NS not using DNS

Pitmaster · October 16, 2018, 8:58am

NethServer Version: NethServer release 7.5.1804 (final)
Module: dns

Hello, I have filled in the DNS servers in the GUI. After login on with SSH I try to ping to google.nl with no response. If I ping to the ip adres of google.nl it has no problem to find the adres.

I searched the internet for a solution but didn’t find it. Someone who can help me here?

config setprop dns NameServers 8.8.8.8,8.8.4.4
signal-event nethserver-dnsmasq-save
Did not work.

grep server= /etc/dnsmasq.conf
server=8.8.8.8
server=8.8.4.4

server=//

config show dns
dns=configuration
NameServers=8.8.8.8,8.8.4.4

db networks show
enp0s31f6=ethernet
FwInBandwidth=
FwOutBandwidth=
bootproto=none
gateway=172.19.105.10
ipaddr=172.19.105.20
netmask=255.255.255.0
role=green
ppp0=xdsl-disabled
AuthType=auto
FwInBandwidth=
FwOutBandwidth=
Password=
name=PPPoE
provider=xDSL provider
role=red
user=

traceroute nethserver.org
nethserver.org: Name or service not known
Cannot handle “host” cmdline arg `nethserver.org’ on position 1 (argc 3)

Pit

robb · October 16, 2018, 9:55am

What is the content of /etc/resolv.conf?
I saw a post on another forum with a similar problem and it turned out there was a space before each entry in resolve.conf. After deleten that space, the problem was gone.

flatspin · October 16, 2018, 10:54am

Is dnsmasq running?
systemctl status dnsmasq

Pitmaster · October 16, 2018, 4:08pm

systemctl status dnsmasq
● dnsmasq.service - DNS caching server.
Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2018-10-10 04:54:45 CEST; 6h ago
Main PID: 2670 (dnsmasq)
CGroup: /system.slice/dnsmasq.service
└─2670 /usr/sbin/dnsmasq -k

Oct 10 04:54:45 My.domain.name.com systemd[1]: Started DNS caching server…
Oct 10 04:54:45 My.domain.name.com systemd[1]: Starting DNS caching server…
Oct 10 04:54:45 My.domain.name.com dnsmasq[2670]: started, version 2.76 cachesize 4000
Oct 10 04:54:45 My.domain.name.com dnsmasq[2670]: compile time options: IPv6 GNU-getopt DBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC loop-detect inotify
Oct 10 04:54:45 My.domain.name.com dnsmasq-tftp[2670]: TFTP root is /var/lib/tftpboot
Oct 10 04:54:45 My.domain.name.com dnsmasq[2670]: using nameserver 8.8.4.4#53
Oct 10 04:54:45 My.domain.name.com dnsmasq[2670]: using nameserver 8.8.8.8#53
Oct 10 04:54:45 My.domain.name.com dnsmasq[2670]: read /etc/hosts - 2 addresses

Pitmaster · October 16, 2018, 4:14pm

 cat /etc/resolv.conf

# ================= DO NOT MODIFY THIS FILE =================
#
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at NethServer official site: https://www.nethserver.org
#
#
domain My.domain.name.com
search My.domain.name.com

# dnsmasq is enabled on this machine:
nameserver 127.0.0.1

jfernandez · October 16, 2018, 4:26pm

I know this is not exactly related but it’s something I have been asking myself:

Why NS comes by default with a DNS server enabled by default ? It’s a good practice to only have one authoritative DNS server in a company, which is usually used by your AD server and your proxy, and setup your firewall in your gateway to only accept DNS request from that server, this prevents all source of things, like using DNS request to an external server to bypass proxy content filter (Windscribe does this).

Pitmaster · October 16, 2018, 4:40pm

I found a other file in /etc, /etc/resolv.conf.save
cat /etc/resolv.conf.save
; generated by /usr/sbin/dhclient-script
search ITPLAZA.ICT
nameserver 10.220.1.0
nameserver 10.221.221.221
nameserver 10.73.128.2

My guess now is that the setup made a correct guess on the dns in use in the company and I fucked it up by using the GUI that I found empty at the time… How to correct this? Rename the .save version?

Pit

robb · October 16, 2018, 4:59pm

That is consistent with resolv.conf on my NS instance.
I don’t see a file called /etc/resolv.conf.save on my NS instance

on my laptop I do have a file called /etc/resolv.conf.65SYMZ

cat resolv.conf.65SYMZ
Generated by NetworkManager
search ad.domain.tld
nameserver [ip of nsdc]

But this is a dhcp client and since you probably don’t use your server as dhcp client, this file shouldn’t be on a NS instance.

Pitmaster · October 16, 2018, 5:02pm

I tried to rename the two files and it worked. I can ping. But in the Nethserver GUI it still is the old situation. I can use the software centre, I didn’t make use of an account provider yet, I don’t hope he will mess uip thinks again if I do.

Pit

flatspin · October 17, 2018, 7:40am

Just because I saw it: Your timesettings seem to be not correct. You posted this on 2018-10-16.