Link to home
Start Free TrialLog in
Avatar of Mark
Mark

asked on

Lost connection with ALL workstations on LAN

I am running Slackware64 14.2 and BIND 9.10.4-P6 in an office LAN. This morning a bit after 8:00AM one user called and said he'd lost Internet access and access to the local shared drive. About 2 hours later another user called, same thing. By shortly after noon 3 more users were having the same problem, but another 3 were accessing Internet and LAN resources OK. I rebooted the DNS server and now nobody has any access at all.

I suspect DNS. I did make a change a couple of days ago to add an 'A' record, but I can't see how that would have done this. I will experiment with restoring the zone file from a couple of days ago.

Here is the interesting wrinkle. Upon restart of named I get the following logged message:
May  1 12:49:08 mail named[1666]: managed-keys-zone: loaded serial 0
May  1 12:49:08 mail named[1666]: zone 127.in-addr.arpa/IN: loaded serial 1
May  1 12:49:08 mail named[1666]: zone 0.168.192.in-addr.arpa/IN: loaded serial 379
May  1 12:49:08 mail named[1666]: zone hprs.local/IN: loaded serial 2014137944
May  1 12:49:09 mail named[1666]: zone localhost/IN: loaded serial 2
May  1 12:49:09 mail named[1666]: all zones loaded

Open in new window

The zone for hprs.local has serial # 2014137944, yet the zone file I modified: /var/lib/samba/private/dns/hprs.local.zone has serial # 2014134046. I made 2 separate changes to this file and changed the serial number each time. However, the named log output indicates it is getting a zone file with serial 2014137944. How can that be? I suspect this is part of the problem.

From the DNS server, I can get the IP of any host, but cannot ping:
$ host dbserver
dbserver.hprs.local has address 192.168.0.4

$ ping dbserver
PING dbserver.hprs.local (192.168.0.4) 56(84) bytes of data.
From mail.hprs.local (192.168.0.2) icmp_seq=1 Destination Host Unreachable
From mail.hprs.local (192.168.0.2) icmp_seq=2 Destination Host Unreachable
From mail.hprs.local (192.168.0.2) icmp_seq=3 Destination Host Unreachable
From mail.hprs.local (192.168.0.2) icmp_seq=4 Destination Host Unreachable

Open in new window

The DNS server can resolve IPs for external domains, e.g. yahoo.com.

No workstation on the LAN can connect to external domains, nor can they ping the DNS server or any other host in the LAN.

This is super urgent! Any ideas would be greatly appreciated!!!


More Info: ...

Part of issue resolved. The serial numbers on the zone file were not correct because named was looking in /etc/samba/private/dns instead of the ones I modified in /var/lib/samba/private/dns. This was a result of Slackware changing the location of samba files from Samba version 4.2.14 to 4.4.8. This bit me before. Now when I restart named I do get the correct serial number in the log.

 However, I still cannot ping LAN hosts and LAN workstation still cannot connect to the Internet.
Avatar of Mark
Mark

ASKER

Part of issue resolved. The serial numbers on the zone file were not correct because named was looking in /etc/samba/private/dns instead of the ones I modified in /var/lib/samba/private/dns. This was a result of Slackware changing the location of samba files from Samba version 4.2.14 to 4.4.8. This bit me before. Now when I restart named I do get the correct serial number in the log.

However, I still cannot ping LAN hosts and LAN workstation still cannot connect to the Internet.

Note that there is still one workstation (WIN7) that can be pinged:
$ ping dennis
PING DENNIS.hprs.local (192.168.0.57) 56(84) bytes of data.
64 bytes from dennis.hprs.local (192.168.0.57): icmp_seq=1 ttl=128 time=0.345 ms
64 bytes from dennis.hprs.local (192.168.0.57): icmp_seq=2 ttl=128 time=0.361 ms

Open in new window

Very confused! Need help!
Avatar of David Needham
David Needham
Flag of United Kingdom of Great Britain and Northern Ireland image
Going on your description it does sound to me that the DNS problems are either minor, or a red herring altogether.

I wondering if you have a faulting switch on your network???
Avatar of Mark
Mark

ASKER

I'm getting the following for all workstations:
May  1 15:02:50 mail named[10299]: client 169.254.84.196#56816 (MIKE.hprs.local): query 'MIKE.hprs.local/A/IN' denied

Open in new window

A whois on 169.254.84.196 tells me, "Computers use addresses starting with "169.254." when they do not have a manually configured address or when they are not told which address to use by a service on the network.  They are commonly called the "link local" addresses."

As to your switch/router idea, I'll try powering down all network devices and see what happens.
ASKER CERTIFIED SOLUTION
Avatar of David Needham
David Needham
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Scott Silva
Scott Silva
Flag of United States of America image
I second the DCHP comment... Either your DHCP server is not running, or you lost connectivity from the DHCP server to the lan... The last system running still has a valid lease...
Avatar of Mark
Mark

ASKER

YES!!!! That was it!! I modified the dhcpd.conf file several days ago to comment out a static IP assignment, but I missed putting a '#' in front of one of the lines. Probably as the leases expired, those workstations lost their connection. If I had looked at /var/log/syslog I would have seen the error. I looked at every relevant log file EXCEPT that one.

Thanks for the help
Avatar of David Needham
David Needham
Flag of United Kingdom of Great Britain and Northern Ireland image
I'm glad that you have the problem resolved! :)