nslookup finds ip for a hostname in .local domain, but ping does not
Solution 1
I believe this is caused by mdns - multicast dns, for autoconfiguration of the .local domain.
If you check in /etc/nsswitch.conf
, you will probably see:
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
mdns4 is what is doing multicast dns. Try changing this to:
hosts: files dns
And see if it makes any difference. If it makes it work, you can remove mdns permanently with:
Try apt-get remove libnss-mdns
Which will do the nsswitch.conf
change for you as well.
Alternatively, don't use .local - use .lan or something instead.
Solution 2
Just to complete things:
nslookup just asks the given DNS server for the assigned A-record, it does NOT guarantee, that the device behind that record actually HAS that IP.
Even when the device has the correct IP (ex.: fixed IP of the device matches the one provided by DNS) - it doesn't guarantee the device is configured to respond to pings. This is a common point of frustration. (Im talking about you, windows firewall)
When you're crossing subnets, the router / gateway / firewall may restrict ICMP traffic (that's what a ping is) as well.
So you always need to check the full service chain from sender to recipient and vice versa. In case three, there may be settings like a) default gateway or b) (default) routes involved. So add them to your checklist.
Sorry for digging up this old one, but given from the header it seemed like a bit of information, someone could profit from.
Greetz.
Solution 3
Another thing that I have seen interfere with DNS is installing winbind. It seems to put a wins
entry before [NOTFOUND=return]
in /etc/nsswitch.conf
, which causes DNS to fail, but can be fixed by moving wins
to after the "NOTFOUND" part, also, preferably after dns so that dns lookup happens first, see this:
http://ubuntuforums.org/showthread.php?t=1496488
(not sure why this happens by default though; comments welcome!)
Solution 4
In my case removing resolve [!UNAVAIL=return]
, solved the issue
cat /etc/nsswitch.conf
...
#hosts: files mdns4_minimal [NOTFOUND=return] resolve [!UNAVAIL=return] dns myhostname
hosts: files mdns4_minimal [NOTFOUND=return] dns myhostname
...
Related videos on Youtube
Fernando
Updated on September 18, 2022Comments
-
Fernando over 1 year
I know this looks like all the other "can ping via ip but not dns" questions, but those didnt really help me at all.
Also, having hosts files in all machines is not doable as this server will eventually handle a lot of computers connecting to it.
I have a ldap+dns server set, and I want the computers on my network to authenticate on the ldap server.
The ldap part of it is working just fine and I can ssh into the ldap server with the ldap credentials just fine.
The problem comes with the client machines, the client is set to use the dns server (in this case 192.168.0.243) and if I get in the terminal and do a nslookup it finds the ldap server just fine.
fernando@desktest:~$ nslookup ldap.mynet.local Server: 192.168.0.243 Address: 192.168.0.243#53 Name: ldap.mynet.local Address: 192.168.0.243
But when I ping it, it doesn't find the ip address. It just hangs there looking pretty till I CTRL-C it.
Of course pinging by ip address works just fine.
Here are the zone files for the dns server:
fernando@ldap:~$ cat /etc/bind/named.conf.local zone "mynet.local" { type master; file "/etc/bind/db.mynet.local"; }; zone "0.168.192.in-addr.arpa" { type master; notify no; file "/etc/bind/db.192"; }; fernando@ldap:~$ cat /etc/bind/db.mynet.local ; ; BIND data file for local loopback interface ; $TTL 604800 @ IN SOA ns.mynet.local. root.mynet.local. ( 7 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS ns.mynet.local. ns IN A 192.168.0.243 server IN A 192.168.0.250 desktest IN A 192.168.0.249 remote IN A 192.168.0.248 winserver IN A 192.168.0.247 web IN A 192.168.0.246 tempfs IN A 192.168.0.245 ldap IN A 192.168.0.243 antenarfb IN A 192.168.0.253 antenapan IN A 10.82.223.7 adslgvt IN A 192.168.0.1 fernando@ldap:~$ cat /etc/bind/db.192 ; ; BIND reverse data file for local loopback interface ; $TTL 604800 @ IN SOA mynet.local. root.mynet.local. ( 6 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS ns. 1 IN PTR ns.mynet.local. 2 IN PTR server.mynet.local. 3 IN PTR desktest.mynet.local. 4 IN PTR remote.mynet.local. 5 IN PTR winserver.mynet.local. 6 IN PTR web.mynet.local. 7 IN PTR tempfs.mynet.local. 8 IN PTR ldap.mynet.local. 9 IN PTR antenarfb.mynet.local. 10 IN PTR antenapan.mynet.local. 11 IN PTR adslgvt.mynet.local. fernando@ldap:~$
I am really at a loss about what to do and any help will be greatly appreciated.
---- edit ----
before anybody asks, yes the server is running :)
root@ldap:/etc/bind# rndc status version: 9.7.0-P1 CPUs found: 1 worker threads: 1 number of zones: 16 debug level: 0 xfers running: 0 xfers deferred: 0 soa queries in progress: 0 query logging is OFF recursive clients: 0/0/1000 tcp clients: 0/100 server is up and running
---- end edit ----
-
Fernando over 12 yearsafter more testing i am pretty sure i am doing something wrong on the dns server part. doing
host ldap
gives me a host not found error (even on the dns server terminal) same thing using dig, same thing withhost 192.168.0.243
(my ldap.mynet.local machine). -
Fernando over 12 yearsdoing
host ldap.mynet.local
on the client machine gives me the correct ip address :/
-
-
Fernando over 12 yearsPerfect! worked like a charm! Thank you very much. Reverse DNS is still giving me an error, but that is another issue I guess :)
-
Thai Tran almost 12 yearsDude, You are amazing !!!!!
-
Slava Nikulin about 10 yearsThis was the actual solution to my issue on Ubuntu Saucy/13.10.
-
Andras Gyomrey over 6 yearsthe OP mentions "but when i ping it doesnt find the ip address". It's not about packets not reaching the destination, but about ping itself not being able to resolve the IP address.
-
Chris about 6 yearsWhat's the logic? Why is this the default config?
-
Kay Urbach over 5 yearsPing itself does not use name resolution. Referring to stackoverflow.com/questions/17161005/….
-
T-Heron over 5 yearsExcellent answer! Worked for me as well on a new install of Ubuntu 16.
-
Chris Tophski about 5 yearsThis worked for me in a Debian 9 setup, but I didn't have any success in Ubuntu 18.04 LTS (
libnss-mdns
wasn't installed andnsswitch.conf
was already configured as said). I'll try to rename my whole network to something non-.local
. Thanks anyway. -
cronburg almost 5 yearsThis was the solution to my own DNS woes on the default raspberry-pi image for arch linux, moving the
dns
entry to just afterfiles
. -
ste over 4 yearsGood answer, but if you don't want to loose mdns functionality (i.e. for local printers auto discovery) just remove the
[NOTFOUND=return]
. In my installation (Ubuntu 18.04.3 LTS) i hadhosts: files mdns4_minimal [NOTFOUND=return] resolve [!UNAVAIL=return] dns myhostname
and i changed inhosts: files mdns4_minimal resolve [!UNAVAIL=return] dns myhostname
-
VitoshKa almost 4 yearsMy problem was with
resolve
. I was experiencing the OP issue only under openvpn. So had to replace the line withhosts: files mdns4_minimal [NOTFOUND=return] dns myhostname
-
Elysiumplain about 2 yearsdid not have
/etc/nsswitch.conf
- sure enough package was installed though. Uninstalled and magically hostname registered afterifconfig
dns re-register!