PDA

View Full Version : Ubuntu 12.04 Server - No network connection even though web server fully works.



L1mit30
January 13th, 2013, 04:54 PM
Hello all,

I am very troubled and I am unable to figure out why my server is unable to connect to the Internet even though my Bind9 and Apache are up and running without any issues. When I try to ping google.com I get the "unknown host google.com" error but when I ping my FQDN which is sammojohn.com it responds without any errors.
I will attach some of my conf files and hopefully you guys can locate a mistake, which I can't.
Before, I need to clarify that the server is using DHCP and my router has assigned a static IP to it. It's an AT&T router and it doesn't like it when a machine is using static.

/etc/networking/interfaces

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet dhcp


/etc/hosts/ (igemonas is my hostname)

127.0.0.1 localhost.localdomain localhost
108.92.196.86 igemonas.sammojohn.com igemonas

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters


Any ideas trust me will help and I appreciate anyone taking the time into helping me out.
Please let me know if you need anything more.

Thanks and best regards,
Sam

steeldriver
January 13th, 2013, 05:20 PM
can you ping remote hosts by IP?

how is the box getting name services - what does /etc/resolv.conf say? you either need a dns-nameservers line in your interfaces file or a working resolvconf I think

L1mit30
January 13th, 2013, 05:24 PM
Yes I can ping to remote hosts by IP. For instance from my desktop I pinged google.com and I saw the IP was 173.194.46.14 so from my server I pinged that IP and below is the result


root@igemonas:/etc/bind# ping 173.194.46.14
PING 173.194.46.14 (173.194.46.14) 56(84) bytes of data.
64 bytes from 173.194.46.14: icmp_req=1 ttl=52 time=26.8 ms
64 bytes from 173.194.46.14: icmp_req=2 ttl=52 time=27.1 ms
64 bytes from 173.194.46.14: icmp_req=3 ttl=52 time=31.2 ms
^C
--- 173.194.46.14 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 26.838/28.401/31.252/2.019 ms


and my resolv.conf file is as follows


# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
search gateway.2wire.net


I have noticed too that I am getting some weird errors due to RNDC which I just noticed, and I am not sure if that is causing the error



root@igemonas:/etc/bind# service bind9 restart
* Stopping domain name service... bind9 WARNING: key file (/etc/bind/rndc.key) exists, but using default configuration file (/etc/bind/rndc.conf)
rndc: no server specified and no default
waiting for pid 2903 to die
[ OK ]
* Starting domain name service... bind9

steeldriver
January 13th, 2013, 05:31 PM
sorry - I don't know anything about bind

L1mit30
January 13th, 2013, 05:32 PM
sorry - I don't know anything about bind

No worries at all man. I do appreciate you even taking the time to look into it.

I am still working around it see what I can figure out. When I do, I will post the fix.

steeldriver
January 13th, 2013, 05:41 PM
maybe this bug? it seems sometimes bind9 doesn't play well with resolvconf

https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/933723

L1mit30
January 13th, 2013, 05:47 PM
maybe this bug? it seems sometimes bind9 doesn't play well with resolvconf

https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/933723

Incredible. You are right, it does seem to be an issue with resolv.conf
I applied the temporary fix they mentioned


root@igemonas:/etc# rm resolv.conf
root@igemonas:/etc# cp resolvconf/resolv.conf.d/original resolv.conf

And afterwards I was able to connect to the Internet again but with some weird stuff going on.
e.g.


root@igemonas:/etc# ping google.com
PING google.com (173.194.46.5) 56(84) bytes of data.
64 bytes from dfw06s27-in-f5.1e100.net (173.194.46.5): icmp_req=1 ttl=50 time=30.0 ms
64 bytes from dfw06s27-in-f5.1e100.net (173.194.46.5): icmp_req=2 ttl=52 time=26.2 ms
64 bytes from dfw06s27-in-f5.1e100.net (173.194.46.5): icmp_req=3 ttl=50 time=27.6 ms
^C
--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 26.246/27.952/30.005/1.554 ms


Now to figure out a permanent solution.
Thanks again steeldriver. I am very grateful.

steeldriver
January 13th, 2013, 06:26 PM
OK that's progress!

Did you see the other suggested fix?


OK, here is what happens :
RESOLVCONF=yes must be changed to RESOLVCONF=no in /etc/default/bind9 by the user. The bind9 update won't change this default setting if it is already set.
Therefore it might be important to make sure that this default setting will be included in the final release. Because the update won't update the default configuration.




