server 12.04 just lost nameserver

[dgermann]

Friends--

About Wednesday (that would be November 6, 2013) all of my 12.04 boxes lost connectivity with their nameservers. They still were able to access email and ping by x.x.x.x addresses, but were not able to ping google.com, for instance. I fixed thi issue on the desktops by going to Network Settings > Wired > Options > ipv4 > DNS servers and entered 8.8.8.8, 8.8.4.4 and saved.

But now I cannot update my two headless servers using apt-get. Here is what I tried for /etc/network/interfaces (I tried both ways with dhcp and static for eth0, neither works):

Code:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet dhcp
#iface eth0 inet static
        address 192.168.0.6
        netmask 255.255.255.0
        gateway 192.168.0.1
        dns-nameservers 8.8.8.8 8.8.4.4 68.87.72.130

and here is what route returns:

Code:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.0.1     0.0.0.0         UG    100    0        0 eth0
192.168.0.0     *               255.255.255.0   U     0      0        0 eth0

less /etc/resolv.conf returns:

Code:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.0.1
nameserver 8.8.8.8
nameserver 8.8.4.4

I have also run sudo dpkg-reconfigure resolvconf

There is nothing in the /base nor in the /head files.

This is a production environment.

These machines were working well for the last year or more until this past week. Perhaps Comcast changed something (seems unlikely since I have connectivity otherwise), or an upgrade changed something.

I am sure that I am probably just missing something obvious to someone who knows about networking and nameservers, which I do not.

How can I get the nameserver (or whatever I need) working? Thanks!

[TheFu]

Comcast residential can/will capture all DNS queries and redirect them to THEIR DNS servers. There is a setting in the Comcast profile page (somewhere) to control whether they capture DNS or not. When they enabled it here, lots of things broke so I called to complain and the CSR knew exactly what I was complaining about - that was a few years ago. Different regions get Comcast changes at different times, so YMMV.

On Comcast business class ... I do not believe they capture DNS stuff. Yep - at least not here.

So - it looks to me like you have done most of the checking that I would. http://blog.jdpfu.com/2013/03/01/lin...101-networking has a specific order to the testing that would nail the issue.

None of my 12.04 systems, all servers, are showing the same problem. I do not run dnsmasq locally, though I do run a DNS server that caches on the LAN. Could that be the issue? I ask more as a possible lead, not that I know it is the root cause.

[dgermann]

TheFu--

Thanks for giving me the clue that seems to have resolved the issue. Will let it go a few days before I mark the post solved.

The thing Comcast seems to be rolling out is probably DNSSEC. http://customer.comcast.com/help-and...ty-extensions/

The clue was in this forum post on Comcast: http://forums.comcast.com/t5/Home-Ne...1161043#M38989

What I did to fix it was to go to my router's (TL-WR1043ND) WAN setup page, and ticked "use these DNS Servers." They are set to 75.75.75.75 and 75.75.76.76.

Not sure why that fixed it instantaneously. But I will go now and comment out what I added to the /etc/network/interfaces file.

BTW, nice tutorial on troubleshooting!

Thanks, TheFu!

[TheFu]

Those DNS servers are Comcast's, so if they are blocking external DNS use ... it would make sense that theirs would work. Read both the provided links - don't think DNSSEC is part of your issue. I think they are capturing all your DNS queries to whatever DNS servers you were using and something just wasn't working when Comcast returned results and your router asked someone else for them.

OTOH, I could be wrong ... again.

I think I have that same router ... with dd-wrt. Did you have fun going through the German Firmware to get DD-WRT loaded like me? The stock firmware has a backdoor, if you didn't know.

[dgermann]

TheFu--

The only thing that was in /etc/network/interfaces before I tried to solve this issue was

Code:

auto lo
iface lo inet loopback

So it seems to me there should have been no conflict with their dns calls. I found their reference to the dnssec and that is how I found their forum thread. In any event, I was able to get two desktop boxes to connect using the 8.8.8.8 address. Whether it was dnssec or something else, it at least appears to me that Comcast was the problem and turning on this pointer to their servers in the router did the trick. Was able to update the other headless box this afternoon after I made that switch.

My router is a TP-Link. I don't remember finding any German firmware. I don't upgrade firmware often, only if there is a problem, because I can remember it being a headache and time consuming on this or maybe a previous router.

Thank you for all your help.

(You seem to have some basic knowledge of networking, and a whole lot more than I do. May I ask you an off-topic question? I would like to set up 7 computer network so that when my router decides to re-assign internal ipaddresses, I don't have to change all the /etc/hosts files. I think that is also a name server issue, yes? I researching this, I get lost in the vocabulary and have been unable to find a simple howto. Can you point me to a howto, maybe on your site?)

[TheFu]

http://blog.jdpfu.com/2011/07/18/use...ice-management is probably what you want.