Puzzling DNS problem

[Martin Gregorie]

I've got an oddity with DNS lookups on my local LAN:

- running 'host' on the house server on my LAN has no trouble resolving
this laptop's name and address: its response correctly reports both
name and IP address - presumably because they've been retrieved from a
local of 'named'.

- however both 'ping' and 'traceroute' report it as
"Destination Host Unreachable" from the house server and ssh won't
connect to it using either hostname or IP

- 'ssh' reports 'No route to host' using either hostname or IP address

This started a couple of days ago when I was doing backups with rsync, run
from a login on the house server and with the backups going to an external
USB drive on the house server, when I used Ctrl/C to terminate an rsync
backup session that I realised I should not have started yet. Normally
this is quite safe: if an rsync session is killed that way it can usually
be restarted and it then carries on from where it was stopped, but this
time I think I was too quick off the mark and killed it while it was still
setting up the session.

This evidently has done some permanent damage to one or both machines'
configuration because this unreachable status isn't cleared by rebooting
either the machine I was running the backup from (my house server) or the
laptop.

The house server is running a local copy of the 'named' DNS server: this
is the IP authority for all IPs on my LAN and all external lookups are
forwarded to external DNSs. The house server also runs Spamassassin and
this setup also ensures that my copy of SA won't be blocked for exceeding
free usage limits by any of the spam blacklist maintainers.

Any tips or stories of similar problems and their reolution will be
gratefully received.


--

Martin | martin at
Gregorie | gregorie dot org

[Theo]

Martin Gregorie <mar...@mydomain.invalid> wrote:
> Any tips or stories of similar problems and their reolution will be
> gratefully received.

I've been having something a bit similar lately. I put the IP of one
of my LAN machines in the public DNS, however:

$ ping lanmachine.example.com
ping: lanmachine.example.com: Name or service not known

$ host lanmachine.example.com
$

[ie an empty response - not an error or NXDOMAIN, just nothing.
At this point Firefox can't access http://lanmachine.example.com/ ]

$ host -a lanmachine.example.com
Trying "lanmachine.example.com"
Trying "lanmachine.example.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30695
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;lanmachine.example.com. IN ANY

;; ANSWER SECTION:
lanmachine.example.com. 126 IN A 192.168.1.99

[now firefox can access http://lanmachine.example.com/ ]

The weird thing is that it goes back to being inaccessible after a few
minutes, and I need another 'host -a' to access it again.

The TTL on the A record in the DNS is 300 seconds, but that doesn't explain
why I'm getting empty DNS responses. The DNS zone looks fine to me.

The router is running dnsmasq and hasn't had any updates recently.
It seems like something is going wrong with DNS caching. Upstream DNS
servers are Sky's - 90.207.238.97/99

I'll try some third party public DNS servers and see if that changes things.

Theo

[Roger]

On Thu, 16 Mar 2023 20:40:42 -0000 (UTC), Martin Gregorie
<mar...@mydomain.invalid> wrote:

>I've got an oddity with DNS lookups on my local LAN:
>
>- running 'host' on the house server on my LAN has no trouble resolving
> this laptop's name and address: its response correctly reports both
> name and IP address - presumably because they've been retrieved from a
> local of 'named'.
>
>- however both 'ping' and 'traceroute' report it as
> "Destination Host Unreachable" from the house server and ssh won't
> connect to it using either hostname or IP
>
>- 'ssh' reports 'No route to host' using either hostname or IP address

According to what you have available on the laptop run
"ipconfig" or "ip address" and see if the laptop's address
agrees with what host is returning.
--
Roger

[Andy Burns]

Martin Gregorie wrote:

> however both 'ping' and 'traceroute' report it as
> "Destination Host Unreachable"

That implies it has resolved the name, but can't reach the IP it was
resolved to (firewall?)

[Andy Burns]

Martin Gregorie wrote:

> - 'ssh' reports 'No route to host' using either hostname or IP address

that implies you've got multiple subnets, with no routing between them.
have you got more than one DHCP server dishing out IPs from different
ranges?

