Thanks to everyone who has helped out with this so far. I have been doing some more work on this today. Here is what I have come up with so far.
IPv6 is disabled (and now postfix doesn't work, but that is a different problem). There are no firewalls running on this server. I can lookup any host on the network with commands like dig, host and nslookup. I can also do reverse lookups on any valid IP address on the LAN. I can ping any valid IP address on the LAN, but I can't ping any hostnames. Following Nick's advice I have run tcpdump. Here are the commands I ran, and the tcpdump output: faxserver:~ # tcpdump -n host faxserver and not port ssh > dump1 & faxserver:~ # host david.chchcasino.local david.chchcasino.local has address 192.168.1.81 faxserver:~ # host david david.chchcasino.local has address 192.168.1.81 faxserver:~ # host 192.168.1.81 81.1.168.192.in-addr.arpa domain name pointer david.chchcasino.local. faxserver:~ # ping david.chchcasino.local ping: unknown host david.chchcasino.local faxserver:~ # ping -c 1 192.168.1.81 PING 192.168.1.81 (192.168.1.81) 56(84) bytes of data. 64 bytes from 192.168.1.81: icmp_seq=1 ttl=128 time=0.356 ms --- 192.168.1.81 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.356/0.356/0.356/0.000 ms faxserver:~ # cat dump1 10:25:29.633092 IP 192.168.1.14.1030 > 192.168.1.18.53: 8938+ A? david.chchcasino.local. (40) 10:25:29.633851 IP 192.168.1.18.53 > 192.168.1.14.1030: 8938* 1/2/2 A[|domain] 10:25:31.391728 IP 192.168.1.14.1030 > 192.168.1.18.53: 21720+ A? david.chchcasino.local. (40) 10:25:31.392380 IP 192.168.1.18.53 > 192.168.1.14.1030: 21720* 1/2/2 A[|domain] 10:25:34.631675 arp who-has 192.168.1.18 tell 192.168.1.14 10:25:34.632148 arp reply 192.168.1.18 is-at 00:08:c7:4c:48:4a 10:25:45.784457 IP 192.168.1.14.1030 > 192.168.1.18.53: 48699+ PTR? 81.1.168.192.in-addr.arpa. (43) 10:25:45.785140 IP 192.168.1.18.53 > 192.168.1.14.1030: 48699* 1/2/2 (173) 10:26:00.660586 IP 192.168.1.14.1030 > 224.0.0.251.5353: 43150+ A? david.chchcasino.local. (40) 10:26:05.661117 IP 192.168.1.14.1030 > 224.0.0.251.5353: 43150+ A? david.chchcasino.local. (40) 10:26:10.661349 IP 192.168.1.14.1030 > 224.0.0.251.5353: 43151+[|domain] 10:26:15.661497 IP 192.168.1.14.1030 > 224.0.0.251.5353: 43151+[|domain] 10:26:39.610059 IP 192.168.1.14 > 192.168.1.81: icmp 64: echo request seq 1 10:26:39.610378 IP 192.168.1.81 > 192.168.1.14: icmp 64: echo reply seq 1 192.168.1.14 is faxserver.chchcasino.local 192.168.1.18 is fidelio.chchcasino.local (DNS server) 192.168.1.81 is david.chchcasino.local (my pc) So, we can see the the DNS lookups are working in both directions (forward and reverse), but when I use ping it does something with 224.0.0.251. Isn't that a multicast address? I don't know anything about multicast (if that's what it is). What does this mean? -- Later David Kirk
