[ale] dig works, ping doesn't ( was [ale] DNS lookups slooowwww.....)

Keith Hopkins hne at inetnow.net
Tue Oct 23 11:59:11 EDT 2001


pardon my inane ramblings, but
John Wells wrote:

> I am trying to get my machine's DNS server configured
> properly.  The machine has two cards, one for internal
> network and one for the external net (T1 line to
> internet).  I want queries for my internal domain to
> resolve via our internal DNS server, and for sites
> like ale.com or kernel.org to resolve through two
> external servers (38.2.3.4, 38.2.3.5)
> 
> The machine's name is fireman.  So in /etc/resolv.conf
> I have:
> 
> search internalnet.com
> nameserver fireman
> nameserver internalnameserver
> 
> In /etc/nsswitch.conf, I have 
> 
> hosts: files dns
> 
> In /etc/named.conf, I have:
> 
> options {
>     forward only;
>     forwarders {38.2.3.4;38.2.3.5;};
> };
> 
> With this configuration, dig and nslookup work great
> for both internal and external sites.  Ping works on
> internal sites.  However, if I try to ping an external
> host I get and "unknown host" error.  If I try to
> access an external site through Mozilla, I get the
> same.  
> 
> I know it's probably a simple misconfiguration, but I
> can't find it.  Can anyone help?  Thanks!
> 
> John
> 
> 


Clarify some things for my poor tired head....

How many machines do you have?  3?  (fireman, internalnameserver, workstation)

Rule1: named ignores nsswitch.conf, resolv.conf, and hosts.
Rule2: configure nsswitch.conf, resolv.conf and hosts properly on the workstation.
Rule3: nslookup does not work like ping.  ping uses gethostbyname lib, nslookup does things it's own way.
Rule4: if a name server responds (fireman) but does not return a name, the lookup does NOT continue to the next nameserver in the list (internalnameserver).  It only goes to the next server, if the first server does not respond at all (is down).

You might also try putting [notfound=CONTINUE] between "files" and "dns" in your nsswitch.conf.

What is in the hosts file on your workstation?
What is in the resolv.conf on your workstation?
What is in the nsswitch.conf on your workstation?


If I'm reading this wrong, and you only have one machine (then why do you have two NICs?)...why do you have both fireman and internalnameserver in your resolv.conf?

If you have an old version of the OS, update your libs.  I seem to recall the gethostbyname lib was partly broken back the in 2.0 kernel days.

Lost in Tokyo,
   Keith


-- 
"hne at inetnow.net" Copyright 1996-2001.  Not for distribution without express permission.


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list