linux there are a lot of
things to check so besides doing cat and ls do a lsattr on the file. All
of the attributes should be off. While you're at it do a netstat -r to
check the route to the name server (usually the default route).
John Cornelius
McGuffey, David C. wrote:
A few days ago, a workstation in a lab stopped doing DNS lookups to
support connectivity to SMTP, POP, and web services. As I think back,
the behavior started in close proximity in time to a stunnel update.
Checked the usual locations and all seems to be ok. /etc/resolv.conf,
/etc/nsswitch.conf, /etc/host and /etc/networks files look ok. Running
ifconfig in a terminal shows that DHCP on the boundary firewall gave it
a good address, netmask, and gateway. The machine still serves up an
ext3 partition via samba to some windowze machines on the 192.168.1.0
network, and still prints to two network printers via cups (same
192.168.1.0 network), so it is not a hardware problem. The two other
windowze machines on the network can reach the web via Firefox, but the
fedora 7 box won't, so I don't believe it is a firewall problem (nothing
has changed there).
As a last resort, I executed the normal windowze solution...a reboot.
That did not solve the problem.
Lights on the local 8-port switch don't seem to indicate any network
traffic when an nslookup command is issued. I don't believe it is
issuing DNS requests through the gateway to the dns server...but will
confirm with tshark later today/this evening.
Any ideas?
Dave McGuffey
Principal Information System Security Engineer // NSA-IEM, NSA-IAM
SAIC, IISBU, Columbia, MD
------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG.
Version: 8.0.100 / Virus Database: 270.2.0/1495 - Release Date: 6/10/2008 5:11 PM
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list