DNS Resolution

[Antonino89]

Hi guys,,

currently i have a problem with all of my server:

I can ping public IP adress but i'm not able to ping their hostname.

ping 8.8.8.8 is OK
ping Google.it is NOT OK.

my resolv.conf :

root@Server1:/etc# more resolv.conf

search proxmox
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 192.168.100.1

Any suggestions?

Thanks

 

[pabernethy]

It's time to dig then

$ dig google.it   

; <<>> DiG 9.10.3-P4-Debian <<>> google.it
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9377
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;google.it.            IN    A

;; ANSWER SECTION:
google.it.        133    IN    A    172.217.21.227

;; Query time: 1 msec
;; SERVER: 192.168.2.121#53(192.168.2.121)
;; WHEN: Wed Aug 09 17:13:36 CEST 2017
;; MSG SIZE  rcvd: 54

It tells you where you received the answer from in the SERVER line. If you don't get an answer from one of your nameservers you can force using them with

$ dig @8.8.8.8 google.it

Also I assume you already rebooted after entering that config or, at the very least, restarted the network.

 

[Antonino89]

Yes, reboot was done.


root@Server1:~# dig google.it

; <<>> DiG 9.10.3-P4-Debian <<>> google.it
;; global options: +cmd
;; connection timed out; no servers could be reached
root@Server1:~# dig @8.8.8.8 google.it

; <<>> DiG 9.10.3-P4-Debian <<>> @8.8.8.8 google.it
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached


Problem, still remain...

 

[pabernethy]

Can you query the local DNS server (assuming you have at least a local DNS cache available)?
Is there a router or firewall on the network that might block outgoing DNS requests?

 

[Antonino89]

Any suggestions?

 

[Antonino89]

Can you query the local DNS server (assuming you have at least a local DNS cache available)?
Is there a router or firewall on the network that might block outgoing DNS requests?

root@Server1:~# ping 10.216.110.108 <------ Local DNS
PING 10.216.110.108 (10.216.110.108) 56(84) bytes of data.
64 bytes from 10.216.110.108: icmp_seq=1 ttl=127 time=2.54 ms
64 bytes from 10.216.110.108: icmp_seq=2 ttl=127 time=1.24 ms
64 bytes from 10.216.110.108: icmp_seq=3 ttl=127 time=1.05 ms
64 bytes from 10.216.110.108: icmp_seq=4 ttl=127 time=1.01 ms
64 bytes from 10.216.110.108: icmp_seq=5 ttl=127 time=1.50 ms
^@64 bytes from 10.216.110.108: icmp_seq=6 ttl=127 time=1.18 ms

64 bytes from 10.216.110.108: icmp_seq=7 ttl=127 time=1.14 ms

64 bytes from 10.216.110.108: icmp_seq=8 ttl=127 time=1.10 ms
^Z
[1]+ Stopped ping 10.216.110.108


root@Server1:~# dig @10.216.110.108 google.it

; <<>> DiG 9.10.3-P4-Debian <<>> @10.216.110.108 google.it
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9690
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;google.it. IN A

;; ANSWER SECTION:
google.it. 299 IN A 172.217.16.163

;; Query time: 27 msec
;; SERVER: 10.216.110.108#53(10.216.110.108)
;; WHEN: Thu Aug 10 10:19:28 CEST 2017
;; MSG SIZE rcvd: 54

 

[pabernethy]

Looks like your firewall is blocking outgoing DNS requests. So either talk to the network administrator, if you absolutely need to use external DNS. Or just use the local DNS.

 

[Antonino89]

Looks like your firewall is blocking outgoing DNS requests. So either talk to the network administrator, if you absolutely need to use external DNS. Or just use the local DNS.

Thanks. Solved.

I will use the internal DNS.

Antonino

 

[gilfoyl748]

I had a similar problem. Check on your firewall that you have traffic permissions up to 53 TCP and UDP ports. There is most likely no UDP.