On Fri, 05 Jul 2019 11:36:19 +0930 Tim via users <users@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > You could test whether its your service provider or your router > blocking that traffic. Set the router to use 8.8.8.8 as its DNS > server, and see if it can still resolve names. Use the dig command > with the @ portion set to the router's IP. Try and resolve a name it > won't have an already cached answer for. > > If the router is the problem, look for its firewall settings. I set the dns resolver in the router to 8.8.8.8. """ $ dig example.com @8.8.8.8 ; <<>> DiG 9.11.8-RedHat-9.11.8-1.fc31 <<>> example.com @8.8.8.8 ;; global options: +cmd ;; connection timed out; no servers could be reached """ """ ~ 10:27 AM stan 4 $ dig example.com @192.168.0.1 ; <<>> DiG 9.11.8-RedHat-9.11.8-1.fc31 <<>> example.com @192.168.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16103 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;example.com. IN A ;; ANSWER SECTION: example.com. 20760 IN A 93.184.216.34 ;; Query time: 31 msec ;; SERVER: 192.168.0.1#53(192.168.0.1) ;; WHEN: Fri Jul 05 10:27:25 MST 2019 ;; MSG SIZE rcvd: 56 """ Same results with 1.1.1.1 if I set it as the dns resolver in the router. I see that the router is using the set dns forwarders by watching the transactions in iftop. I then restarted the bind/named server, told it that its forwarder was 192.168.0.1, the router, and """ $ dig rootusers.com @1.1.1.1 ; <<>> DiG 9.11.8-RedHat-9.11.8-1.fc31 <<>> rootusers.com @1.1.1.1 ;; global options: +cmd ;; connection timed out; no servers could be reached """ But, if I do the dig using the router address, it succeeds even with the dns resolver set to 127.0.0.1 for the connection and bind/named running as dns server: """ $ dig rootusers.com @192.168.0.1 ; <<>> DiG 9.11.8-RedHat-9.11.8-1.fc31 <<>> rootusers.com @192.168.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7887 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1452 ;; QUESTION SECTION: ;rootusers.com. IN A ;; ANSWER SECTION: rootusers.com. 633 IN A 104.24.126.122 rootusers.com. 633 IN A 104.24.127.122 ;; Query time: 22 msec ;; SERVER: 192.168.0.1#53(192.168.0.1) ;; WHEN: Fri Jul 05 10:55:48 MST 2019 ;; MSG SIZE rcvd: 74 """ Why doesn't the bind/named server forward the name for resolution to the router that is its forwarder? I think these results means that it is the router that is doing the filtering rather than the ISP. True? > On Linux, and elsewhere, most things expect localhost and 127.0.0.1 to > resolve into each other in both directions. And they are the After reboot, the local name has returned to localhost.localdomain, so it must have been something transient. _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
