Solved

Network troubles on Linux DHCP client

Posted on 2015-02-05
8
137 Views
Last Modified: 2015-02-11
I have a slackware64 14.1 Linux host which acts as Samba4 DC/AD and is the domain DNS. I am using the Linux bind v. 9.9.5, not the bind built into Samba4. The Windows workstation DHCP clients work just fine.

I am having problems with a troublesome Slackware 14.1 client. I believe I have found the culprit, but first the problems:

1. `hostname -f` just returns the hostname, not the FDQN.

2. `host hplaptop` (a domain workstation) returns:
$ host hplaptop
Host hplaptop not found: 3(NXDOMAIN)

Open in new window


Config files are:

/etc/hosts:
127.0.0.1               localhost
127.0.0.1               viao.hprs.local

/etc/HOSTNAME:
viao.hprs.local

/etc/resolv.conf:
# Generated by dhcpcd from wlan0, eth1
# /etc/resolv.conf.head can replace this line
domain hprs.local
nameserver 192.168.1.1
nameserver 192.168.0.2
# /etc/resolv.conf.tail can replace this line

The culprit appears to be the 1st nameserver line in /etc/resolv.conf "nameserver 192.168.1.1". When I comment out this line in resolv.conf my problems go away.

The domain I care about is 192.168.0.0/24 and the DC/AD DNS is 192.168.0.2, as shown. However, the viao host also has a wireless card and its DHCP assigned IP is 192.168.1.154 (assigned from some wireless device in the building not associated with the hprs.local domain).

Therefore I conclude that the problem is that network resolution requests are going the to wireless nameserver which doesn't find the requested host(s). Even when I leave 192.168.1.1 uncommented but move it *after* 192.168.0.2 things still work.

So, long description but here are the questions:

I thought if DNS lookup failed with one nameserver it would try the next. Why doesn't it try 192.168.0.2 when 192.168.1.1 returns "Host hplaptop not found: 3(NXDOMAIN)"?

Can I do anything to a) get it to look at all name servers? If not b) get the 192.168.1.1 nameserver listed 2nd? If not  c) not put 192.168.1.1 into /etc/resolv.conf at all (that file is auto-generated by dhcpd)?
0
Comment
Question by:jmarkfoley
  • 4
  • 4
8 Comments
 
LVL 76

Expert Comment

by:arnold
ID: 40591716
(AD) you should never use/reference external name servers when using local non-public domains,

Allow your installed DNS server to perform the lookups, you could define external forwarders within the DNS server if you wish to offload external lookups to .....

The failover to the second DNS server only occurs on a timeout event I.e. No response from the DNS server to which a request was sent.
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 40591902
(AD) you should never use/reference external name servers when using local non-public domains.

OK, but like I said, the /etc/resolv.conf file is created by dhcpc. So how to I prevent it from listing 192.168.1.1 first, or even prevent it from putting 192.168.1.1 into resolv.conf at all?
0
 
LVL 76

Expert Comment

by:arnold
ID: 40591956
In the scenario you have where you are testing something else while using a laptop getting a wifi feed with auto-allocating IP as well as auto-assigned DNS settings, one way is to

one option as suggested in the /etc/resolv.conf
you can add content to
/etc/resolv.conf.head
that includes
domain hprs.local
search domain hprs.local
nameserver 192.168.0.2
nameserver 192.168.0.2

This will be prepended above the DHCPd set settings which may help in reducing the probability of this system ever hitting the 192.168.1.1 assigned with the wifi IP.

Another option, is to adjust the /etc/rc.d/rc.inet1.conf such that it has a set DNS server
NAMESERVER="192.168.0.2" might work in altering the resolv.conf. .....

Though you have to make sure once you are done with this test, to remove the NAMESERVER entry from the DHCPclient configuration of your wifi interface, or you will be unable to resolve
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 40591980
Hmmm, sure I could "hard-code" as you suggest or even set the resolv.conf to read-only. But these techniques somewhat defeat one of the purposes of DHCP. This client host is a laptop and as such doesn't always stay connected to this LAN. If it goes a-travelling, I'd have to make sure to undo these hand-changes.

I thought I read somewhere there was a way to prevent a dhcp client from making changes to resolv.conf, no?
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 76

Assisted Solution

by:arnold
arnold earned 500 total points
ID: 40592003
That is what I am unclear about, i.e. adding the nameserver= into the interface inet.inet1.conf
But that will result in the same issue, when you are off this LAN, the nameserver record in the wifi side will set to one that is not accessible.

The only remedy I see, is to when you are on the LAN (AD SAMBA/ADDC) disable the wifi. whether you have a physical switch or a Function key (Fn)+another keyboard key.
0
 
LVL 1

Accepted Solution

by:
jmarkfoley earned 0 total points
ID: 40594170
Actually, I figured out a solution. Yes, I need to know whether I am on the DC/AD or not. So, I created the script /etc/dhcpcd.exit-hook which gets run by dhcpcd:
# if the domain is found to be domain hprs.local, do not use wireless device name server

if [ -e /etc/resolv.conf ]
then
    x=`grep "^domain hprs.local" /etc/resolv.conf`

    if [ -n "$x" ]
    then
        sed -e 's/^nameserver/#&/' -e 's/^#nameserver 192.168.0./nameserver 192.168.0./' \
            /etc/resolv.conf >/etc/resolv.new

        mv /etc/resolv.new /etc/resolv.conf
    fi
fi

Open in new window

This will run after the /etc/resolv.conf has been created by /lib/dhcpcd/dhcpcd-run-hooks. It checks to see if the domain is set to hprs.local. If so, it comments out all nameservers except for one(s) beginning with 192.168.0. So, it is semi-hard coded, but I don't see the hprs.local nameserver or at least the subnet ever changing. The nice part is that it is automatic. I don't have to physically turn off the wifi.

This works fine while connected to the Samba4 domain. I haven't tested it disconnected yet. Hopefully, it doesn't still find hprs.local as the domain when not connected. I don't think it will. Neither /etc/HOSTNAME nor /etc/hosts are referenced by any scripts in /lib/dhcpcd/dhcpcd-hooks/ and according to my understanding the domain name put into resolv.conf is obtained from the DHCP server.

I think this will do the trick!
0
 
LVL 76

Expert Comment

by:arnold
ID: 40594189
It could/should.
You might want to add -i to the grep just in case, the capitalization of any line items changes.
0
 
LVL 1

Author Closing Comment

by:jmarkfoley
ID: 40602723
I figured out something that works
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now