abuck
asked on
dns stops working
i am running debian with an ne2k ethernet card. for some reason, after awhile i cannot communicate with my dns server. the problem appears when a program other than netscape attempts to resolve a url. after that, i cannot even ping the dns server but i can ping any other ip. i have a box running red hat 6.2 set up to masquerade for the this lan, but the other computers on the lan don't seem to have this problem. i have tried using both a 2.2 kernel and a 2.4.5 with no effect. i can't figure out what is going on.
Is your DNS server local (inside the firewall)? Can you ping the IP of the DNS server before it "locks up"? Does the routing table "netstat -rn" look like other Linux boxes on your lan?
ASKER
my dns server is at my isp and i can ping until it stops resolving. the routing table looks the same as the others:
Destination Gateway Genmask Flags Metric Ref Use Iface
localnet * 255.255.255.0 U 0 0 0 eth0
default 10.0.0.1 0.0.0.0 UG 0 0 0 eth0
Destination Gateway Genmask Flags Metric Ref Use Iface
localnet * 255.255.255.0 U 0 0 0 eth0
default 10.0.0.1 0.0.0.0 UG 0 0 0 eth0
ASKER
my dns server is at my isp and i can ping until it stops resolving. the routing table looks the same as the others:
Destination Gateway Genmask Flags Metric Ref Use Iface
localnet * 255.255.255.0 U 0 0 0 eth0
default 10.0.0.1 0.0.0.0 UG 0 0 0 eth0
Destination Gateway Genmask Flags Metric Ref Use Iface
localnet * 255.255.255.0 U 0 0 0 eth0
default 10.0.0.1 0.0.0.0 UG 0 0 0 eth0
ASKER
my dns server is at my isp and i can ping until it stops resolving. the routing table looks the same as the others:
Destination Gateway Genmask Flags Metric Ref Use Iface
localnet * 255.255.255.0 U 0 0 0 eth0
default 10.0.0.1 0.0.0.0 UG 0 0 0 eth0
Destination Gateway Genmask Flags Metric Ref Use Iface
localnet * 255.255.255.0 U 0 0 0 eth0
default 10.0.0.1 0.0.0.0 UG 0 0 0 eth0
ASKER
i just realized that its not just the dns. i thought i was able to ping outside ip addresses even after the resolving issue started, but i can't even do that. only local pings work.
How do you connect to your ISP (what kind of media i.e. dialup, DSL, ISDN, etc)? IT may be possible that you are encountering an idle or session timeout (maybe your ISP uses both).
Can you determine if it is disconnecting at a very regular interval after you connect (session timeout), or seems to not work if you haven't been paying attention to your computer (idle timeout)? Or is it apparently random?
-Jon
Can you determine if it is disconnecting at a very regular interval after you connect (session timeout), or seems to not work if you haven't been paying attention to your computer (idle timeout)? Or is it apparently random?
-Jon
If you only have one machine in your local LAN exhibiting this behaviour, then it is almost certainly a problem with that machine or with your something on your local network. Since the routing table looks fine on the system and since you can ping other local IP's when DNS stops working I'd be suspicious of something involving the firewall. When DNS stops can you ping the gateway IP? What kind of firewall do you have and can you tell me anything about the Internet link (single IP or a netblock (how big))?
ASKER
i have a box running red hat 6.2 using ipchains as a single ip firewall which is connected to my cable modem. the lan consists of four computers and only one has a problem. the problem seems to happen randomly, although sometimes occurs when multiple programs are attempting to resolve urls at the same time. after the problem happens, i can ping the gateway ip, just not any outside ips. i agree with jlevie, that it must be a problem with the computer that is having problems because it isn't happening to any of the others, but i can't figure out what would cause it to discriminate between local and foreign ips.
I would do the steps below as I had a similar yet different problem.. :)
I think we need to determine if:
it is the (A) server or (B) firewall.. or (C) hub/switch(A) bring a notebook, plug it to replace the server when the problem starts, and try the ping.. it if works, definately the server is having problems.. if it doesn't , then it is the hub/switch or the firewall.
if it is the server, check the cable or the NIC.
(B) switch/hub- change the port for the server, reset the switch, check if the problem still occurs.. if it still does, nope.. not the hub/switch is giving problems.
(C) clear the firewall rules and test it out.. if no problem occurs after that.. then u know the culprit is the firewall or not...
good luck
I think we need to determine if:
it is the (A) server or (B) firewall.. or (C) hub/switch(A) bring a notebook, plug it to replace the server when the problem starts, and try the ping.. it if works, definately the server is having problems.. if it doesn't , then it is the hub/switch or the firewall.
if it is the server, check the cable or the NIC.