That would be more elegant - if it works - I think. OTOH if you don't really need bind9 you could just uninstall it - I have a vanilla 12.04 install running DHCP here at home just to play with, and that works with no bind9 or dnsmasq. I'm not sure how all the pieces fit together but basically resolvconf reads my actual DNS server (which is the LAN router 192.168.1.1) from /etc/resolvconf.d/original, I guess that must get pushed with the DHCP lease (or maybe gets written one time during the install?)

Cheers

jdthood
January 14th, 2013, 09:51 AM
I applied the temporary fix they mentioned


root@igemonas:/etc# rm resolv.conf
root@igemonas:/etc# cp resolvconf/resolv.conf.d/original resolv.conf

And afterwards I was able to connect to the Internet again but with some weird stuff going on.


It's useful to know that this fixed name service, but you should now restore /etc/resolv.conf and fix the problem the right way by setting RESOLVCONF=no in /etc/default/bind9. To restore /etc/resolv.conf, run "sudo dpkg-reconfigure resolvconf", then check to make sure that /etc/resolv.conf is a symbolic link to "../run/resolvconf/resolv.conf".

jdthood
January 14th, 2013, 10:02 AM
OTOH if you don't really need bind9 you could just uninstall it

Agree. Only install bind9 if you need a nameserver at your site, e.g., because you need to provide service to many machines on a LAN and/or because you have private domain names.


I have a vanilla 12.04 install running DHCP here at home just to play with, and that works with no bind9 or dnsmasq.

Ubuntu Desktop 12.04 and later uses (by default) dnsmasq as a forwarding nameserver but, yes, you can run perfectly well without it, and you also avoid a bug that way:
https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1003842


I'm not sure how all the pieces fit together but basically resolvconf reads my actual DNS server (which is the LAN router 192.168.1.1) from /etc/resolvconf.d/original, I guess that must get pushed with the DHCP lease (or maybe gets written one time during the install?)

Steeldriver, in a properly configured system the /etc/resolvconf.d/original file is not used. Nameserver addresses are either provided by the DHCP server or are entered by hand on the local machine, either on a "dns-namesevers" line in /etc/network/interfaces (if you are using ifup to configure interfaces) or in the "Additional DNS servers" field of the Connection Editor (if you are using NetworkManager). Once you have configured the system properly, make sure that /etc/resolvconf/resolv.conf.d/tail is not symlinked to "original".

For background information about resolvconf and friends please read https://www.stgraber.org/2012/02/24/dns-in-ubuntu-12 and the resolvconf(8) man page.

L1mit30
January 14th, 2013, 11:16 AM
It's useful to know that this fixed name service, but you should now restore /etc/resolv.conf and fix the problem the right way by setting RESOLVCONF=no in /etc/default/bind9. To restore /etc/resolv.conf, run "sudo dpkg-reconfigure resolvconf", then check to make sure that /etc/resolv.conf is a symbolic link to "../run/resolvconf/resolv.conf".

Okay you see now jdthood I applied the fix you said

sudo dpkg-reconfigure resolvconf I then rebooted and the issue came back. Unable to connect to the internet and RESOVCONF is set to NO. in /etc/default/bind9

I also noticed that after reconfiguring Resolvconf all my bind9 issues went away. I can now restart bind without any error codes due to rndc like before


root@igemonas:~# service bind9 restart
* Stopping domain name service... bind9 waiting for pid 1242 to die
[ OK ]
* Starting domain name service... bind9 [ OK ]
root@igemonas:~# ping google.com
ping: unknown host google.com
root@igemonas:~# cat /etc/default/bind9
# run resolvconf?
RESOLVCONF=no

# startup options for the server
OPTIONS="-u bind"

root@igemonas:~# ping sammojohn.com
PING sammojohn.com (108.92.196.86) 56(84) bytes of data.
64 bytes from igemonas.sammojohn.com (108.92.196.86): icmp_req=1 ttl=64 time=0.030 ms
64 bytes from igemonas.sammojohn.com (108.92.196.86): icmp_req=2 ttl=64 time=0.044 ms
64 bytes from igemonas.sammojohn.com (108.92.196.86): icmp_req=3 ttl=64 time=0.043 ms
^C
--- sammojohn.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.030/0.039/0.044/0.006 ms



Also can you please tell me how to check to see if resolv.conf is a symlink to ../run/resolvconf/resolv.conf like you mentioned? Not sure I understand how to do that.

jdthood
January 14th, 2013, 03:48 PM
Also can you please tell me how to check to see if resolv.conf is a symlink to ../run/resolvconf/resolv.conf like you mentioned? Not sure I understand how to do that.


To see whether or not /etc/resolv.conf is a symbolic link, do the following.


ls -l /etc/resolv.conf


Please post the output of this command here.

Also post the contents of /etc/resolv.conf, i.e., the output of


cat /etc/resolv.conf