queer dns access problem
Stephen Carville
scarville at landam.com
Wed Dec 12 21:24:00 UTC 2007
Bill Tangren wrote:
>>> -----Original Message-----
>> Some ideas:
>>
>> Turn off firewalling if possible.
>>
>> Check default route
>> # ip route list
>> 10.212.166.0/24 dev eth0 proto kernel scope link src 10.212.166.26
>> 169.254.0.0/16 dev eth0 scope link
>> default via 10.212.166.1 dev eth0 <----!!!!
>>
>> correct if necessary.
>>
>> Check for UDP connectivity
>>
>> # nmap -PU -p53 DNS.SERVER.IP.ADDRESS
>>
>> # traceroute -U DNS.SERVER.IP.ADDRESS
>
>
> OK, this is what is produced on the server that works:
>
> *****
> [root at mach2 X11]# ip route list
> 169.254.0.0/16 dev eth0 scope link
> 10.0.0.0/8 dev eth0 proto kernel scope link src 10.1.5.58
> default via 10.1.1.2 dev eth0
So mach2:eth0 has an IP of 10.1.5.58, right?
> [root at mach2 ~]# nmap -PU -p53 10.1.1.6
> Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2007-12-12 15:33
> EST
> Note: Host seems down. If it is really up, but blocking our ping probes,
> try -P0
> Nmap run completed -- 1 IP address (0 hosts up) scanned in 2.054 seconds
>
> [root at mach2 ~]# nmap -PU -p53 10.1.1.46
> Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2007-12-12 15:33
> EST
> Interesting ports on aurora.timenet.usno.navy.mil (10.1.1.46):
> PORT STATE SERVICE
> 53/tcp open domain
> MAC Address: 00:18:8B:38:28:97 (Unknown)
>
> Nmap run completed -- 1 IP address (1 host up) scanned in 0.295 seconds
>
> [root at mach2 ~]#
> *****
>
> The server that doesn't looks like this:
>
> *****
> [root at aa-cvs ~]# ip route list
> 169.254.0.0/16 dev eth0 scope link
> 10.0.0.0/8 dev eth0 proto kernel scope link src 10.1.5.58
> default via 10.1.1.2 dev eth0
and aa-cvs:eth0 also has an IP address of 10.1.5.58, right?
See the problem yet? Same IP address on two nodes?
> [root at aa-cvs ~]# nmap -PU -p53 10.1.1.6
> Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2007-12-12 15:33
> EST
> Note: Host seems down. If it is really up, but blocking our ping probes,
> try -P0
> Nmap run completed -- 1 IP address (0 hosts up) scanned in 2.054 seconds
>
> [root at aa-cvs ~]# nmap -PU -p53 10.1.1.46
> Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2007-12-12 15:33
> EST
> Note: Host seems down. If it is really up, but blocking our ping probes,
> try -P0
> Nmap run completed -- 1 IP address (0 hosts up) scanned in 2.049 seconds
>
> [root at aa-cvs ~]#
> *****
>
> The difference
>> If either works then check for an access list on your DNS. Usually in
>> named.conf
>
> I am having this problem even if I change the name and IP number of the
> broken server to the unbroken one. Same problem.
>
> I have now reinstalled the OS on the broken server, and it STILL is having
> problems. It has to be a hardware problem, but I can't figure out what it
> could be.
>
>
>
>> Try a different switch port if possible.
>
> I'll have to talk to the network guys about this.
>
>
>> --
>> Stephen Carville <scarville at landam.com>
>
>
--
Stephen Carville <scarville at landam.com>
Systems Engineer
Land America
1.626.667.1450 X1326
#####################################################################
Ad eundum quo nemo ante iit.
More information about the redhat-list
mailing list