Only the first nameserver entry in resolv.conf is being queried

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Only the first nameserver entry in resolv.conf is being queried

Brett Mahar-2
Hi misc'ers,

I have customised dhclient.conf so I can use nameservers other than my ISP's. The first one on my list is unreliable, but instead of going to the next on the list, ping, xxxterm and firefox are not finding the sites (ie DNS queries are not being answered).

I am running Aug 14 -current, amd64.

The man page for resolv.conf says
                "Up to MAXNS (currently 3) name servers may be listed, one per
                 line.  If there are multiple servers, the resolver library
                 queries them in the order listed.  If no nameserver entries
                 are present, the default is to use the name server on the
                 local machine.  (The algorithm used is to try a name server,
                 and if the query times out, try the next, until out of name
                 servers, then repeat trying all name servers until a maximum
                 number of retries are performed.)"

But this is not what seems to happen.

---------------
My /etc/dhclient.conf:

# $OpenBSD: dhclient.conf,v 1.2 2011/04/04 11:14:52 krw Exp $
# DHCP Client Configuration
supersede domain-name-servers 208.71.35.137, 84.22.100.250, 67.212.90.199;

When I run dhclient, it generates this file in /etc/resolv.conf:

nameserver 208.71.35.137
nameserver 84.22.100.250
nameserver 67.212.90.199

---------------
The nameserver at 208.71.35.137 does not seem to be returning DNS queries with the above resolv.conf configuration.
If I try to ping, I get:

# ping unsw.edu.au    
ping: unknown host: unsw.edu.au
# ping ucla.edu
ping: unknown host: ucla.edu

Also xxxterm and firefox could not find web pages.
eg, xxxterm says:
"Unable to load page
Problem occurred while loading the URL http://public-root.com/root-server-locations.htm
Cannot resolve hostname (public-root.com)"

(Although one time the page did load - presumably the 208.71.35.137 server came online for a few seconds then back offline again).

-----------------
If I comment out the first line of the above resolv.conf, I get:

# ping unsw.edu.au    
PING unsw.edu.au (149.171.96.60): 56 data bytes
64 bytes from 149.171.96.60: icmp_seq=0 ttl=239 time=201.043 ms
...
--- unsw.edu.au ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 201.043/201.212/201.372/0.535 ms

# ping ucla.edu      
PING ucla.edu (169.232.33.224): 56 data bytes
64 bytes from 169.232.33.224: icmp_seq=0 ttl=48 time=48.711 ms
--- ucla.edu ping statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 48.711/48.711/48.711/0.000 ms

-----------------
This looks to me like if the first nameserver is not responding, the next on the list is ignored.
I looked at the mailing lists and a bunch of man pages: dhclient.conf, dhclient-script, gethostbyname, resolver, resolv.conf, and dhclient and could not see a way to change this behaviour.

Am I misinterpreting what is happening when the pings are not finding the hosts, or doing something wrong in my config?

Thanks,
Brett.

Reply | Threaded
Open this post in threaded view
|

Re: Only the first nameserver entry in resolv.conf is being queried

Daniel Melameth
On Tue, Aug 16, 2011 at 12:05 PM, Brett <[hidden email]> wrote:
> I have customised dhclient.conf so I can use nameservers other than my
ISP's. The first one on my list is unreliable, but instead of going to the
next on the list, ping, xxxterm and firefox are not finding the sites (ie DNS
queries are not being answered).

> When I run dhclient, it generates this file in /etc/resolv.conf:
>
> nameserver 208.71.35.137
> nameserver 84.22.100.250
> nameserver 67.212.90.199
>
> The nameserver at 208.71.35.137 does not seem to be returning DNS queries
with the above resolv.conf configuration.

> If I try to ping, I get:
>
> # ping unsw.edu.au
> ping: unknown host: unsw.edu.au
> # ping ucla.edu
> ping: unknown host: ucla.edu
>
> Also xxxterm and firefox could not find web pages.
> eg, xxxterm says:
> "Unable to load page
> Problem occurred while loading the URL
http://public-root.com/root-server-locations.htm
> Cannot resolve hostname (public-root.com)"
>
> (Although one time the page did load - presumably the 208.71.35.137 server
came online for a few seconds then back offline again).

>
> If I comment out the first line of the above resolv.conf, I get:
>
> # ping unsw.edu.au
> PING unsw.edu.au (149.171.96.60): 56 data bytes
> 64 bytes from 149.171.96.60: icmp_seq=0 ttl=239 time=201.043 ms
>
> # ping ucla.edu
> PING ucla.edu (169.232.33.224): 56 data bytes
> 64 bytes from 169.232.33.224: icmp_seq=0 ttl=48 time=48.711 ms
>
> This looks to me like if the first nameserver is not responding, the next on
the list is ignored.
> I looked at the mailing lists and a bunch of man pages: dhclient.conf,
dhclient-script, gethostbyname, resolver, resolv.conf, and dhclient and could
not see a way to change this behaviour.
>
> Am I misinterpreting what is happening when the pings are not finding the
hosts, or doing something wrong in my config?

A quick dig @208.71.35.137 shows it is responding, but not providing
an answer.  I imagine if 208.71.35.137 was not responding at all,
resolv.conf would behave as expected.

Reply | Threaded
Open this post in threaded view
|

Re: Only the first nameserver entry in resolv.conf is being queried

Brett Mahar-2
From: Brett <[hidden email]>
To: Daniel Melameth <[hidden email]>
Subject: Re: Only the first nameserver entry in resolv.conf is being queried
Date: Tue, 16 Aug 2011 16:46:15 -0700
X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; x86_64-unknown-openbsd5.0)


> > nameserver 208.71.35.137
> > nameserver 84.22.100.250
> > nameserver 67.212.90.199
> >
> > The nameserver at 208.71.35.137 does not seem to be returning DNS queries
> > with the above resolv.conf configuration.

On Tue, 16 Aug 2011 13:16:02 -0600
Daniel Melameth <[hidden email]> wrote:
>
> A quick dig @208.71.35.137 shows it is responding, but not providing
> an answer.  I imagine if 208.71.35.137 was not responding at all,
> resolv.conf would behave as expected.
>

I just tried a putting a couple of random IP addresses as the first nameserver on the list, and now resolv.conf is indeed going through the list when the first one fails to give an answer.

Thanks, Daniel!

Brett.