[Martin Gregorie]

On 16 Mar 2023 21:49:24 +0000 (GMT), Theo wrote:

> Martin Gregorie <mar...@mydomain.invalid> wrote:
>> Any tips or stories of similar problems and their reolution will be
>> gratefully received.
>
> I've been having something a bit similar lately. I put the IP of one of
> my LAN machines in the public DNS, however:
>
> $ ping lanmachine.example.com ping: lanmachine.example.com: Name or
> service not known
>
> $ host lanmachine.example.com $

I should have said that I've seen this with both Fedora 36 and 37: the
latter is:

Linux version 6.1.18-200.fc37.x86_64

which is installed on both machines.

> The weird thing is that it goes back to being inaccessible after a few
> minutes, and I need another 'host -a' to access it again.
>

I've not seen that: its a stable fault and the one failing target laptop
produces the same errors regardless of whether its being queried with
ping, host or traceroute from my house server or from itself.

[Martin Gregorie]

On Thu, 16 Mar 2023 21:50:04 +0000, Roger wrote:

> According to what you have available on the laptop run "ipconfig" or "ip
> address" and see if the laptop's address agrees with what host is
> returning.

ip address returns this:

$ ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel
state UP group default qlen 1000
link/ether 28:d2:44:96:54:b6 brd ff:ff:ff:ff:ff:ff
inet 192.168.7.243/24 brd 192.168.7.255 scope global dynamic
noprefixroute enp0s25
valid_lft 210477sec preferred_lft 210477sec
inet6 fe80::151f:ab65:15ad:264b/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: wlp3s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group
default qlen 1000
link/ether 3e:a4:c8:eb:28:91 brd ff:ff:ff:ff:ff:ff permaddr e8:2a:ea:
45:5f:10
4: pan1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state
DOWN group default qlen 1000
link/ether b2:6f:22:c0:47:dc brd ff:ff:ff:ff:ff:ff
inet 10.226.119.1/24 scope global pan1
valid_lft forever preferred_lft forever

The IP address 192.168.7.243 has appeared recently, possibly with the
recent upgrade from Fedora 36 -> 37 - I haven't a clue who or what
dreamed that up: I certainly haven't set it up and none of 'host',
traceroute' or 'ping' get anything sensible from it:

$ host 92.168.7.243
Host 243.7.168.92.in-addr.arpa not found: 2(SERVFAIL)

$ traceroute 92.168.7.243;
traceroute to 92.168.7.243 (92.168.7.243), 30 hops max, 60 byte packets
1 _gateway (192.168.7.1) 17.763 ms 17.708 ms 17.663 ms
2 lns4.the.dsl.enta.net (78.33.253.139) 28.055 ms 28.412 ms 31.724 ms
3 100.bundle-ether2.the.dsl.enta.net (78.33.252.129) 36.179 ms 36.378
ms 36.994 ms
4 bundle-ether1.telehouse-east4.core.enta.net (188.39.127.244) 43.210
ms 43.194 ms 43.177 ms
5 172.30.1.24 (172.30.1.24) 43.940 ms 51.301 ms 51.286 ms
6 ldn-b3-link.ip.twelve99.net (62.115.51.10) 51.270 ms 33.149 ms
33.690 ms
7 ldn-bb1-link.ip.twelve99.net (62.115.120.74) 37.488 ms ldn-bb4-
link.ip.twelve99.net (62.115.122.180) 27.428 ms 28.281 ms
8 prs-bb2-link.ip.twelve99.net (62.115.133.239) 38.617 ms 36.304 ms
prs-bb1-link.ip.twelve99.net (62.115.135.25) 38.107 ms
9 prs-b1-link.ip.twelve99.net (62.115.125.171) 41.595 ms prs-b1-
link.ip.twelve99.net (62.115.125.167) 35.369 ms 38.121 ms
10 * * francetelecom-ic-369585-prs-b1.c.telia.net (195.12.254.155)
37.260 ms
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
$

$ ping 92.168.7.243;
PING 92.168.7.243 (92.168.7.243) 56(84) bytes of data.
^C
--- 92.168.7.243 ping statistics ---
14 packets transmitted, 0 received, 100% packet loss, time 13303ms

[Martin Gregorie]

Fair comment, but I haven't changed my firewall settings this year. The
immediate list of things: things I've been doing is:

Last Friday:
- backed up both laptop and house server as usual:
rsynced both machines to a USB portable drive
- upgraded the laptop from Fedora 36 to 37
- everything running as expected after the upgrade and tidy up

Last Wednesday
- started to back up the laptop, immediately realised I had something else
I should do before backing up the laptop, so Ctrl-C killed the rsync run
- discovered the laptop was no longer accepting rsync connections from the
house server
- did my usual dnf upgrade on the laptop and rebooted it
- logged into the house server by ssh from the laptop OK
- retried to back up the laptop: still couldn't get rsync to connect

- Backed up the house server
- upgraded the house server from Fedora 36 to 37
- discovered that the house server still couldn't connect to the laptop

- wrote my initial post to this thread.

