Linux, cannot resolve domain name from host on DHCP LAN

I have a Linux slackware host acting as a LAN router and DHCP server. That is working mostly fine, but the DHCP clients on the LAN cannot resolve domain names.

On the router/DHCP server I have:

eth0 is the connection to the Internet with a static IP:, gateway:, nameservers: and

eth1 is the LAN interface with static IP, netmask This is also the interface for the DHCP server which is started with: /usr/sbin/dhcpd eth1. I also have /etc/sysctl.conf: net.ivp4.ip_forward = 1

My iptables startup has:

iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface eth1 -j ACCEPT

With the above configuration other hosts on the LAN can get an IP address and I can connect to these hosts from this router/DHCP-server.

What I cannot do is connect from a LAN host (e.g. to the Internet:

$ ping   # this timed out in about 40 seconds
ping: unknown host

$ ping    # this did nothing for over 8 minutes, then I gave up
PING ( 56(84) bytes of data.

the /etc/resolv.conf on is:

# Generated by dhcpcd from eth0
# /etc/resolv.conf.head can replace this line
# /etc/resolv.conf.tail can replace this line

What am I missing?
Who is Participating?
jmarkfoleyConnect With a Mentor Author Commented:
Well folks, I found the problem! It had nothing to do with my configuration. I had a flakey Cisco RSV 4000 router/switch that would simply, occasionally, get confused. I could connect to the various host from outside the LAN, but the hosts could not connect to the Internet. Eventually, I could not connect from the outside either. Cycling power on the router restored everything.

Needless to say, travelling to a remote location to cycle power in the router was not acceptable. I replaced the router and the problem has been gone for several weeks now. This is the 2nd RSV 4000 I've had a problem with. I will *not* be getting any more of these. In fact, I decided to use Linux and iptables for my firewall/router and it's been working flawlessly for a fraction of the cost.
savoneConnect With a Mentor Commented:
First, I wouldn't post my public IP address on any forum like this (for security purposes).

Maybe this will solve your problem.
jmarkfoleyAuthor Commented:
savone > First, I wouldn't post my public IP address on any forum like this

Actually, I meant to bogusize the IP address, but forgot before posting!

The link you gave me doesn't really help. That example shows the "Internet" facing NIC getting its IP address from an upstream cablemodem or router / DHCP server. My eth0 has the public IP, no DHCP. I think that is the main issue. I have another setup just like the link illustrates and it works just fine.

The difference:

Working system:

eth0 gets IP via DHCP, no gateway specified, no nameservers specified
resolv.conf auto-created by dhcpcd from eth0 with nameservers of ISP.

dhcp client hosts on LAN also get resolv.conf auto-created by DHCP server and has listed as nameserver.

Not working:

eth0 has assigned IP, gateway and name servers are explicitly assigned.

dhcp client hosts on LAN also get resolv.conf auto-create by, but name servers listed are the same as those in's resolv.conf.

Manually changing LAN hosts resolv.conf to have as nameserver does not help.

I feel like I'm missing a step, like specifying the "gateway" on the router host for the NIC.

What am I missing? Add a router? Bridge?

maybe a clue: on the router host ...

$ ping -I eth1
PING ( from eth1: 56(84) bytes of data.
From icmp_seq=2 Destination Host Unreachable

Meanwhile, I will continue to look at your link and see if I can find more info.
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

My name is MudConnect With a Mentor Systems EngineerCommented:
>>What I cannot do is connect from a LAN host (e.g. to the Internet:

You need masquerading... not NAT!

Look here for details... I have a server connected to internet on eth0 and masquerading eth1 with dhcpd and named (or bind)...
SandyConnect With a Mentor Commented:
check resolve.conf permission must be readable and executable by everyone

jmarkfoleyAuthor Commented:
Problem was with router, not configuration
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.