Re: Upgrade to RH9, lose name resolution?

From: Spamless (Spamless_at_Nil.nil)
Date: 11/13/03 

Date: Thu, 13 Nov 2003 02:01:15 GMT

In article <_2zsb.134864$275.398343@attbi_s53>, jester@hexdump.org wrote:
> Spamless <Spamless@nil.nil> wrote:
>: dig @[an_ip_address_listed_as_a_nameserver_in_resolv.conf] www.nytimes.com
>
> Here's what I get ...
>
> [root@elysium etc]# dig @204.127.202.19 www.nytimes.com
>
> ; <<>> DiG 9.2.1 <<>> @204.127.202.19 www.nytimes.com
> ;; global options: printcmd
> ;; connection timed out; no servers could be reached

Do do I. Of course, if those are you ISP's nameservers, they
may only be open to access from your ISP's address space.

Hmmm ... most nameservers accept TCP as well as UDP connections.
hping on port 53, sending a SYN packet gets nothing to those
IP addresses (I expected to get back a RESET if they were
nameservers but only allowed access from your ISP's nameservers).

Let's see ... 216.148.227.79 is ns8.attbi.com.
204.127.202.19 is ns9.attbi.com

Some nameservers, for ISP's, do NOT do recursive lookups,
but only handle sites on their own system (e.g. use it for
att sites).

Let me see ... at a wild guess ... where is ns1.attbi.com?

IP address 204.127.198.4.

THAT DOES SUPPORT RECURSIVE LOOKUPS FOR ME.

I think those nameservers may not be working too well.

 dig @204.127.198.4 www.nytimes.com

works - for me. See if it does for you.

Check your other systems and their resolv.conf.

When the RH system cannot resolv an address, try one of
the other systems - but make sure to try a location they
DO NOT HAVE CACHED (some people may run a small caching
nameserver on the local machine to avoid having to go
to their ISP's server each time). Try the dig from the
other machines when it does not work on the RH machine.

But ... while ns1.attbi.com works for me, ns8 and ns9 (the
ones whose IP addresses you say are in your resolv.conf file)
do not.

(ns7 also seems to be down right now, but ns6 seems to be up)

In short ... I think the addresses in resolv.conf could
be better.