[Martin Gregorie]

I don't believe so: I haven't touched my network configuration at all this
year and it uses only one subnet: 192.168.7.x.

The odd address thats popped up recently (192.168.7.243) has (so far) only
been displayed by the laptop.

I do have a DHCP server set up: its also on the house server, but is
configured to use a different range of IP addresses which are only used by
a Logitech Touch (in the range 192.168.7.100-199) and is only there
because the Touch seemed a bit random in the IP it acquired, but its
always been in the specified range.

Apart from a printer (IP assigned from its control panel) and my LAN to
internet gateway, which has a fixed internal address (192.168.7.1), all
the other IP addresses are fixed and defineded by the 'named' DNS server
on my house server.

[Grant Taylor]

On 3/16/23 6:24 PM, Martin Gregorie wrote:
> $ ip address

> 2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel
> state UP group default qlen 1000
> link/ether 28:d2:44:96:54:b6 brd ff:ff:ff:ff:ff:ff
> inet 192.168.7.243/24 brd 192.168.7.255 scope global dynamic
> noprefixroute enp0s25
> valid_lft 210477sec preferred_lft 210477sec
>

> The IP address 192.168.7.243 has appeared recently, possibly with the
> recent upgrade from Fedora 36 -> 37 - I haven't a clue who or what
> dreamed that up: I certainly haven't set it up and none of 'host',
> traceroute' or 'ping' get anything sensible from it:

The two addresses above (192.168.7.243) don't match the addresses below
(92.168.7.243).

It looks like a typo and / or a copy & paste error such that you're
missing a leading 1 digit.

> $ host 92.168.7.243
>
> $ traceroute 92.168.7.243;
>
> $ ping 92.168.7.243;





--
Grant. . . .
unix || die

[Andy Burns]

Martin Gregorie wrote:

> I haven't touched my network configuration at all this
> year and it uses only one subnet: 192.168.7.x.

Maybe post the output of

ip link show
ip addr show
ip route show

from both the server and laptop's PoV?

[Marco Moock]

Am 16.03.2023 schrieb Martin Gregorie <mar...@mydomain.invalid>:

> - running 'host' on the house server on my LAN has no trouble
> resolving this laptop's name and address: its response correctly
> reports both name and IP address - presumably because they've been
> retrieved from a local of 'named'.

cat /etc/resolv.conf
cat /etc/nsswitch.conf

host <hostname>
ping <hostname>

[Martin Gregorie]

From the server (as root because that's where I was running rsync from):
================
# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode
DEFAULT group default qlen 1000

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

2: enp0s7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state
UP mode DEFAULT group default qlen 1000
link/ether 6c:f0:49:9b:68:e6 brd ff:ff:ff:ff:ff:ff
# ip addr show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever

2: enp0s7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state

UP group default qlen 1000

link/ether 6c:f0:49:9b:68:e6 brd ff:ff:ff:ff:ff:ff
inet 192.168.7.2/24 brd 192.168.7.255 scope global noprefixroute
enp0s7
valid_lft forever preferred_lft forever
inet6 fe80::b1f3:2582:7301:d695/64 scope link noprefixroute
valid_lft forever preferred_lft forever
# ip route show
default via 192.168.7.1 dev enp0s7 proto static metric 100
192.168

From the laptop
===============
$ ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode
DEFAULT group default qlen 1000

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel

state UP mode DEFAULT group default qlen 1000

link/ether 28:d2:44:96:54:b6 brd ff:ff:ff:ff:ff:ff

3: wlp3s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode
DEFAULT group default qlen 1000
link/ether ba:95:03:88:07:c0 brd ff:ff:ff:ff:ff:ff permaddr e8:2a:ea:

