queer dns access problem

[Stephen Carville]

> -----Original Message-----
> From: redhat-list-bounces at redhat.com
> [mailto:redhat-list-bounces at redhat.com] On Behalf Of Bill Tangren
> Sent: Monday, December 10, 2007 9:01 AM
> To: redhat-list at redhat.com
> Subject: queer dns access problem
> 
> I have two servers that are set up in the same way, except that the one
> that is working properly is running RHEL ES 4.6 while the other is
> running
> 4.5. I can't update the latter, because DNS is not working properly.
> Ordinarily I would poke around until I found the problem, and not bother
> y'all, but I'm stumped as to what the problem could be. Except for MAC
> address and IP number, the /etc/hosts, /etc/sysconfig/network,
> /etc/resolv.conf, and /etc/sysconfig/network-scripts/ifcfg-eth0 files
> are
> identical. Neither run a DNS service. Both are on the same subnet. Both
> boxes are running iptables, but turning off iptables doesn't help. I can
> ssh into, and ping the broken box. I can ssh out of that box too, if I
> use
> ip numbers. When I try to do an nslookup on the broken box, all I get
> is:
> 
> ;; connection timed out; no servers could be reached.
> 
> Could someone give me a few clues as to where to look to diagnose this
> problem?
> 

Some ideas:

Turn off firewalling if possible.

Check default route
# ip route list
10.212.166.0/24 dev eth0  proto kernel  scope link  src 10.212.166.26
169.254.0.0/16 dev eth0  scope link
default via 10.212.166.1 dev eth0 <----!!!!

correct if necessary.

Check for UDP connectivity

# nmap -PU -p53 DNS.SERVER.IP.ADDRESS

# traceroute -U DNS.SERVER.IP.ADDRESS

If either works then check for an access list on your DNS.  Usually in 
named.conf

Try a different switch port if possible.

-- 
Stephen Carville <scarville at landam.com>
Systems Engineer
Land America
1.626.667.1450 X1326
#####################################################################
Ad eundum quo nemo ante iit.