| View previous topic :: View next topic |
| Author |
Message |
sniper.mdr
n00b
Joined: 31 Dec 2004
Posts: 23
|
 Posted: Thu Sep 21, 2006 12:52 pm Post subject: [SOLVED] Yet another hostname problem [SOLVED] |
 |
|
Hello,
first of all, yes, i've used the search function of the forum  All the hostname problems comes from a problem in resolv.conf, but mine not.
All was working fine in my dedicated server, the ping worked, my different services worked well, I was quite satisfied. But one day, with no reason, I started not been able ton ping or emerge --sync or emerge anything
| Code: | snip srodrigu # emerge --sync
Notice: (-3, 'Temporary failure in name resolution')
>>> Starting rsync with rsync://rsync.gentoo.org/gentoo-portage...
>>> Checking server timestamp ...
rsync: getaddrinfo: rsync.gentoo.org 873: Temporary failure in name resolution
rsync error: error in socket IO (code 10) at clientserver.c(107) [receiver=2.6.8
]
>>> Retrying... |
or a normal emerge:
| Code: | snip srodrigu # emerge links
Calculating dependencies... done!
>>> Emerging (1 of 2) media-libs/tiff-3.8.2-r2 to /
>>> Downloading 'http://gentoo.modulix.net/gentoo/distfiles/tiff-3.8.2-tiff2pdf.
patch.bz2'
--22:49:38-- http://gentoo.modulix.net/gentoo/distfiles/tiff-3.8.2-tiff2pdf.pat
ch.bz2
=> `/usr/portage/distfiles/tiff-3.8.2-tiff2pdf.patch.bz2'
Resolving gentoo.modulix.net... failed: Temporary failure in name resolution.
>>> Downloading 'http://ftp.club-internet.fr/pub/mirrors/gentoo/distfiles/tiff-3
.8.2-tiff2pdf.patch.bz2'
--22:49:38-- http://ftp.club-internet.fr/pub/mirrors/gentoo/distfiles/tiff-3.8.
2-tiff2pdf.patch.bz2
=> `/usr/portage/distfiles/tiff-3.8.2-tiff2pdf.patch.bz2'
Resolving ftp.club-internet.fr... failed: Temporary failure in name resolution.
>>> Downloading 'ftp://ftp.rez-gif.supelec.fr/pub/Linux/distrib/gentoo/distfiles
/tiff-3.8.2-tiff2pdf.patch.bz2'
--22:49:38-- ftp://ftp.rez-gif.supelec.fr/pub/Linux/distrib/gentoo/distfiles/ti
ff-3.8.2-tiff2pdf.patch.bz2
=> `/usr/portage/distfiles/tiff-3.8.2-tiff2pdf.patch.bz2'
Resolving ftp.rez-gif.supelec.fr... failed: Temporary failure in name resolution |
So i checked my ping,
| Code: | snip srodrigu # ping -c 3 66.219.59.46
PING 66.219.59.46 (66.219.59.46) 56(84) bytes of data.
64 bytes from 66.219.59.46: icmp_seq=1 ttl=52 time=119 ms
64 bytes from 66.219.59.46: icmp_seq=2 ttl=52 time=119 ms
64 bytes from 66.219.59.46: icmp_seq=3 ttl=52 time=119 ms
--- 66.219.59.46 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 119.062/119.182/119.371/0.312 ms
snip srodrigu # ping -c 3 www.gentoo.org
ping: unknown host www.gentoo.org |
So it Is definetly a problem with my name resolution.
My /etc/resolv.conf:
| Code: | snip srodrigu # cat /etc/resolv.conf
# Generated by dhcpcd for interface eth1
nameserver 88.191.254.60
nameserver 88.191.254.70 |
I am turning crazy, I can't really see what is the problem 
Thank you very much for your healp 
Last edited by sniper.mdr on Mon Sep 25, 2006 10:47 am; edited 1 time in total |
|
| Back to top |
|
 |
lavluda
n00b
Joined: 27 Jan 2006
Posts: 34
Location: Dhaka, Bangladesh
|
| Posted: Thu Sep 21, 2006 1:15 pm Post subject: |
|
|
Can u ping the nameserver ???
_________________
--
Best Regards
S. M. Ibrahim (Lavlu)
gentoo on macbook pro 4.1
localhost ~ # uname -a
Linux localhost 2.6.25-gentoo-r9 #1 SMP Fri Nov 21 06:23:40 BDT 2008 i686 Intel(R) Core(TM)2 Duo CPU T8300 @ 2.40GHz GenuineIntel GNU/Linux |
|
| Back to top |
|
|
sniper.mdr
n00b
Joined: 31 Dec 2004
Posts: 23
|
| Posted: Thu Sep 21, 2006 1:19 pm Post subject: |
|
|
| lavluda wrote: | | Can u ping the nameserver ??? |
yes | Code: | snip srodrigu # ping -c 3 88.191.254.60
PING 88.191.254.60 (88.191.254.60) 56(84) bytes of data.
64 bytes from 88.191.254.60: icmp_seq=1 ttl=61 time=0.253 ms
64 bytes from 88.191.254.60: icmp_seq=2 ttl=61 time=0.189 ms
64 bytes from 88.191.254.60: icmp_seq=3 ttl=61 time=0.192 ms
--- 88.191.254.60 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.189/0.211/0.253/0.031 ms
snip srodrigu # ping -c 3 88.191.254.70
PING 88.191.254.70 (88.191.254.70) 56(84) bytes of data.