45:5f:10
4: pan1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state

DOWN mode DEFAULT group default qlen 1000
link/ether b2:6f:22:c0:47:dc brd ff:ff:ff:ff:ff:ff
$ ip addr show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever

2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel
state UP group default qlen 1000
link/ether 28:d2:44:96:54:b6 brd ff:ff:ff:ff:ff:ff
inet 192.168.7.243/24 brd 192.168.7.255 scope global dynamic
noprefixroute enp0s25

valid_lft 258538sec preferred_lft 258538sec

inet6 fe80::151f:ab65:15ad:264b/64 scope link noprefixroute
valid_lft forever preferred_lft forever

3: wlp3s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group
default qlen 1000
link/ether ba:95:03:88:07:c0 brd ff:ff:ff:ff:ff:ff permaddr e8:2a:ea:

45:5f:10
4: pan1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state
DOWN group default qlen 1000
link/ether b2:6f:22:c0:47:dc brd ff:ff:ff:ff:ff:ff
inet 10.226.119.1/24 scope global pan1
valid_lft forever preferred_lft forever

$ ip route show
default via 192.168.7.1 dev enp0s25 proto dhcp src 192.168.7.243 metric
100
10.226.119.0/24 dev pan1 proto kernel scope link src 10.226.119.1 linkdown
192.168.7.0/24 dev enp0s25 proto kernel scope link src 192.168.7.243
metric 100
$

OK, I can see that "ip route show" says the link is down on the laptop but
I must be having a stupid day, because I can't work out from the 'ip'
manpage what command I parameters I should use to set the link to up. The
example shows "ip link set x up" but its not obvious what 'x' should be:
is it the default IP address (192.168.7.2) or what?

[Martin Gregorie]

On Fri, 17 Mar 2023 10:06:35 +0100, Marco Moock wrote:

> Am 16.03.2023 schrieb Martin Gregorie <mar...@mydomain.invalid>:
>
>> - running 'host' on the house server on my LAN has no trouble resolving
>> this laptop's name and address: its response correctly reports both
>> name and IP address - presumably because they've been retrieved from a
>> local of 'named'.
>
> cat /etc/resolv.conf

nameserver 127.0.0.53
options edns0 trust-ad
search gregorie.lan

> cat /etc/nsswitch.conf
passwd: sss files systemd
shadow: files
group: sss files systemd
hosts: files myhostname mdns4_minimal [NOTFOUND=return] resolve [!
UNAVAIL=return] dns
services: files sss
netgroup: sss
automount: files sss

aliases: files
ethers: files
gshadow: files
# Allow initgroups to default to the setting for group.
# initgroups: files
networks: files dns
protocols: files
publickey: files
rpc: files

>
> host <hostname>
passwd: sss files systemd
shadow: files
group: sss files systemd
hosts: files myhostname mdns4_minimal [NOTFOUND=return] resolve [!
UNAVAIL=return] dns
services: files sss
netgroup: sss
automount: files sss

aliases: files
ethers: files
gshadow: files
# Allow initgroups to default to the setting for group.
# initgroups: files
networks: files dns
protocols: files
publickey: files
rpc: files

> ping <hostname>
passwd: sss files systemd
shadow: files
group: sss files systemd
hosts: files myhostname mdns4_minimal [NOTFOUND=return] resolve [!
UNAVAIL=return] dns
services: files sss
netgroup: sss
automount: files sss

aliases: files
ethers: files
gshadow: files
# Allow initgroups to default to the setting for group.
# initgroups: files
networks: files dns
protocols: files
publickey: files
rpc: files

[Andy Burns]

Martin Gregorie wrote:

> I can see that "ip route show" says the link is down on the laptop but
> I must be having a stupid day, because I can't work out from the 'ip'
> manpage what command I parameters I should use to set the link to up.

the wifi device name is "wlp3s0", so
ip link set dev wlp3s0 up

or in old money
ifup wlp30s0

but you already seem to have a wired device "enp0s25" which is up, which
should the laptop be using?

[Martin Gregorie]

The laptop should be using 192.168.7.5 because that's the IP used for it
in the local domain for my LAN (supported by a named DNS server) and is
what its been assigned for several years, and working well up to the point
when all this nonsense started on Wednesday.

Wifi is intentionally disabled on the laptop: I don't use it.

