DNS does not work
Forum: Networking
Topic: DNS does not work
started by: robertakit
Posted by Guest on June 05 2007,20:49
I'm using DSL with QEMU on a stick (I purchased this from Lizard Biscuit).DNS seems to work intermittently. Sometimes names will get resolved, sometimes they won't. Lately, they haven't been. (One problem which I fixed was that installing Microsoft's Loopback adapter breaks everything. I uninstalled that.)
I am able to create TCP connections if I use the IP address directly -- ssh works. I am also able to telnet to the LAN's DNS nameserver to port 53 (DNS service). Nevertheless, nslookup does not work.
Is there a way to diagnose this problem? Maybe a way to turn on network-establishment exchange in QEMU?
Thanks.
P.S. Most annoyingly, this breaks trying to update DSL packages because things are accessed via fully-specified domain name.
Posted by ^thehatsrule^ on June 05 2007,20:55
What's listed in /etc/resolv.conf ? Is it correct?
Posted by Guest on June 05 2007,21:00
| Quote (^thehatsrule^ @ June 05 2007,16:55) |
| What's listed in /etc/resolv.conf ? Is it correct? |
Well, it's what I would expect
| Quote |
| search (null) nameserver 10.0.2.3 |
BTW,
| Code Sample |
| telnet 10.0.2.3 53 |
Posted by roberts on June 05 2007,23:42
Are you using a bat file and thus running in the Qemu virtual machine?
Posted by Guest on June 05 2007,23:45
| Quote (roberts @ June 05 2007,19:42) |
| Are you using a bat file and thus running in the Qemu virtual machine? |
Correct. In particular, I'm running "dsl-vhd.bat" which came with the USB stick.
Posted by roberts on June 06 2007,15:36
Then for advanced networking capabilities you should check the Qemu site.The Qemu default uses its own DHCP server and allows only a passthru which should allow net access using their assign internal IP and using the net configuration of the Windows host. If you are trying to assign an IP or otherwise bypass this Qemu default, then you will likely need TUN/TAP which is an advanced Qemu configuration. This sort of setup is typically not needed. Using the Windows net setup with Qemu's default passthru is usually sufficient.
Posted by Guest on June 06 2007,16:55
I posted a message to the QEMU forum, but I've, as of now, received no reply.I don't believe I have a special set-up, but I don't think I'd be able to use TAP since group policy on our Windows machines is to disable Internet Computer Sharing (ICS).
Posted by ^thehatsrule^ on June 06 2007,17:38
Btw, 10.0.2.3 is qemu's own embedded dns server, not your LAN's.If you can reach addresses outside your network, you could try specify your LAN DNS server directly or even try public one?
If your host environment has no DNS problems, does it require a proxy or firewall configuration to allow qemu through?
Another scenario I think... is if for some reason both the qemu DNS server and your regular DNS server have the same network address? (just shooting from the hip here, not sure if this is a realistic suggestion or not)
Posted by Guest on June 06 2007,18:09
| Quote (^thehatsrule^ @ June 06 2007,13:38) |
Btw, 10.0.2.3 is qemu's own embedded dns server, not your LAN's. |
Yes, I understand that.
| Quote |
| If you can reach addresses outside your network, you could try specify your LAN DNS server directly or even try public one? |
I think you're right. I think there's something screwy with the DNS servers here.
| Code Sample |
| dsl@box:~$ nslookup yahoo.com 157.54.14.146 *** Unknown host nslookup: yahoo.com: Host name lookup failure |
In Windows:
| Code Sample |
| C:\> nslookup yahoo.com 157.54.14.146 Server: dns-04.xxxx.com Address: 157.54.14.146 *** dns-04.xxxx.com can't find yahoo.com: Non-existent domain |
Interestingly, I am able to use a public DNS server from Windows (ns2.granitecanyon.com), but that doesn't work from QEMU DSL.
