Can ping DNS server, but can't look up addresses
Rick Kunkel
have the dns server in the configuration like this:
ip name-server 206.98.114.10
ip name-server 206.98.114.20
This is what happens:
Router#ping www.yahoo.com
Translating "www.yahoo.com"...domain server
(206.98.114.10)(206.98.114.20)
% Unrecognized host or address, or protocol not running.
I can ping the DNS servers. I can ping yahoo by IP. Dialup users
connected to this equipment (Cisco 5200) can ping yahoo by name, even
though I cannot directly from the 5200. It's only one hop to the DNS
server.
Any ideas? Any help would be much appreciated. If you need more
info, don't hesitate to ask.
Thanks,
Rick Kunkel
Worldlink Internet Services
mhddp
it looks like you've configured the router correctly,
but you need to look at the configs of your actual DNS servers,
or is there a firewall in the way ?
the ping tests you've done prove that the router config is correct
ie; when you ping by name,
the router goes away to the DNS servers
but they do not resolve the name.
Hope this helps,
regards,
MariaD
"Rick Kunkel" <kun...@w-link.net> wrote in message
news:3a41786b....@news.w-link.net...
Bozo D Clown
questions and maybe it'll help you narrow down the bug..
1. first the cardinal question of trouble shooting...did this ever work? Do
lookups fail in every instance or only to certain domain names?-- a "some do
some dont" reply points at problems with the DNS servers themselves--
2. If it was working well,. then when/how did it quit (i.e was there an
"upgrade"/config chg/addition-change to routing/etc or was the system
humming along nicely and then "POOF" -it quit-? If it never worked --then
maybe you should hand it back to the DE that deployed it...
3.Can other devices in the network resolve to the mentioned DNS servers? If
"yes" are they on the same subnet as your 5300, and if so do you share a
common gateway? If "No" then do we know those servers are in fact alive and
well?..
one way to check is to jump on a Unix box and type "nslookup" at the prompt
which should put you at a ">" prompt and tell you what the current server is
(write so U dont forget) ....type "server 206.98.114.10"<enter>...this will
repoint your resolver to the questionable server . Now do a lookup...does
it work?
4. The affected box sounds like a customer gateway so what about
access-lists? any chance that there is one rule too many/few/misaplied?--
you say the servers are 1 hop away...do you mean that they on a directly
connected network to the 5200 or is there is an intermediate router? If so,
can that router resolve correctly?...does that router have access-lists?
5. Have you applied the desperation technique? (bounced the router at
midnight)..IOS is known for "choking" and needing a bounce every now and
then..on the bigger boxes we use "microcode reloads" to avoid bouncing the
entire animal...but the command is there for a reason!
NOTE: Your users ability to resolve DNS is not tied to your router's
configuration. Normally the user's boxe's will have their resolvers pointed
to their own DNS servers (maybe even the same ones that you mention below)
so its not surprising that the users are OK but the router is hosed (insofar
as DNS lookup is concerned)....
well ....I leave you with this handfull of queries to ponder....but I think
your answer will surface while ferreting out these few..
Good Luck!
B.D.C
"Rick Kunkel" <kun...@w-link.net> wrote in message
news:3a41786b....@news.w-link.net...
______________________________________________________________________
Posted Via Uncensored-News.Com - Still Only $9.95 - http://www.uncensored-news.com
With Servers In California, Texas And Virginia - The Worlds Uncensored News Source
Rick Kunkel
1. As ugly as it sounds, I'm not sure if it worked before or not.
This 5200 is not one that I've normally logged into and tried to ping
outside. A previous employee of the company originally set it up, and
since users have been fine, there was never any reason to question it.
2. I've tried to start consolidating things, so changes have been
made. I am putting all of our routers on one class C of addresses
instead of spread around several. I have been making all the routers
have primary ip addresses on this one class C.
3. Some other devices have probs with the DNS. All the devices are
in one subnet (with their primary IPs). Some may have secondary
addresses in different subnets. I know the DNS server works totally
fine. Been using it for years and it's still going strong. Other
routers on the same subnet can look up addresses just fine. And
again, I can ping the the name server no prob.
4. I haven't checked access-lists actually, but I don't thik that'd
be the case. I definitely haven't added any. The 5200 is on the same
subnet as the name server.
5. Haven't tried the reboot. I have five 5200's that are all doing
the same thing, and one 3620 that is as well. I think it's a config
prob, but I can't for the life of me figure out WHAT it is.
As for the users dialed up to the 5200 having no prob... I guess that
makes sense. The user makes a connection to the name server...it
doesn't ask the router to resolve an address.
It's just plain weird...
Thanks,
Rick Kunkel
Worldlink Internet Services
On Wed, 20 Dec 2000 22:39:48 -0700, "Bozo D Clown" <bigtop@thezoo>
wrote:
Rick Kunkel
fine. For instance, all these devices are on the 206.98.114.0
network. If I log into one of the routers (the bad ones) and try to
traceroute to frodo.w-link.net (which is 206.98.114.10) I get this:
-----
Router#traceroute frodo.w-link.net
Type escape sequence to abort.
Tracing the route to frodo.w-link.net (206.98.114.10)
1 frodo.w-link.net (206.98.114.10) 8 msec 4 msec 4 msec
-----
If I try to traceroute to www.w-link.net, which is just a CNAME for
frodo.w-link.net and resolves fine with any other thing on that
206.98.114.0 network (except these troublesome pieces of equipment), I
get this:
-----
Router#traceroute www.w-link.net
Translating "www.w-link.net"...domain server (206.98.114.10)
(206.98.114.20)
% Unrecognized host or address.
-----
Wacky stuff, I tell ya. Just some more info....
Thanks,
Rick Kunkel
Worldlink Internet Services
On Wed, 20 Dec 2000 22:39:48 -0700, "Bozo D Clown" <bigtop@thezoo>
wrote:
>o way to diagnose given the scant information so I'll barrage you with
Sam Mortimer
> have the dns server in the configuration like this:
>
> ip name-server 206.98.114.10
> ip name-server 206.98.114.20
>
> This is what happens:
>
> Router#ping www.yahoo.com
> Translating "www.yahoo.com"...domain server
> (206.98.114.10)(206.98.114.20)
> % Unrecognized host or address, or protocol not running.
what does "debug domain" show when you try the above?
Cheers
-Sam.
Dave Phelps
(public) IP address?
Dave Phelps
Phone Masters Ltd.
tippe...@nospam.com
ARP happens!
nospam=bigfoot
kod
If its dhcp go to one of the users and configure it static. Leave out the
domain name. See if that generates the same problem. If it does add your
domain name to box. I was thinking that maybe you do not have the domain
name configured in the box. My only problem is that I could see this
problem happening on the inside not the outside. After a foreign address
hits your dns it should forward it to the outside.
Are you pinging by name from those boxes on your LAN?
"Dave Phelps" <tippe...@nospam.com> wrote in message
news:fmj54t88nt17ud7ep...@4ax.com...