But "enp0s25" is described by 'ip route' as

default via 192.168.7.1 dev enp0s25 proto dhcp src 192.168.7.243 metric
100

where 192.168.7.1 is assigned to the LAN side of my internet gateway/
firewall - so thats fairly sensible. The laptop has evidently got a lease
on 192.168.7.243 from a built-in DHCP server in my Internet firewall/
gateway box, which is configured to use IPs in the range

192.168.7.240 - 192.168.7.255

and is only used to keep my Logitech Touch happy: I'm using that to
interface my hifi amp to streamed audio from my server and off the
internet).

The laptop has always been assigned 192.168.7.5 as its static IP.

I just tried connecting to it from the server using 192.168.7.243 as a
bare IP- this works, but I'd prefer to reset that to 192.168.7.5 rather
than dumbly accepting the changed laptop IP (192.168.7.243) as a fate
accompli because I don't know how it became the default.

Can 'ip' be used to make that change? Thats not obvious from its manpage.

[Andy Burns]

Martin Gregorie wrote:

> The laptop has always been assigned 192.168.7.5 as its static IP.

is the MAC address associated with the static reservation correct?

Seems like everything is working at the IP layer, when you try to ping
the laptop by name from the server, presumably it uses the (now
incorrect) 192.168.7.5 addr because and fails because (for whatever
reason) it should use the altered addr 192.168.7.243?

> I just tried connecting to it from the server using 192.168.7.243 as a
> bare IP- this works, but I'd prefer to reset that to 192.168.7.5 rather
> than dumbly accepting the changed laptop IP (192.168.7.243) as a fate
> accompli because I don't know how it became the default.
>
> Can 'ip' be used to make that change? Thats not obvious from its manpage.

no, depends what DNS and or DHCP you're running (some e.g dnsmasqd may
be combined) seems like it's stale info there ca\using the problem,

[Adrian]

In message <tv20mp$1u3tc$3...@dont-email.me>, Martin Gregorie
<mar...@mydomain.invalid> writes

>The laptop has always been assigned 192.168.7.5 as its static IP.
>
>I just tried connecting to it from the server using 192.168.7.243 as a
>bare IP- this works, but I'd prefer to reset that to 192.168.7.5 rather
>than dumbly accepting the changed laptop IP (192.168.7.243) as a fate
>accompli because I don't know how it became the default.
>
>Can 'ip' be used to make that change? Thats not obvious from its manpage.
>
>

Does this help ?

https://linuxconfig.org/how-to-configure-static-ip-address-on-fedora-31

or
https://www.microhost.com/docs/tutorial/how-to-set-manual-or-static-ip-ad
dress-on-fedora/

Adrian
--
To Reply :
replace "bulleid" with "adrian" - all mail to bulleid is rejected
Sorry for the rigmarole, If I want spam, I'll go to the shops
Every time someone says "I don't believe in trolls", another one dies.

[Tony Mountifield]

In article <tuvus9$1cfql$1...@dont-email.me>,

Martin Gregorie <mar...@mydomain.invalid> wrote:
> I've got an oddity with DNS lookups on my local LAN:
>
> - running 'host' on the house server on my LAN has no trouble resolving
> this laptop's name and address: its response correctly reports both
> name and IP address - presumably because they've been retrieved from a
> local of 'named'.
>
> - however both 'ping' and 'traceroute' report it as
> "Destination Host Unreachable" from the house server and ssh won't
> connect to it using either hostname or IP
>
> - 'ssh' reports 'No route to host' using either hostname or IP address

Just chiming in here with some questions and ideas. Let us know if you've
already solved it.

1. The above behaviour suggests specifically that the IP address for the laptop
that your local DNS returns is not the same as the actual IP address the laptop
currently has.

2. Is the laptop supposed to use a fixed IP address, or to get it from DHCP?
Your 'ip addr' output shows that it obtained its .7.243 address from DHCP.
If it should have been fixed, you probably need to reconfigure NetworkManager.
Normally, a portable device like a laptop would always use DHCP, so you could
take it elsewhere to use, and if you wanted it always to have the same address
when at home, you would configure the DHCP server always to give the same
IP address to that MAC address.

3. If it is indeed DHCP, what device is your DHCP server? The router or the
house server? Had you previously configured it always to dish out the same IP,
as mentioned above, or did you just rely on default stickiness of the lease?