64 bytes from 88.191.254.70: icmp_seq=1 ttl=61 time=0.222 ms
64 bytes from 88.191.254.70: icmp_seq=2 ttl=61 time=0.186 ms
64 bytes from 88.191.254.70: icmp_seq=3 ttl=61 time=0.236 ms
--- 88.191.254.70 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.186/0.214/0.236/0.027 ms |
And I've tried to change them. Make no difference |
|
| Back to top |
|
|
lavluda
n00b
Joined: 27 Jan 2006
Posts: 34
Location: Dhaka, Bangladesh
|
| Posted: Thu Sep 21, 2006 1:25 pm Post subject: |
|
|
| sniper.mdr wrote: | | lavluda wrote: | | Can u ping the nameserver ??? |
yes |
Ok, now test
| Code: | | nslookup google.com |
if it's cann't get ip, please test this connection with a live CD. Or contact with the ISP to check if the nameserver working ok.
_________________
--
Best Regards
S. M. Ibrahim (Lavlu)
gentoo on macbook pro 4.1
localhost ~ # uname -a
Linux localhost 2.6.25-gentoo-r9 #1 SMP Fri Nov 21 06:23:40 BDT 2008 i686 Intel(R) Core(TM)2 Duo CPU T8300 @ 2.40GHz GenuineIntel GNU/Linux |
|
| Back to top |
|
|
sniper.mdr
n00b
Joined: 31 Dec 2004
Posts: 23
|
| Posted: Thu Sep 21, 2006 2:19 pm Post subject: |
|
|
| lavluda wrote: | | sniper.mdr wrote: | | lavluda wrote: | | Can u ping the nameserver ??? |
yes |
Ok, now test
| Code: | | nslookup google.com |
if it's cann't get ip, please test this connection with a live CD. Or contact with the ISP to check if the nameserver working ok. |
Well..
| Code: | snip srodrigu # nslookup google.com
;; connection timed out; no servers could be reached
|
As I've said before, It's a dedicated server, so I don't have acces to the computer.
Nothing to do with iptables? i don't know what to do 
I will probably send a mail to the copany if I cannot resolv the problem  |
|
| Back to top |
|
|
sniper.mdr
n00b
Joined: 31 Dec 2004
Posts: 23
|
| Posted: Fri Sep 22, 2006 11:07 am Post subject: |
|
|
| any ideas? |
|
| Back to top |
|
|
elgato319
Guru
Joined: 15 Sep 2005
Posts: 546
|
| Posted: Fri Sep 22, 2006 11:59 am Post subject: |
|
|
Try to use some other nameservers e.g. aol ones
dns-06.ns.aol.com ( 149.174.211.8 )
or microsoft ones
ns5.msft.net ( 65.55.238.126 )
Be sure that outgoing UDP Port 53 is not blocked by any firewall. |
|
| Back to top |
|
|
ova
Retired Dev
Joined: 06 Nov 2003
Posts: 120
Location: Russia, Moscow
|
| Posted: Fri Sep 22, 2006 12:04 pm Post subject: |
|
|
Try
to check that dns servers are (not)working. |
|
| Back to top |
|
|
sniper.mdr
n00b
Joined: 31 Dec 2004
Posts: 23
|
| Posted: Mon Sep 25, 2006 10:43 am Post subject: |
|
|
Well, it definitly comes from my iptables, but don't actually see the problem:
| Code: | snip srodrigu # cat /etc/init.d/firewall
#!/bin/bash
echo Setting firewall rules...
#
# Snip's config
#
# vidage
iptables -t filter -F
iptables -t filter -X
# avant tout : autoriser SSH
iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT
# ne pas casser les connexions etablies
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
# interdire toute connexion entrante
iptables -t filter -P INPUT DROP
iptables -t filter -P FORWARD DROP
# interdire toute connexion sortante
iptables -t filter -P OUTPUT DROP
# autoriser les requetes DNS, FTP, HTTP (pour les mises a jour) (873 --> rsync?)
iptables -t filter -A OUTPUT -p tcp --dport 21 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 53 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 873 -j ACCEPT
# autoriser loopback
iptables -t filter -A INPUT -i lo -j ACCEPT
iptables -t filter -A OUTPUT -o lo -j ACCEPT
# Refuser ping
#iptables -t filter -A INPUT -p icmp -j DROP
iptables -t filter -A INPUT -p icmp -j ACCEPT
iptables -t filter -A OUTPUT -p icmp -j ACCEPT
#
# gestion des connexions entrantes autorisées
#
# iptables -t filter -A INPUT -p <tcp|udp> --dport <port> -j ACCEPT
# http, https
iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 443 -j ACCEPT
# ftp
iptables -t filter -A INPUT -p tcp --dport 20 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 21 -j ACCEPT
#teamspeak
#iptables -t filter -A INPUT -p tcp --dport 14534 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 8767 -j ACCEPT
iptables -t filter -A INPUT -p udp --dport 8767 -j ACCEPT |
I've accepted INUT and OUTPUT for the port 53, so it normally has to work |
|
| Back to top |
|
|
sniper.mdr
n00b
Joined: 31 Dec 2004
Posts: 23
|
| Posted: Mon Sep 25, 2006 10:47 am Post subject: |
|
|
| Well, I focuysed on my firewall rules, just put also output udp for port 53, and that made it. Stupid error from me. Thank you very much for your help by the way. |
|
| Back to top |
|
|
|
Networking & Security