So, to conclude, it seems like there are 2 problems here.
- The DNS servers here are weird. I'd have to figure out why I cannot query the DNS servers directly in the Command Prompt, but it seems to work fine in the browser, etc.
- I am unable to access public DNS servers. I bet the traffic isn't getting through at all. Again, I'd have to have some sort logging mechanism in QEMU's SliRP (user mode networking) to figure out what's going on here. I haven't figured out how to turn on such logging.
Posted by ^thehatsrule^ on June 06 2007,19:12
Well ns2.granitecanyon.com doesn't work for me either, but ns1 works. You could also try yahoo's ... it is ns?.yahoo.com (where ? is a number)I still think that your local network or system may be 'specially' set up in some way though...
For packet sniffing/logging you can try out Ethereal - it's pretty good.
Posted by Guest on June 07 2007,17:44
| Quote (^thehatsrule^ @ June 06 2007,15:12) |
| Well ns2.granitecanyon.com doesn't work for me either, but ns1 works. You could also try yahoo's ... it is ns?.yahoo.com (where ? is a number) I still think that your local network or system may be 'specially' set up in some way though... For packet sniffing/logging you can try out Ethereal - it's pretty good. |
I downloaded Wireshark (the update to Ethereal) and, surprisingly, the UDP port 53 requests are going to some strange DNS server which doesn't work! ("Strange" in the sense that it's not listed as a DNS server on any of my DHCP-initiated interfaces.)
What's even more bizarre, if, from QEMU DSL, I try
| Code Sample |
| nslookup yahoo.com ns1.yahoo.com |
the packets still go to this strange address -- not ns1.yahoo.com .
I still don't know what's going on. It's as if QEMU is determined to send all UDP packets to this one IP address no matter what.
Posted by ^thehatsrule^ on June 07 2007,20:02
| Quote |
| the packets still go to this strange address |
Posted by Guest on June 07 2007,20:33
| Quote (^thehatsrule^ @ June 07 2007,16:02) |
| Hah, you probably need to resolve ns1.yahoo.com first! (perhaps using a direct ip may be better?) |
Incredible.
| Code Sample |
| $ nslookup yahoo.com 66.218.71.63 Server: ns1.yahoo.com Address: 66.218.71.63 Name: yahoo.com Addresses: 66.94.234.13, 216.109.112.135 |
So, it's apparently completely QEMU's fault -- it's using this weird IP address.
At least, this means I have a fighting chance. If I could find a local DNS server that actually worked normally, I could change /etc/resolv.conf and I'd be golden.
Thanks for the insight!!
Posted by Guest on June 07 2007,22:48
OK, I think I figured it out.The problem is that most network traffic seems to go through this Microsoft ISA Server Firewall thing via a program called the Microsoft Firewall Client. If I disable this program, DNS no longer works. (I presume it's trying to use those broken servers that get configured into the network interfaces via DHCP.)
I don't know how DNS ever worked. Perhaps somebody turned it off (due to some security restriction), and now it's permanently off.
Maybe I could run a caching DNS server to get around this problem.
Do you (or anybody) have any recommendations?
Posted by ^thehatsrule^ on June 08 2007,04:42
When I used to use windows as a server+router, I used to have intermittent DNS problems, although I never figured out what the problem was. I did the old fashioned reformat 
(temporary solution was to restart the dns windows service I think)For now, you can just use a public dns server... shouldn't take up much bandwidth at all - but probably using your direct ISP's dns server would be better. But if you do want to run your own separate local DNS server, that's fine as well.
Posted by Guest on June 08 2007,17:34
| Quote (^thehatsrule^ @ June 08 2007,00:42) |
| But if you do want to run your own separate local DNS server, that's fine as well. |
Happily, I discovered < DeleGate >. I'm running a DNS server (which apparently just uses Windows local gethostbyname or its equivalent from a DLL) and it works great! I can even connect to local machines. Yey!