# No internet -- DNS issue?



## QuinRiva (Sep 28, 2015)

I spent most of today trying to get sickbeard working with url redirecting and at some point I broke my internet connection.

I suspect it is a DNS issue, as I'm running BIND on the box and I can ping outside address:

```
traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 52 byte packets
1  192.168.0.254 (192.168.0.254)  0.185 ms  0.165 ms  0.116 ms
2  10.20.23.59 (10.20.23.59)  11.469 ms  11.442 ms  10.509 ms
3  202.7.214.17 (202.7.214.17)  10.981 ms  10.617 ms  11.770 ms
4  203.219.35.70 (203.219.35.70)  14.807 ms  13.904 ms  12.289 ms
5  203.219.107.6 (203.219.107.6)  11.971 ms  11.886 ms  24.843 ms
6  216.239.41.31 (216.239.41.31)  13.128 ms  14.831 ms
    216.239.41.5 (216.239.41.5)  13.483 ms
7  209.85.251.53 (209.85.251.53)  13.301 ms
    216.239.40.255 (216.239.40.255)  12.844 ms
    216.239.41.61 (216.239.41.61)  13.521 ms
8  8.8.8.8 (8.8.8.8)  12.461 ms  13.014 ms  13.240 ms
```

However :

```
root@pride:/ # traceroute www.google.com
traceroute: unknown host www.google.com
```

The router seems to be working fine:

```
root@pride:/ # dig @192.168.0.254 www.google.com

; <<>> DiG 9.9.8 <<>> @192.168.0.254 www.google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33432
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.google.com.                        IN      A

;; ANSWER SECTION:
www.google.com.         185     IN      A       216.58.220.132

;; Query time: 0 msec
;; SERVER: 192.168.0.254#53(192.168.0.254)
;; WHEN: Mon Sep 28 09:23:16 EST 2015
;; MSG SIZE  rcvd: 59
```

For reference my /etc/resolv.conf file consists of:

```
search SIN.X
nameserver 192.168.0.1
nameserver 198.153.194.1
nameserver 8.8.4.4
```

I have no idea what I've done wrong....


----------



## da1 (Sep 28, 2015)

You are doing a dig(1) on 192.168.0.254 but your /etc/resolv.conf said your first ns is 192.168.0.1.

Are these 2 IP's on the same server? On which IP is the dns daemon listening on? Is the daemon running? Did you check the logs?


----------



## QuinRiva (Sep 28, 2015)

Sorry, I wasn't clear in the OP: 192.168.0.254 is my router.

192.168.0.1 is my server, and my only server, and so the DNS is listening on that IP.

The logs say this, but I'm not sure how to interpret:

```
Sep 28 09:14:36 pride named[1393]: starting BIND 9.9.8 (Extended Support Version) <id:2d6d4ba> -u bind -c /usr/local/etc/namedb/named.conf
Sep 28 09:14:36 pride named[1393]: built with '--localstatedir=/var' '--disable-linux-caps' '--disable-symtable' '--with-randomdev=/dev/random' '--with-libxml2=/usr/local' '--sysconfdir=/usr/local/etc/namedb' '--disable-fetchlimit' '--d$
Sep 28 09:14:36 pride named[1393]: ----------------------------------------------------
Sep 28 09:14:36 pride named[1393]: BIND 9 is maintained by Internet Systems Consortium,
Sep 28 09:14:36 pride named[1393]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Sep 28 09:14:36 pride named[1393]: corporation.  Support and training for BIND 9 are
Sep 28 09:14:36 pride named[1393]: available at https://www.isc.org/support
Sep 28 09:14:36 pride named[1393]: ----------------------------------------------------
Sep 28 09:14:37 pride named[1393]: command channel listening on 127.0.0.1#953
Sep 28 09:14:37 pride named[1393]: command channel listening on ::1#953
Sep 28 09:14:37 pride named[1393]: all zones loaded
Sep 28 09:14:37 pride named[1393]: running
Sep 28 09:14:45 pride ntpd_initres[1195]: host name not found: 1.freebsd.pool.ntp.org
Sep 28 09:15:10 pride ntpd_initres[1195]: host name not found: 2.freebsd.pool.ntp.org
Sep 28 09:19:28 pride ntpd_initres[1195]: host name not found: 0.freebsd.pool.ntp.org
Sep 28 09:19:44 pride ntpd_initres[1195]: host name not found: 1.freebsd.pool.ntp.org
Sep 28 09:19:57 pride samba[1108]: [2015/09/28 09:19:57.262737,  0] ../source4/dsdb/dns/dns_update.c:294(dnsupdate_nameupdate_done)
Sep 28 09:19:57 pride samba[1108]:   ../source4/dsdb/dns/dns_update.c:293: Failed DNS update - NT_STATUS_IO_TIMEOUT
```

DNS appears to be running:

```
root@pride:/var/log # service named status
named is running as pid 1393.
```


----------



## andrian (Sep 29, 2015)

Hi, is your BIND server listening?

```
Sep 28 09:14:37 pride named[1393]: command channel listening on 127.0.0.1#953
Sep 28 09:14:37 pride named[1393]: command channel listening on ::1#953
```
Please:

```
root@freebsd:/usr/home/andrian # nslookup
> server
Default server: 127.0.0.1
Address: 127.0.0.1#53
> google.com.ua
Server:  127.0.0.1
Address:  127.0.0.1#53

Non-authoritative answer:
Name:  google.com.ua
Address: 216.58.209.163
>
```
And see server? If server is 127.0.0.1 and not in resolv.conf then see config bind problem on lines:

```
// If named is being used only as a local resolver, this is a safe default.
// For named to be accessible to the network, comment this option, specify
// the proper IP address, or delete this option.
  listen-on  { 127.0.0.1; 10.144.40.2; };

// If you have IPv6 enabled on this system, uncomment this option for
// use as a local resolver.  To give access to the network, specify
// an IPv6 address, or the keyword "any".
//  listen-on-v6  { ::1; };
//  include "/etc/namedb/auto_forward.conf";

  /*
  Modern versions of BIND use a random UDP port for each outgoing
  query by default in order to dramatically reduce the possibility
  of cache poisoning.  All users are strongly encouraged to utilize
  this feature, and to configure their firewalls to accommodate it.

  AS A LAST RESORT in order to get around a restrictive firewall
  policy you can try enabling the option below.  Use of this option
  will significantly reduce your ability to withstand cache poisoning
  attacks, and should be avoided if at all possible.

  Replace NNNNN in the example with a number between 49160 and 65530.
  */
  // query-source address * port NNNNN;
  allow-query {
  10.144.40.0/24;
  10.144.144.0/24;
  10.0.14.0/24;
  10.138.138.0/24;
  172.16.1.6/32;
  localhost;
  };
};
```
I allowed my internal LAN network 10.144.40.0/24, 10.144.144.0/24 ....
And edit /etc/resolv.conf:

```
# Generated by resolvconf
#this my domain name - dom2009.com
domain dom2009.com
nameserver 127.0.0.1
#nameserver 8.8.8.8
#nameserver 8.8.4.4
```


----------



## QuinRiva (Sep 29, 2015)

Thank you so much!

I change my /etc/resolv.conf so it now reads:

```
search SIN.X
domain SIN.X
nameserver 127.0.0.1
```

and it works!


----------