(B) switch/hub- change the port for the server, reset the switch, check if the problem still occurs.. if it still does, nope.. not the hub/switch is giving problems.
(C) clear the firewall rules and test it out.. if no problem occurs after that.. then u know the culprit is the firewall or not...
good luck
I've noticed a similar thing on our Linux box (SuSE 7.0). In our case the linux box could not see any other IP address (only itself). All other machines on the network work happily. All our machines are 172.16.1.x.
We tried changing the original network card (RTL(?)8139 chipset) with a Kingston KNE100 (tulip? driver). But the problem still occurs. We changed the port setting on the switch, different port, dynamic IP and static, but still the problem persisted.
We noticed that some of the mail delivery failure messages for mails sent by cron (via sendmail) had 'host name lookup failures'. These messages were being sent (initially) at about 4:30 am - when we do the mirroring of the Novell server - which we noticed was failing.
Upon investigation any copying of large amounts of data from the Novell server (ncpmount'd) to the local filesystem would cause the hang. Also copying large amounts of files from a windows client onto an NWE drive (Netware Logon) caused the system to hang.
This only started to happen after the Novell box was demoted as the main file server, and replaced by a real NT box. The Novell box did have 3 IPX subnets (one for each floor of the building), but has been reduced to 1. The Mars config then needed changing to suit the IPX subnet.
By turning off mail reports, and not doing the Novell mirror (which we don't need anymore) we have stopped the problem (or appeared to).
At the moment we are suspecting a problem with IPX, with the finger pointing at the Novell Server (the linux box was 100% happy for nearly a year, before the changes to the Novell box and introduction of NT Servers).
My current 'fix' to this without rebooting was a script which
- Stops MarsNWE
- Downs the ethernet interface
- Restarts INETD
- Bring up ethernet again
- Starts MarsNWE.
You don't say exactly what your 'hanging' machine does.
Does it run NWE? or perform tasks the others don't? etc.
I guess any similarities between our machines (running Samba, NWE etc) would be worth looking into, as I too would like to know why this problem was/is occurring.
We tried changing the original network card (RTL(?)8139 chipset) with a Kingston KNE100 (tulip? driver). But the problem still occurs. We changed the port setting on the switch, different port, dynamic IP and static, but still the problem persisted.
We noticed that some of the mail delivery failure messages for mails sent by cron (via sendmail) had 'host name lookup failures'. These messages were being sent (initially) at about 4:30 am - when we do the mirroring of the Novell server - which we noticed was failing.
Upon investigation any copying of large amounts of data from the Novell server (ncpmount'd) to the local filesystem would cause the hang. Also copying large amounts of files from a windows client onto an NWE drive (Netware Logon) caused the system to hang.
This only started to happen after the Novell box was demoted as the main file server, and replaced by a real NT box. The Novell box did have 3 IPX subnets (one for each floor of the building), but has been reduced to 1. The Mars config then needed changing to suit the IPX subnet.
By turning off mail reports, and not doing the Novell mirror (which we don't need anymore) we have stopped the problem (or appeared to).
At the moment we are suspecting a problem with IPX, with the finger pointing at the Novell Server (the linux box was 100% happy for nearly a year, before the changes to the Novell box and introduction of NT Servers).
My current 'fix' to this without rebooting was a script which
- Stops MarsNWE
- Downs the ethernet interface
- Restarts INETD
- Bring up ethernet again
- Starts MarsNWE.
You don't say exactly what your 'hanging' machine does.
Does it run NWE? or perform tasks the others don't? etc.
I guess any similarities between our machines (running Samba, NWE etc) would be worth looking into, as I too would like to know why this problem was/is occurring.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Possible that your novell server was sending bogus RIP info, and the box on question was the only one listening?
Just a thought,
-Jon
Just a thought,
-Jon
abuck:
This old question needs to be finalized -- accept an answer, split points, or get a refund. For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations! No comment means you don't care.
This old question needs to be finalized -- accept an answer, split points, or get a refund. For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations! No comment means you don't care.
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:
Accept: jlevie {http:#6160113}
Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
majorwoo
EE Cleanup Volunteer
I will leave the following recommendation for this question in the Cleanup topic area:
Accept: jlevie {http:#6160113}
Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
majorwoo
EE Cleanup Volunteer