[K12OSN] Linux, Windows, and my DNS troubles

[Rob Owens]

Hi Shane.  

I'm too tired right now to follow everything that you wrote, but here's some food for thought.  MS systems often (always?) use a WINS server to get DNS information.  I've seen issues in the past where WINS and DNS somehow got a different set if hostname-to-IP mappings.  I'm not 100% sure if this is only for internal IP addresses or if it goes for external ones as well.

To clear cached DNS info on the clients, you can use:
/etc/init.d/nscd restart (on linux)
ipconfig /flushdns (on windows)

I recall reading somewhere that Firefox has its own DNS cache.  I'm not sure how to clear it, or if that's even a correct statement, but you might want to look into it.

-Rob

On Thu, Oct 11, 2007 at 12:47:02PM -0400, Shane Sammons wrote:
> Hi everyone!
> 
> I am encountering an issue with DNS I have never experienced before. I am
> hopeful someone can think of something I have missed, or maybe has
> encountered something similar and has an answer.
> 
> I switched DNS to a Windows server so I can re-build a server. Everything
> seemed fine at first, then caches cleared and our domains we manage on the
> server for the network were no longer accessible. I tossed this up to an
> error on my part. I checked my A name entries and everything. It all was
> correct.
> 
> I then proceeded to use ping and nslookup. The DNS server responded quickly
> with the proper IP address and I could ping -a and get the name back from
> the IP.
> 
> The network has all 3com switches, but is 99% Mac's. I thought perhaps there
> is a protocol or such that isn't playing nice with windows. The OS X server
> used BIND, I am sure a modified version. So, on another server I setup
> Ubuntu Linux and installed BIND 9. I set everything up on there and testing
> things again. This time I used dig on that server, nslookup from my
> workstation. Same, server responded yet I can not access the domain via a
> browser.
> 
> So I ventured onto IRC, where some helpful people told me to telnet from the
> DNS server to the webservers domain (telnet npelem.com 80). I did this and
> it connected, they then told me to type "GET / HTTP/1.0" (may have the slash
> wrong) and press enter twice. I did that, and low and behold it returned the
> HTML code of the index.php.
> 
> At this point they told me DNS is doing its job and it is the browser. I
> quit for the day. Today I came in and decided it can't be 3 new systems, 2
> servers, and 3 different operating systems. I am on Vista with FireFox and
> IE 7, the Windows server was not updated to IE 7, so it just has the secured
> IE with I took down to low security, and Ubuntu Linux 7.04 using FireFox.
> Both the Windows 2003 server and the Ubuntu system have DNS running.
> 
> So instead of just explaining more and more I will just list some
> information and link to the BIND file I pasted at pastebin.ca.
> Windows Server 2003, ip 192.168.168.6 static, running DHCP and DNS, no
> Active Directory / Domain integration, just a plain DHCP/DNS server. DHCP
> points it for DNS
> DHCP supplies: IP, Gateway, Subnet, DNS, TimeServer, and LDAP
> 
> Ubuntu: IP 192.168.168.7 DNS using BIND9 only. Setup for itself and my Vista
> system only as DNS server
> 
> My System: I installed wireshark to watch the network today, I use DHCP via
> wired connecting, but set the DNS manually to 192.168.168.7
> 
> Old Server: OS X Server 10.3.9 running AFP, DNS, DHCP, NFS, Open Directory,
> Print Sharing. IP 192.168.168.203 (don't ask...I am changing it when I re-do
> the server)
> 
> Webserver/MailServer: OS X Server 10.3.9, IP 192.168.112.2
> 
> Network Devices: Barracuda Spyware Firewall (192.168.168.2) and Watchguard
> Firebox Edge X50 ( 192.168.168.1 -Gateway)
> Note: Firebox was the former filter, it now just does NAT routing to direct
> traffic to our off network webserver, it allows passthrough between the
> networks with no restrictions atm..defeating the purpose of the segmentation
> I know).
> 
> The two new servers are Dell Power Edge 860's. My system is an HP Pavillion
> Notebook, and the old server is an Xserver.
> 
> BIND9 Files: (all zones and zone config) http://www.pastebin.ca/733070 (just
> the named.conf main file) http://www.pastebin.ca/733077
> Seperated the first paste's files with equals signs
> 
> Our domains: npelem.com and nationalpark.k12.nj.us (they just need to
> redirect to servers, nothing like active directory where it is integrated
> into every system)
> 
> Here is the really strange thing that has me baffled. While running wire
> shark, I can see BIND requests as DNS, while most request to Microsoft show
> as MDNS. As I watched my system, when I go to say www.google.com with
> FireFox I see the request and the response with the DNS protocol. When I go
> to one of the two domains the server manages, I never see the request or a
> response on wireshark. I tried this on the server, but wireshark can't see
> the looping on the server, as it never goes across the network and is
> handled internally.
> 
> Anyone have a clue why the local command line testing say the DNS on both
> server is working fine, yet applications like FireFox can't ever get to the
> webserver via name but by IP?
> 
> If you need more information please let me know. I am going nuts, because I
> can't track this down yet.
> 
> Thanks,
> Shane Sammons
> National Park Elementary

> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>