On my own LAN, I have disabled the DHCP server in my router, and I use dhcpd and
named on my Linux house server. I specify persistent DHCP addresses in /etc/dhcpd.conf
using "host xxx { ... }" sections such as:

host einstein {
hardware ethernet 00:12:3f:db:97:25;
fixed-address 192.168.50.14;
option host-name "einstein";
}

Cheers
Tony

--
Tony Mountifield
Work: to...@softins.co.uk - http://www.softins.co.uk
Play: to...@mountifield.org - http://tony.mountifield.org

[Marco Moock]

You forgot
dig a <hostname>
dig aaaa <hostname>

host <hostname>
ping <hostname>

[Martin Gregorie]

Understood.

A thought: I know very little about DHCP, but should the following correct
the problem?

- turn my internet gateway box off
- login to the server from the laptop
- restart the gateway box

Or, is there a better way to force the laptop to get its IP assigned by my
local DNS server?

[Martin Gregorie]

On Fri, 17 Mar 2023 15:51:25 +0000, Andy Burns wrote:

Understood. Thanks for the confirmation.

[Martin Gregorie]

That looks like a good idea.

I know I used to run dhcp on my server and have forgotten why I switched
to using the one in my gateway: probably something to do with systemd

Thanks

[Tony Mountifield]

In article <tv28do$1u3tc$4...@dont-email.me>,

Martin Gregorie <mar...@mydomain.invalid> wrote:
>
> A thought: I know very little about DHCP, but should the following correct
> the problem?
>
> - turn my internet gateway box off
> - login to the server from the laptop
> - restart the gateway box
>
> Or, is there a better way to force the laptop to get its IP assigned by my
> local DNS server?

A DNS server (process) never gives an IP address to another host.
It's a DHCP server (process) that does that. There should only be one
DHCP server on a LAN, either in the router or in your house server.
It is the DHCP server that needs to be configured to give your desired
fixed address to the laptop. It doesn't consult DNS to find out what
IP it should give; it manages the pool of IP addresses itself, and will
give out any IP address within its defined range if an IP assignment for
the client has not specifically been configured in the DHCP configuration.

Cheers
Tony
--
Tony Mountifield

Winchester, UK

[Martin Gregorie]

On Fri, 17 Mar 2023 23:15:31 +0000 (UTC), Tony Mountifield wrote:

> In article <tv28do$1u3tc$4...@dont-email.me>,
> Martin Gregorie <mar...@mydomain.invalid> wrote:
>>
>> A thought: I know very little about DHCP, but should the following
>> correct the problem?
>>
>> - turn my internet gateway box off - login to the server from the
>> laptop - restart the gateway box
>>
>> Or, is there a better way to force the laptop to get its IP assigned by
>> my local DNS server?
>

Oops: meant DHCP, wrote DNS

In any case, that didn't work: turned off the gateway bos for a minute or
two, turned it back on and the laptop still had the damn 192.168.7.243 IP

Today's job: disable the DHCP server in the internet gateway/firewall and
install a DHCP server on the house server after investigating recent
changes to the format of /etc/hostname and /etc/hosts.

[Andy Burns]

Martin Gregorie wrote:

> Today's job: disable the DHCP server in the internet gateway/firewall and
> install a DHCP server on the house server after investigating recent
> changes to the format of /etc/hostname and /etc/hosts.

Not sure what distro you're using, but if dnsmasqd is available, it
integrates DNS and DHCP functionality, so can cut down on redundant
config of hosts, it's used in most linux router/firewall firmware

<https://thekelleys.org.uk/dnsmasq/doc.html>

[Theo]

Theo <theom...@chiark.greenend.org.uk> wrote:
> The weird thing is that it goes back to being inaccessible after a few
> minutes, and I need another 'host -a' to access it again.
>
> The TTL on the A record in the DNS is 300 seconds, but that doesn't explain
> why I'm getting empty DNS responses. The DNS zone looks fine to me.

It turns out this is a feature of dnsmasq called 'rebind protection'. It
has a whitelist of domains that are allowed to contain RFC1918 addresses.
Once I added my domain to that list, DNS requests for private IPs in that
domain now work.

Theo

[Martin Gregorie]

I'm running Fedora 37, which has packages for dnsmasq and dhcp-server.
I've currently downloaded both and am looking at their documentation.

