download cvsup?
Michael Powell
nightrecon at hotmail.com
Tue Oct 19 04:52:54 UTC 2010
Tim Dunphy wrote:
> Thanks guys! But to give more background the host in question IS
> networking, at this point I can ssh into and out of it.. I just can't
> resolve externally.
>
> [root at LBSD2:/usr/ports]#ifconfig
> bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
> options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
> ether 00:14:22:38:9e:eb
> inet6 fe80::214:22ff:fe38:9eeb%bge0 prefixlen 64 scopeid 0x1
> inet 192.168.1.44 netmask 0xffffff00 broadcast 192.168.1.255
> media: Ethernet autoselect (1000baseT <full-duplex>)
> status: active
^^^^^^^^^^^^^^^^^
OK - I see it is truly up.
> plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500
> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
> options=3<RXCSUM,TXCSUM>
> inet6 ::1 prefixlen 128
> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
> inet 127.0.0.1 netmask 0xff000000
> [root at LBSD2:/usr/ports]#
>
> Also the rest of the network is currently working. I am writing this
> to you from another machine on the same network as the bsd machien.
>
Even with IPv6 enabled things should still function even though IPv6 may not
actually be in use. Sometimes it happens with DNS lookups it will try
looking for an AAAA record first [IPv6], then time out and fall back to the
normal IPv4 A record. This will just show as a short wait period and
ultimately eventually resolves.
I suspect that you are not even getting this far and the problem is
something else. Just for the sake of simplifying things you could eliminate
IPv6 from the picture if you are truly not using it. However, I do not think
it is actually the cause (I could always be wrong here).
[snip - forgetting about csup and ports for now]
>
> Not sure how this might have cause this but I edited my fstab file
> with some nfs mounts like so:
>
> 192.168.1.44:/mnt/nas /mnt/nas nfs
> rsize=32768,wsize=32768,timeo=14,intr
> 192.168.1.44:/mnt/store /mnt/store nfs
> rsize=32768,wsize=32768,timeo=14,intr
> 192.168.1.44:/mnt/home /home nfs
> rsize=32768,wsize=32768,timeo=14,intr
This truly has me confused. In the above ifconfig output it is showing an IP
address assigned of 192.168.1.44 netmask 0xffffff00 broadcast 192.168.1.255.
What I do not understand at all is why you would be wanting to NFS mount
from 192.168.1.44 *to* 192.168.1.44, as indicated by the above fstab
entries.
Again, for the sake of simplification with divide and conquer, make sure all
mountd, rpcbind, nfs_server, and nfs_client daemons are deactivated.
Eliminate all things superfluous to troubleshooting the DNS problem. Once
DNS gets fixed you can add stuff back one at a time.
> And when I rebooted the host pretty much it all went haywire! LDAP,
> DNS, Apache, MySQL, and even ALL NETWORKING which normally started
> with the host stopped working. I now have to start each one by hand
> whatever I try I can't seem to resolve external hosts, tho.
>
> So I restored the fstab file from backup and still I am stuck not
> resolving.
Yes - leave fstab with no remote mounting/NFS stuff for now.
> /etc/resolv.conf looks ok to me so I would think I that I could ping
> out of the network. Sadly this is not the case!
You should be able to ping by IP any/all machines within your local network.
Sounds like this does work, but confirm and don't 'assume'. Next try and
ping by IP to a host out on the Internet. Since you cannot resolve any names
here is the IP to www.netbsd.org: 204.152.190.12. If you cannot ping by
IP out from your network to the outside you do not have basic gateway
connectivity working. If this is the case it will have to get fixed first.
> [root at LBSD2:/usr/ports]#cat /etc/resolv.conf
> domain summitnjhome.com
> nameserver 192.168.1.44
> nameserver 4.2.2.2
> [root at LBSD2:/usr/ports]#ping yahoo.com
> ping: cannot resolve yahoo.com: Host name lookup failure
If you are attempting this from the same machine as you are running BIND on,
it might be better for it's resolv.conf to look like this instead:
nameserver 127.0.0.1
nameserver 192.168.1.1
192.168.1.1 is my FIOS router which has it's own DNS server. It is also
pointed at the same OpenDNS servers as my forwarders directive (a snippet
from my named.conf below:)
listen-on { 127.0.0.1; 192.168.10.1; };
allow-recursion {127.0.0.1; 192.168.10.0/24;};
forwarders {
208.67.222.222; 208.67.220.220; 192.168.1.1;
};
My local DNS on my gateway/firewall box is a hybrid which only has zones for
my local .test.zip 192.168.10.0/24 LAN. All other requests get forwarded out
and cached. Here is what sockstat -4l looks like on this box:
bind named 835 20 tcp4 192.168.10.1:53 *:*
bind named 835 21 tcp4 127.0.0.1:53 *:*
bind named 835 22 tcp4 127.0.0.1:953 *:*
bind named 835 512 udp4 192.168.10.1:53 *:*
bind named 835 513 udp4 127.0.0.1:53 *:*
I do not listen on the external interface as I'm only running a cache/hybrid
and do not need zone transfers as I am not delegated any SOA.
>
> [root at LBSD2:/usr/ports]#ping sum1.summitnjhome.com
> PING lCent01.summitnjhome.com (192.168.1.42): 56 data bytes
> 64 bytes from 192.168.1.42: icmp_seq=0 ttl=64 time=0.273 ms
> 64 bytes from 192.168.1.42: icmp_seq=1 ttl=64 time=0.180 ms
> 64 bytes from 192.168.1.42: icmp_seq=2 ttl=64 time=0.186 ms
>
At first glance this would seem to indicate that you do have name resolution
working within the local LAN. Don't know if it is because you have entries
in a hosts file, or whether the lookup is returning from your DNS server.
For example, when I do nslookup on my web/database server box requesting a
lookup for server.test.zip I clearly see:
testbed# nslookup server.test.zip
Server: 192.168.10.1
Address: 192.168.10.1#53
Name: server.test.zip
Address: 192.168.10.1
The "Server:" address shown above is my DNS server. If you are able to see
the same kind of response your DNS server is able to resolve for local
addresses. If this is actually functioning and you are only unable to do
name lookups out to the Internet you either have a gateway connectivity
issue or your DNS server is not configured to talk to the Internet. The ping
to 204.152.190.12 test we did above should have shown whether or not
connectivity out to the net is an issue.
If you have IP connectivity out to the 'Net and your DNS will resolve names
within the local LAN but not for the Internet you have your named.conf only
half configured. Test out and eliminate any/all connectivity issues first.
The usual suspects here are gateway_enable not being turned on, NAT not
working, or firewall rules hosed, etc... Eliminate and circle down towards
named.conf missing something.
The flaw in all this is I still do not know exactly how your LAN is
configured and know virtually nothing about your gateway to the outside
world.
-Mike
More information about the freebsd-questions
mailing list