Nslookup and host versus ftp, ping, etc. - strange problem

Nslookup and host versus ftp, ping, etc. - strange problem

Post by Sitaram Chamar » Fri, 07 Mar 1997 04:00:00



My apologies for the long post, but there's a peculiar problem I can't
figure out:

I have a FreeBSD 2.1.6 machine called "sitagw2k" from which "ping
sitagw2k", "ftp sitagw2k", "telnet..." etc work fine.  But "host
sitagw2k" and "nslookup sitagw2k" don't work.  I dont have "named"
running - we have a gateway/firewall machine which is used as a
nameserver as well as our link to the outside world.  That part is
fine: "nslookup ftp.freebsd.org" returns 165.113.58.253 and
wcarchive.cdrom.com, for instance.

So I have the peculiar situation that these commands can find others,
but not the machine on which they are running!

Details of configuration:

This is FreeBSD 2.1.6 on an unused P75 that nobody claimed - it is
*not* possible to sanctify its existence by including its name and IP
address in the NIS maps because if I attempt to do that I might lose
the machine (don't ask :-)  So I always refer to it by its IP address,
and everything works fine (FTP server, X server, Samba, is all I've
loaded on it so far).

But I loaded apache today, and got an unknown host error when
attempting to "http://iii.jjj.kkk.lll/~sitaram" (where the iii stuff
is the IP address).  The error I got was that "sitagw2k.mydomain.com"
was not found - it had resolved the IP address into a name, then
failed on the name lookup!

I spent about 2 hours trying to figure this out - during which time I
found out about host and nslookup!  I'd never had occasion to use them
before...I figure if I can get them to recognise "sitagw2k", apache
will too.

Other details: (1) "named" is not running.  (2) /etc/hosts contain the
127.0.0.1 (localhost) entry, as well as the sitagw2k entry with my IP
address on it.  (3) resolv.conf has our "gateway"s IP address as a
nameserver.

Any help, pointers, or suggestions much appreciated!  I'm at the end
of my tether.  I'd be happy to supply any other details that might be
pertinent that I have missed.

Sitaram

 
 
 

Nslookup and host versus ftp, ping, etc. - strange problem

Post by Ted Mittelstae » Sat, 08 Mar 1997 04:00:00



Quote:

>I have a FreeBSD 2.1.6 machine called "sitagw2k" from which "ping
>sitagw2k", "ftp sitagw2k", "telnet..." etc work fine.  But "host
>sitagw2k" and "nslookup sitagw2k" don't work.  I dont have "named"
>running - we have a gateway/firewall machine which is used as a
>nameserver as well as our link to the outside world.  That part is
>fine: "nslookup ftp.freebsd.org" returns 165.113.58.253 and
>wcarchive.cdrom.com, for instance.

>So I have the peculiar situation that these commands can find others,
>but not the machine on which they are running!

Not that particular, these commands are querying the nameserver which
of course doesen't have an entry for your machine, so it's returning
a "host unknown"

Quote:>Details of configuration:

>This is FreeBSD 2.1.6 on an unused P75 that nobody claimed - it is
>*not* possible to sanctify its existence by including its name and IP
>address in the NIS maps because if I attempt to do that I might lose
>the machine (don't ask :-)  So I always refer to it by its IP address,

NIS doesen't have anything to do with this.

Quote:

>But I loaded apache today, and got an unknown host error when
>attempting to "http://iii.jjj.kkk.lll/~sitaram" (where the iii stuff
>is the IP address).  The error I got was that "sitagw2k.mydomain.com"
>was not found - it had resolved the IP address into a name, then
>failed on the name lookup!

Your running into one of these grey areas.

Unfortunately, there is no RFC that covers how a host is supposed to
act when BOTH it's HOSTS file and it's nameserver contain valid data.

So, it is implementation dependent.  In your case, the resolver library
is querying the DNS, which is returning an "unknown host" and the
resolver is then saying "OK, I'm done so I'll tell the application
that the IP number bombed out"  This is understandable, because after
all the nameserver did respond with a valid response, it's just not the
response you want.

If the nameserver were offline, or the resolv.conf file was missing,
then the resolver library would get an error upon attempting to query
a nameserver.  It would then fall back to the local hosts file in a last
ditch effort to obtain a name-to-IP number mapping.

Now, in my opinion, the Right Thing to Do for a properly programmed
resolver is that if they get a "host unknown" response from a valid
nameserver that it should make a last-ditch effort to look for the
number/name in the local HOSTS file.  Unfortunately, most programmers
apparently don't feel this way because most resolvers out there ignore
HOSTS if an active DNS server is present.

You have two avenues to fix this:

1) You can run a local copy of named in "caching-only" mode, and make
it authorative for your own IP network number.  This means that if
your admins make a change in the DNS for your own network, you won't
see it unless you make the same change in your own DNS database.  It
will work for outside hosts, just not your own domain. (unless you have
entered hosts in it)  This may or may not be a problem for you.  You then
(obviously) create a resolv.conf pointing to your own machine.

2) You can modify the source for libresolv so that it falls back to
your own HOSTS file no matter what before returning with a host
unknown, then recompile everything that uses it.

Ted  

 
 
 

Nslookup and host versus ftp, ping, etc. - strange problem

Post by Mike Holli » Sat, 08 Mar 1997 04:00:00



>2) You can modify the source for libresolv so that it falls back to
>your own HOSTS file no matter what before returning with a host
>unknown, then recompile everything that uses it.

Can't you use /etc/host.conf to configure this?  If you have

hosts
bind

in /etc/host.conf it *should* always try the host table first.  I'm not sure if
the resolver routines honor this, but it's worth a shot.  This mechanism is
much more formalized in SysV-based Unices...

- Mike

 
 
 

1. nslookup works but ping,ftp,etc. can't resolve hosts?

I have a few SunOS 4.1.3 machines that have been moved from their
home to the network of a subcontractor. At home, NIS was used for
host resolving, with DNS running on the NIS server as well. Here
at the subcontractor, I have a DNS nameserver but no NIS server.

So, I set up resolv.conf with the IP of some local nameservers and
removed /etc/defaultdomain. If I query nslookup, I can get the
address of any host. However, ping, ftp, telnet, etc. cannot resolve
any hosts except those listed in /etc/hosts. What do I have to do
to get the resolver into those apps?

Thanks for any pointers,

Mike

--
Dr. Michael McCarrick                           (202) 223-8808 voice
ARCO Power Technologies, Washington DC          (202) 223-1377 fax

2. dhcp subnet masking problems

3. Strange network problems - pings to host are fine, pings from host fail

4. Send a signal to a running process?

5. PLEASE HELP: PING, DNS AND NSLOOKUP - NSLOOKUP GOOD PING BAD

6. How to configure two 3c509 n

7. nslookup works, ping <host> replies unknown host

8. Serious Network Service problems

9. FTP host unknown but NSLOOKUP knows host

10. can't ping, ftp etc "Unable to connect, unknown host"

11. DNS: ping gives "unknown host", but nslookup works

12. using /etc/hosts with nslookup