Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1016
  • Last Modified:

Unable to PING domain names...

I can't seem to ping any domains.  It seems like my DNS settings are messed-up, because I can ping any numerical IP addresses, but I can't ping *any* alpha (domain names).

It also seems to be slow when I try to SSH into it (it takes a while for it to connect).  I'm guess that it's trying to resolve the hostname before connecting.

This is what I've checked...

created a file called /etc/defaultrouter and added my default gateway...
route add default `cat /etc/defaultrouter`

added my name(DNS) servers to /etc/resolv.conf:
nameserver    x.x.x.x
nameserver    x.x.x.x

I Edited /etc/nsswitch.conf command using vi and add dns to the line stating hosts: at the end.
hosts: files nisplus dns

I put the name of my host here:

and rebooted for the fun of it...

I can...
ping my ip
ping gateway ip
ping external gateway ip
but I can't ping any domain NAMES (internal or external)


It's not a DHCP box, but I went ahead and deleted:
delete /etc/hostname.* and run this script


INTERFACE=ifconfig -a | grep flags | awk -F: '{print $1}' | grep -v '^lo'
touch /etc/dhcp.$INTERFACE
touch /etc/hostname.$INTERFACE

Then I configured it as a DHCP box:

cat /dev/null > /etc/hostname.hme0".

I made sure that /etc/hosts only has one line in it, the one
         containing " localhost".

"touch /etc/notrouter" - this creates a file to tell Solaris that
         your system will not be performing routing or packet-forwarding

"cat /dev/null > /etc/defaultrouter" - since the DHCP client software will
         automatically put the needed entries in this file, we just need to
         make sure that it exists.

 "touch /etc/resolv.conf" - again, the necessary entries will be
         added by the DHCP client.

Edited the file /etc/nsswitch.conf, and look at the "hosts:" line.
         By default, it reads "files"; change it to read
         "hosts: files dns".  This will enable your machine to
         resolve addresses using DNS, the Domain Name System.

/sbin/ifconfig hme0 auto-dhcp primary start

rebooted,  and saw that the DHCP server did indeed assingn an ip address - then pinged...

My result was the same.  I *did* get a new ip from the DHCP instead of a static one that I've been using...but I still can't ping *any* domain names...only IP addresses.


So, I have 2 solaris machines, and I configured them (at least, I thought I did) identically.  One works fine, and the other won't ping domain names...I've tried to cross check as many files as I know during the troubleshooting...to no avail.

Is there something I'm missing?  I was wondering if there was some other files that I'm simply failing to look at - for a crucial change.  There HAS to be something wrong with the DNS settings, but I'm not sure what.

On re-boot, the machine (while in DHCP mode) had an error message about the hostname not being "qualified".  But I thought that was mainly for sendmail to work properly.

  • 3
  • 2
1 Solution
Are the nameservers refusing to answer queries from you?

Put "dns" first on the hosts: line, not last (or at least before "nisplus")

You didn't bother to mention what VERSION of Solaris you have, but if it includes an nslookup tool, are you able to successfully place queries from it?
rambleAuthor Commented:

ok...it's working now.   I've been working on this for 3 days solid...and I didn't do anything different in the last 5 minutes except:

out of the 5 DNS entries I had resolv.conf, I deleted the one...

Now, it's my understanding that multiple entries in the resolv.conf file were for redundancy - and one bad entry shouldn't cause the entire DNS to fail...

I also used nslookup - could that, perhaps, have "activated" the DNS to start working...somehow?

Or, perhaps, editing the files like I was...there was some kind of invisable character corrupting one of the files, and me simply re-saving it, corrected it...

I don't know...

I'm going to go ahead and make the changes back to a static IP address, and see if I have any problems then - otherwise, I'm closing this out, and you can have the points...

BTW: this is solaris 9

I'm recalling from memory, but I think only the first 4 nameservers in /etc/resolv.conf do anything. So there's no value in having more than 4 nameservers listed.

nslookup merely gives you a manual interface to place DNS queries. You do the same thing as your machine does "behind the scenes" when you enter "ping www.cnn.com"

While a wrong nameserver won't "break" DNS, what does happen is that your machine will query one at a time, and will only query the next one in the list if it fails to get any response from the first one. That means if the first one responds negatively (i.e. replies it has no clue what the IP address of "www.cnn.com" is), then the resolve on your machine is satisfied. Its asked a question, gotten an answer from a source it was told to use. It will only query the next source on the list if the first one doesn't respond at all.

The moral is to make sure the /etc/resolv.conf is concise and accurate

Anyway, glad its working. Thanks for the points.
rambleAuthor Commented:
Ok...I've figured out the solution:

(reference for anyone that might read this at a later date)

I had the wrong netmask set.  I was limited within my subnet...the DNS server resided outside of my netmask, so it couldn't act as a DNS server for me.  This is what also allowed me to ping outside addresses - put only certain internal addresses.

When I changed the server to a DHCP server, it obtained the correct netmask settings...but, it didn't work (for some reason?) until I used nslookup.

Thanks PSI for your tips.

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now