Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

DNS resolution problems, Ethereal logs inside (SOLVED)
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
indanet
n00b
n00b


Joined: 05 Sep 2004
Posts: 54
PostPosted: Mon Dec 27, 2004 7:35 pm    Post subject: DNS resolution problems, Ethereal logs inside (SOLVED) Reply with quote
Hi everyone!

I'm experiencing strange problems on two gentoo boxes in my LAN. My computers can't resolve all hostnames.

Here's a little part of a successful name resolution (I simply opened heise.de in links):
Code:
No.     Time        Source                Destination           Protocol Info
      1 0.000000    192.168.168.10        192.168.168.1         DNS      Standard query A www.heise.de
      2 0.144024    192.168.168.1         192.168.168.10        DNS      Standard query response A 193.99.144.71
      3 0.145900    192.168.168.10        193.99.144.71         TCP      33976 > www [SYN] Seq=0 Ack=0 Win=5840 Len=0 MSS=1460 TSV=21124831 TSER=0 WS=2
[...]

As you can see, in frame 1 my computer (192.168.168.10) queries the local nameserver (192.168.168.1, in fact a Draytek router) for the IP address of www.heise.de. The router responds immediately with frame 2, after which my computer starts to connect to the web server (frame 3)...

When I try to access google.de, this happens:
Code:
No.     Time        Source                Destination           Protocol Info
      1 0.000000    192.168.168.10        192.168.168.1         DNS      Standard query A www.google.de
      2 0.067608    217.237.150.141       192.168.168.10        DNS      Standard query response CNAME www.google.com CNAME www.google.akadns.net A 66.102.9.104 A 66.102.9.99
      3 0.067681    192.168.168.10        217.237.150.141       ICMP     Destination unreachable
      4 5.000348    192.168.168.10        192.168.168.1         DNS      Standard query A www.google.de
      5 5.153641    217.237.150.141       192.168.168.10        DNS      Standard query response CNAME www.google.com CNAME www.google.akadns.net A 216.239.59.99 A 216.239.59.104
      6 5.153725    192.168.168.10        217.237.150.141       ICMP     Destination unreachable
      7 10.000738   192.168.168.10        192.168.168.1         DNS      Standard query A www.google.de.homenetwork
      8 10.202475   192.168.168.1         192.168.168.10        DNS      Standard query response, No such name


Frame 1: My computer queries the local nameserver for the IP of www.google.de
Frame 2: My local nameserver redirects the request to my ISP's nameserver, which answers my request.
Frame 3: My computer unexpectedly receives an DNS answer from my ISP's nameserver and drops it because it expected an answer from my local nameserver.
Frames 4-8: Two additional requests because the previous requests timed out (from my computer's point of view).

Kernel: gentoo-dev-sources
No firewall
LAN behind router (192.168.168.1)

An obvious solution would be to configure my computers to directly use the nameserver of my ISP because my router anyhow does forward all DNS requests to the "real" nameserver. The drawback of this solution would be that the IP of my ISP's nameserver is not as easy to remember as the IP of my router, and that the IP of the "real" nameserver can change. (The IP of the current nameserver is assigned to my router on dialup.)

So if you know a better solution than replacing the IP of my router with the IP of my ISP's nameserver in resolv.conf: Let me know...

Thanks in advance
chrschl

Last edited by indanet on Tue Dec 28, 2004 9:07 am; edited 1 time in total
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 54821
Location: 56N 3W
PostPosted: Mon Dec 27, 2004 9:32 pm    Post subject: Reply with quote
indanet,

Your router seems to be passing on 192.168... packets to your ISP, your ISP should really drop them because they are not routable. Instead the ISP nameserver responds directly to you. Thats two faults.
192.168.. packets should not leave your network.
If they do, they should be dropped at the next hop.

When you query your router for a name its doesn't have in its cache, it should ask upstream on its own behalf, add the response to its cache, then respond to the original query.

Is there a firmware update to your router?
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
indanet
n00b
n00b


Joined: 05 Sep 2004
Posts: 54
PostPosted: Tue Dec 28, 2004 9:06 am    Post subject: Reply with quote
NeddySeagoon wrote:
Is there a firmware update to your router?

Thanks! That was it...
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy