DNS lookups do not always work
DNS lookups do not always work
Here's an odd one.
I can use the 'host' command to lookup an IP of a FQDN, but if I run the ping command against that FQDN, it cannot do the lookup
[username@hostname ~]$ host yahoo.com
yahoo.com has address 209.191.122.70
yahoo.com has address 67.195.160.76
yahoo.com has address 69.147.125.65
yahoo.com has address 72.30.2.43
yahoo.com has address 98.137.149.56
yahoo.com mail is handled by 1 n.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 o.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 a.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 b.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 c.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 d.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 e.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 f.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 g.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 h.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 i.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 j.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 k.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 l.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 m.mx.mail.yahoo.com.
[username@hostname ~]$ ping yahoo.com
ping: unknown host yahoo.com
[username@hostname ~]$
I get the same behavior when I try to implement iptables rules using hostnames rather than IPs
any ideas?
I can use the 'host' command to lookup an IP of a FQDN, but if I run the ping command against that FQDN, it cannot do the lookup
[username@hostname ~]$ host yahoo.com
yahoo.com has address 209.191.122.70
yahoo.com has address 67.195.160.76
yahoo.com has address 69.147.125.65
yahoo.com has address 72.30.2.43
yahoo.com has address 98.137.149.56
yahoo.com mail is handled by 1 n.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 o.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 a.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 b.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 c.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 d.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 e.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 f.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 g.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 h.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 i.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 j.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 k.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 l.mx.mail.yahoo.com.
yahoo.com mail is handled by 1 m.mx.mail.yahoo.com.
[username@hostname ~]$ ping yahoo.com
ping: unknown host yahoo.com
[username@hostname ~]$
I get the same behavior when I try to implement iptables rules using hostnames rather than IPs
any ideas?
- AlanBartlett
- Forum Moderator
- Posts: 9345
- Joined: 2007/10/22 11:30:09
- Location: ~/Earth/UK/England/Suffolk
- Contact:
Re: DNS lookups do not always work
What is defined in your [b]/etc/resolv.conf[/b] file?
Re: DNS lookups do not always work
Just noticed that /etc/selinux/config had "SELINUX=enforcing" declared
changed to 'disabled' and rebooted and the problem went away
changed to 'disabled' and rebooted and the problem went away
Re: DNS lookups do not always work
[quote]
AlanBartlett wrote:
What is defined in your [b]/etc/resolv.conf[/b] file?[/quote]
Thanks for the response, Alan.
I had symlink /etc/resolv.conf to /usr/local/etc/resolv.conf (part of our CM scheme) and SELINUX didn't like it.
AlanBartlett wrote:
What is defined in your [b]/etc/resolv.conf[/b] file?[/quote]
Thanks for the response, Alan.
I had symlink /etc/resolv.conf to /usr/local/etc/resolv.conf (part of our CM scheme) and SELINUX didn't like it.
-
- Retired Moderator
- Posts: 18276
- Joined: 2006/12/13 20:15:34
- Location: Tidewater, Virginia, North America
- Contact:
Re: DNS lookups do not always work
Disabling a key security feature of Enterprise Linux, rather than correcting the underlying error, sounds like a bad idea to me. See
http://wiki.centos.org/HowTos/SELinux
http://wiki.centos.org/TipsAndTricks/SelinuxBooleans
http://wiki.centos.org/HowTos/SELinux
http://wiki.centos.org/TipsAndTricks/SelinuxBooleans
-
- Posts: 10642
- Joined: 2005/08/05 15:19:54
- Location: Northern Illinois, USA
DNS lookups do not always work
As is using hostnames in iptables rules.
Re: DNS lookups do not always work
Interestingly, re-enabling SELinux forced a relabel of everything and it "blessed" my symlink to /usr/local/etc/resolv.conf
Re: DNS lookups do not always work
I am leaving SELinux enabled on all servers, I have found even with 3rd party apps that install in /opt work just fine with it.
also I find this command useful cp --preserve=context file1 file2
I did a relabel on the filesystem and then rebooting the server and verifying all services function correctly without any problems.
getsebool -a | grep "httpd"
will display all of the options with selinux, I have found it very useful especially when dealing with bind/dhcp/tftpboot ect...
also I find this command useful cp --preserve=context file1 file2
I did a relabel on the filesystem and then rebooting the server and verifying all services function correctly without any problems.
getsebool -a | grep "httpd"
will display all of the options with selinux, I have found it very useful especially when dealing with bind/dhcp/tftpboot ect...