Linux Experts Needed

[GoPackGo]

Hi,

I am connecting into a network via Cisco VPN Client for linux.

I can ping IP addresses but not names. It comes back with unknown host.

The kicker is I can use the host command and nslookup and it will resolve.

I have checked resolv.conf and it looks fine.

If I take the machine and connect it directly to the network I am trying to connect it works fine.

any ideas?

Linux = Suse 9.3

 

[TonyRic]

Is the hostname fully qualified? If so try 'ping <hostname/domain> <DNS server IP>' and see if that works.

Also, have you tried 'dig'?

 

[RebateMonger]

n.m.

 

[GoPackGo]

Originally posted by: TonyRic
Is the hostname fully qualified? If so try 'ping <hostname/domain> <DNS server IP>' and see if that works.

Also, have you tried 'dig'?

I tried the ping with DNS server IP and that didn't work
ie ping host.domain serverip

dig returned an ip.

 

[Nothinman]

/etc/nsswitch.conf is used to control how the resolver library handles name resolution (host, nslookup, dig all query the DNS server directly). Make sure it has a line similar to:

hosts: files dns

They're the base required, files is for /etc/hosts and dns is for DNS. There are some other valid options like lwresd for the bind caching daemon or mdns for multicast dns and maybe others, but I don't think they should affect anything as long as the resolver will go through them in order so if DNS is returning the proper name it should return at that point and not try any more.

 

[Yeraze]

It's been a year since I last used the Linux Cisco client, but I seem to remember having a similar issue related to the fact that hte VPN software actually overwrites your /etc/resolv.conf when you connect. See what yours is set to before you connect, and once you're connected.

Also, do you have ALL traffic routed through your VPN, or only network-specific traffic? I believe it's an option in the configuration files...

 

[GoPackGo]

Originally posted by: Nothinman
/etc/nsswitch.conf is used to control how the resolver library handles name resolution (host, nslookup, dig all query the DNS server directly). Make sure it has a line similar to:

hosts: files dns

They're the base required, files is for /etc/hosts and dns is for DNS. There are some other valid options like lwresd for the bind caching daemon or mdns for multicast dns and maybe others, but I don't think they should affect anything as long as the resolver will go through them in order so if DNS is returning the proper name it should return at that point and not try any more.

I checked that and it does.

 

[GoPackGo]

Originally posted by: Yeraze
It's been a year since I last used the Linux Cisco client, but I seem to remember having a similar issue related to the fact that hte VPN software actually overwrites your /etc/resolv.conf when you connect. See what yours is set to before you connect, and once you're connected.

Also, do you have ALL traffic routed through your VPN, or only network-specific traffic? I believe it's an option in the configuration files...

It does overwrite the resolv.conf

once the VPN connects it routes ALL traffic through it. Local LAN access is disabled.

Whats weird is I can use NSLOOKUP, DIG, and HOST.


PING won't work.

 

[Yeraze]

Is ping failing to resolve hostnames, or are you just seeing 100% packet loss with ping? If it's the 2nd, then the host at the other end may simply just be blocking ping packets.

Also, do you have a caching DNS system setup locally that may cause some commands to resolve?

 

[GoPackGo]

Originally posted by: Yeraze
Is ping failing to resolve hostnames, or are you just seeing 100% packet loss with ping? If it's the 2nd, then the host at the other end may simply just be blocking ping packets.

Also, do you have a caching DNS system setup locally that may cause some commands to resolve?

If I ping the IP it comes back just fine. If I ping the name it comes back ping: unknown host.

I don't believe I have DNS caching...how can I tell?

 

[Yeraze]

Well.. if you ping the same hostname before you VPN and it works, and it fails while you're VPN'ed, then it's not a Caching DNS problem

 

[Yeraze]

AS for a DNS server locally, look for a 'bind' or 'named' process running.

I'm kinda out of ideas, but just from googling I found a known issue with *.local domains that may also apply to this. it's for Suse, but this site: http://portal.suse.com/sdb/en/2005/07/rdassen_multicast_dns.html says that if you put 'mdns off' in your /etc/host.conf file that will disable the spiffy new Multicast DNS and use the older Unicast DNS.

 

[TonyRic]

Originally posted by: Yeraze
AS for a DNS server locally, look for a 'bind' or 'named' process running.

I'm kinda out of ideas, but just from googling I found a known issue with *.local domains that may also apply to this. it's for Suse, but this site: http://portal.suse.com/sdb/en/2005/07/rdassen_multicast_dns.html says that if you put 'mdns off' in your /etc/host.conf file that will disable the spiffy new Multicast DNS and use the older Unicast DNS.

What an obscure problem. NICE find.