Re: SOLVED: Re: buster: DNS server?
On Thu, Aug 15, 2019 at 01:01:42PM -0600, D. R. Evans wrote: > Thanks to those who replied to my original post, > <45c61e48-0393-a413-4f7a-d88be911a...@gmail.com>; the responses gave me enough > clues to find the source of the problem. > > The solution turned out to be obvious in retrospect (like so many things). > > For some reason, the buster installation had not installed bind9. As soon as I And the reason was? I guess the user not requesting the installation :) > installed that package manually, DNS started to work correctly for the other > machines on the LAN. > > Thanks again. > > Doc > -H -- Henning Follmann | hfollm...@itcfollmann.com
SOLVED: Re: buster: DNS server?
Thanks to those who replied to my original post, <45c61e48-0393-a413-4f7a-d88be911a...@gmail.com>; the responses gave me enough clues to find the source of the problem. The solution turned out to be obvious in retrospect (like so many things). For some reason, the buster installation had not installed bind9. As soon as I installed that package manually, DNS started to work correctly for the other machines on the LAN. Thanks again. Doc -- Web: http://enginehousebooks.com/drevans signature.asc Description: OpenPGP digital signature
Re: buster: DNS server?
On Mi, 14 aug 19, 14:13:06, D. R. Evans wrote: > > I would appreciate any suggestions as to how to diagnose and fix the problem. You probably want to install dnsmasq on the server. Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser signature.asc Description: PGP signature
Re: buster: DNS server?
On 8/14/19, Reco wrote: > Hi. > > On Wed, Aug 14, 2019 at 02:13:06PM -0600, D. R. Evans wrote: >> 5. If I ping by name a machine on the Internet from the server (e.g., >> google.com), the ping succeeds. > > The contents of /etc/resolv.conf from that host would be nice. yes, showing the contents of /etc/resolv.conf from that host would be most helpful. as would checking your dhcp server config and making sure that it's giving out the correct name server address(es) https://linux.die.net/man/5/dhcp-options option domain-name-servers ip-address [, ip-address... ]; The domain-name-servers option specifies a list of Domain Name System (STD 13, RFC 1035) name servers available to the client. A quick test would be dig @8.8.8.8 www.google.com dig www.google.com if the 1st works & 2nd not, chances are good your dhcp clients aren't getting a valid name server address Lee
Re: buster: DNS server?
Hi. On Wed, Aug 14, 2019 at 02:13:06PM -0600, D. R. Evans wrote: > 5. If I ping by name a machine on the Internet from the server (e.g., > google.com), the ping succeeds. The contents of /etc/resolv.conf from that host would be nice. And your set of netfilter rules applicable to DNS. > 7. On the machine on the LAN, if I look at the configuration for the port on > the LAN machine (using nmcli), I see: > IP4.DNS[1]: 192.168.0.1 > which is correct (the server's IP address being 192.168.0.1). No. What it really says that your DHCP server announced 192.168.0.1 as a DNS. It does not mean that you have DNS server (bind, unbound, name it) operational at 192.168.0.1. Reco
Re: buster: DNS server?
D. R. Evans wrote: > So this seems to be saying that: > 1) the basic packet forwarding through the server is working > 2) DNS on the server itself is working > 3) DNS requests received from the LAN by the server are not being resolved > > I would appreciate any suggestions as to how to diagnose and fix the > problem. So you are using as DNS the router? What is the content of resolv.conf on the LAN machine? Is it static resolv.conf or managed $ ls -al /etc/resolv.conf lrwxrwxrwx 1 root root 35 Aug 12 23:26 /etc/resolv.conf -> /var/run/NetworkManager/resolv.conf Is there a difference between resolv.conf on server and LAN machine? regards
Re: buster: DNS server?
Make sure your router's DHCP server functionality is disabled. On Wed, Aug 14, 2019, 15:13 D. R. Evans wrote: > 1. I have a server that does all I need it to do under stretch. > > 2. On that machine, I have installed a clean version of buster on a > separate > bootable drive. > > 3. Under buster on that machine, I have installed (by copy from stretch) an > iptables configuration that seems to be behaving as I expect. In > particular, > it allows me to reach the Internet from machines on the LAN side of the > server. > > 4. Under buster, I have installed isc-dhcp-server and copied a working > /etc/dhcp/dhcpd.conf from stretch. It seems to be behaving correctly. In > particular, it seems to be responding correctly to machines on the LAN > side of > the server. > > 5. If I ping by name a machine on the Internet from the server (e.g., > google.com), the ping succeeds. > > 5. If I now go to another machine on the LAN and ping a machine on the > Internet by address (e.g., 172.217.11.238), the ping succeeds. > > 6. But if (still on another machine on the LAN) I ping a machine on the > Internet by name, (e.g., google.com) the request times out and I receive > the > message: "ping: google.com: Name or service not known". > > 7. On the machine on the LAN, if I look at the configuration for the port > on > the LAN machine (using nmcli), I see: > IP4.DNS[1]: 192.168.0.1 > which is correct (the server's IP address being 192.168.0.1). > > So this seems to be saying that: > 1) the basic packet forwarding through the server is working > 2) DNS on the server itself is working > 3) DNS requests received from the LAN by the server are not being > resolved > > I would appreciate any suggestions as to how to diagnose and fix the > problem. > > Doc > > -- > Web: http://enginehousebooks.com/drevans > >
buster: DNS server?
1. I have a server that does all I need it to do under stretch. 2. On that machine, I have installed a clean version of buster on a separate bootable drive. 3. Under buster on that machine, I have installed (by copy from stretch) an iptables configuration that seems to be behaving as I expect. In particular, it allows me to reach the Internet from machines on the LAN side of the server. 4. Under buster, I have installed isc-dhcp-server and copied a working /etc/dhcp/dhcpd.conf from stretch. It seems to be behaving correctly. In particular, it seems to be responding correctly to machines on the LAN side of the server. 5. If I ping by name a machine on the Internet from the server (e.g., google.com), the ping succeeds. 5. If I now go to another machine on the LAN and ping a machine on the Internet by address (e.g., 172.217.11.238), the ping succeeds. 6. But if (still on another machine on the LAN) I ping a machine on the Internet by name, (e.g., google.com) the request times out and I receive the message: "ping: google.com: Name or service not known". 7. On the machine on the LAN, if I look at the configuration for the port on the LAN machine (using nmcli), I see: IP4.DNS[1]: 192.168.0.1 which is correct (the server's IP address being 192.168.0.1). So this seems to be saying that: 1) the basic packet forwarding through the server is working 2) DNS on the server itself is working 3) DNS requests received from the LAN by the server are not being resolved I would appreciate any suggestions as to how to diagnose and fix the problem. Doc -- Web: http://enginehousebooks.com/drevans signature.asc Description: OpenPGP digital signature