ATM my main surprise is that there doesn't seem to be a systemd service
defined for either server: I'd expected that to be included in the DNF
packages.

As a subsidiary problem, my ADSL gateway appears to be decaying because
its telnet and webserver interfaces are now unresponsive. The web
interface was always sluggish but currently are accepting connections but
not responding to logins (telnet prompts for and accepts a username but
does nothing further and the web interface accepts a connection but never
replies) - probably this is a wakeup call to move to fibre (if locally
available), and with the steady disappearance of ADSL and copper in
general, the last thing I need now is getting a replacement ADSL
gateway[*].

[*] This is relevant to the current discussion because I've been using the
ADSL gateway's built-in DHCP server to keep my Logitech Touch, a vital
part of my sound system, happy - most of my music collection is now on my
house server and accessed via a Squeezebox music server..

[Martin Gregorie]

On Fri, 17 Mar 2023 15:52:09 +0000, Adrian wrote:

> In message <tv20mp$1u3tc$3...@dont-email.me>, Martin Gregorie
> <mar...@mydomain.invalid> writes
>>The laptop has always been assigned 192.168.7.5 as its static IP.
>>
>>I just tried connecting to it from the server using 192.168.7.243 as a
>>bare IP- this works, but I'd prefer to reset that to 192.168.7.5 rather
>>than dumbly accepting the changed laptop IP (192.168.7.243) as a fate
>>accompli because I don't know how it became the default.
>>
>>Can 'ip' be used to make that change? Thats not obvious from its
>>manpage.
>>
>>
>>
> Does this help ?
>
> https://linuxconfig.org/how-to-configure-static-ip-address-on-fedora-31
>

Many thanks.

I now realise that somehow missed seeing NetworkManager, its certainly
part of Fedora 37, but was it a thing in Fedora 36?

IIRC I was using Named.service when I started to have problems: at that
point I'd upgraded the laptop to F37 but the server was still on F38, but
since then I've upgraded my server to F37 and the Named service has
vanished and been replaced by NetworkManager.

I think my next step is to read the NetworkManager service manual and
carry on from there.


> https://www.microhost.com/docs/tutorial/how-to-set-manual-or-static-ip-
address-on-fedora/

That looks useful too.



> Adrian

[Andy Burns]

Martin Gregorie wrote:

> I now realise that somehow missed seeing NetworkManager, its certainly
> part of Fedora 37, but was it a thing in Fedora 36?

Yes, much older than that ...

[Andy Burns]

Martin Gregorie wrote:

> my ADSL gateway appears to be decaying because
> its telnet and webserver interfaces are now unresponsive. The web
> interface was always sluggish but currently are accepting connections but
> not responding to logins (telnet prompts for and accepts a username but
> does nothing further and the web interface accepts a connection but never
> replies) - probably this is a wakeup call to move to fibre (if locally
> available), and with the steady disappearance of ADSL and copper in
> general, the last thing I need now is getting a replacement ADSL
> gateway[*].

Most VDSL modems double-up as ADSL modems, cheap secondhand on eBay

[Martin Gregorie]

Good info. Thanks.

[Martin Gregorie]

Strange: I've had named installed on my home server for yonks (from pre
systemd times) and F36 was using Named.service to manage it I suppose
NetworkManager could have been there but I don't remember seeing it. One
thing is for certain: the upgrade to F37 has removed Named.service.

wrt NetworkManager I had a quick look at its manpage, which would seem to
be more of a quick lookup info source than what I'd want to read to learn
about its what it does and how to use it properly. I've also found

https://networkmanager.dev/

Is this to best place to start finding out about it?

I need enough understanding to use it to manage both:

- my local LAN, preferably as it is defined in my
/var/named/named.gregorie.lan file,

- a DHCP server instance to keep my old Logitech Touch happy:
this seems only to understand DHCP connectivity: it
can't be configured to accept a URL: only an IP address will do.

The Touch converts FLAC files sent to it by a Squeezebox server on my
house server into the two channel stereo analog signal my old hifi
amp expects.

[Andy Burns]

Martin Gregorie wrote:

> I've also found
>
> https://networkmanager.dev/
>
> Is this to best place to start finding out about it?

I think that's the main website for it, do you run a GUI? Pretty much
any network config (static/dhcp etc) is accessible from the settings
dialog ... if not there's also a TUI