Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 530
  • Last Modified:

can't dig local domains

I can't seem to dig, or do any kind of dns queries on local domains.  If I'm in bash and I say dig domain.com I get:
; <<>> DiG 9.2.1 <<>> domain.com
;; global options:  printcmd
;; connection timed out; no servers could be reached

However, if I do it from a different machine I get the right responce.  I'm not sure what chaned, but I did mess with my /etc/hosts file a while ago.  Any help?
-ben
0
esromneb
Asked:
esromneb
1 Solution
 
lbertaccoCommented:
Make sure you have specified a DNS server for the local domains in /etc/resolv.conf e.g.
Then make sure you can actually reach that server (ping it)

0
 
GnsCommented:
Also check that you allow dns from local to local (so to speak:-) ... in your local firewall (if any).

-- Glenn
0
 
tcmvCommented:
Your /etc/resolv.conf should have entries like this, with at least one nameserver directive pointing to an IP address.  

nameserver 192.168.1.1
nameserver ns1.domain.com

If it points to a dns name only, how will it be able to resolve it to talk to the dns server to resolve other names, unless you specified it in the /etc hosts file?

/etc/hosts could look like this:
192.168.1.2     ns1.domain.com

You could use nmap to make sure your box can talk to the dns server like this:

nmap -v -sU -p53 ns1.domain.com  -- this one for UDP
nmap -v -p53 ns1.domain.com        -- this one for TCP

If it can't talk to that dns server, then look into firewall policies and routing policies  (locally on your linux box ... iptables, /sbin/route )


Hope that helps,
-tcmv
www.mvix.net
0
 
esromnebAuthor Commented:
I acually got it to work with an odd configuration of my /etc/hosts file, but I think my hosts file is right the way it is now.  I took tcmv's advice and chaned my /etc/resolf.conf file to:
nameserver 127.0.0.1
nameserver x.x.x.x

(that way it will check the local machine first, dns caching or something)  And now it works.  Thanks.
-ben
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now