McGuffey, David C. wrote:
I thought this was solved when I fixed an unusually short dhcp lease
----Snip----
As soon as I try to dig, or ping an external site by hostname the effort
times out.
When I try to ping my two ISP provided DNS servers, the effort times
out. That is not unusual, because most ISPs are dropping a lot of icmp
to their servers, except from a small number of their internal
management systems. I do the same on my internal networks.
I would consider this unusual. When you get an address through dhcp the
dhclient overwrites /etc/resolv.conf with the IP addresses of the ISP's
name servers and those wind up being the only ones that you get. If you
can't get to your name servers everything else is interesting but
unimportant.
So...this appears to be a dns lookup problem. The /etc/host,
/etc/resolv.conf, /etc/networks, and /etc/nsswitch.conf all look good
and have not changed since before the problem started.
What is in /etc/resolv.conf?
Iptables hasn't changed, so there is not a rule that intermittently
appears that would block dns lookups through the gateway.
Unless you blocked the DNS ports iptables wouldn't be the problem.
I believe I may have a corrupted library routine upon which the dns
client relies.
Very unlikely! Have you checked the routing tables?
I don't have a lot of time to go poking around...the boss is telling me
to get it fixed quickly, or move on to F9 (which I'm not quite ready to
do for this particular machine.)
Later today I'm going to try tshark to snoop the network traffic to see
if the machine is actually sending dns queries out through the gateway.
Good idea! You might also try a traceroute to the name servers and see
where it gets hung up.
The last time I saw this thread you had more than one machine with this
problem. Is that still the case?
***Assuming there are no dns queries going out of the machine, using yum
in a force mode, which network components should I reload from the F7
repository?***
Dave McGuffey
Principal Information System Security Engineer // NSA-IEM, NSA-IAM
SAIC, IISBU, Columbia, MD
John Cornelius
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list