On Mon, Jan 31, 2011 at 01:11:49AM -0700, Bob Proulx wrote: > Joel Roth wrote: > > Some nslookup oddities have been bothering me. Does it look > > to you like my ISP is blocking certain DNS queries? > > Something seems broken. Probably broken rather than blocking. > > > [maseru]$ nslookup debian.org > > I know nslookup is the venerable old tool. But it produces a lot of > noise in the output. You might look into using with host or dig. > > $ host debian.org > debian.org has address 206.12.19.7 > debian.org has address 128.31.0.51 > debian.org mail is handled by 0 master.debian.org. > > $ dig debian.org a +short > 128.31.0.51 > 206.12.19.7 > > > $ nslookup debian.org 66.33.216.127 > > ;; connection timed out; no servers could be reached > > > > $ nslookup ftp.us.debian.org 66.33.216.127 > > ;; connection timed out; no servers could be reached > > Looks broken to me.
Yes, but DNS traffic to that same DNS server, asking for a *different* host (google.com) succeeds. DNS traffic is DNS traffic, so if some queries are being blocked selectively based on content, it appears to be content-selective blocking. > I recommend installing a local nameserver and using it instead. Then > you shouldn't have this type of problem. Plus since it is broken you > are bound to have other problems with other addresses. For example > you could install BIND9 and use the default configuration as a local > caching nameserver. > > $ sudo apt-get install bind9 I've previously used dnsmasq. > Then ensure that 'nameserver 127.0.0.1' exists in /etc/resolv.conf and > you should be set. By "ensure" I mean that you should use either > 'resolvconf' to maintain that file or perhaps use a 'dns-nameservers' > statement in /etc/network/interfaces or edit the resolv.conf file > manually or whatever is appropriate for your system. I'd been using resolvconf before, however I removed it due to not understanding what it does and how it interacts with /etc/dhcp/dhclient.conf and /etc/network/interfaces. I'd previously been frustrated trying to specify nameserver information in dhclient.conf and posted earlier to this list: http://lists.debian.org/debian-user/2010/09/msg00531.html As you suggest, /etc/network/interfaces may be the correct place for this. I'd use resolvconf if it would help. I'm surprised that even having removed the resolvconf package, /etc/init.d/networking restart creates a new /etc/resolv.conf with first line: # generated by resolvconf I look forward to demystifying these issues, and getting reliable DNS for the next decade(s). :-) Regards, Joel > Bob -- Joel Roth -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110131202522.GC13220@sprite