OpenDNS Forums
The official support and discussion site of OpenDNS
Support
K-12 Forums
Categories
- Administrative
- Adult site blocking
- DNS-O-Matic / dynamic IPs
- Domain blocking
- Domain Name System (DNS) troubles
- Mobile instructions
- OpenDNS services
- Proxies, accelerators, and more
- Router instructions
- Satellite
- Shortcuts
- Wishlists and feature requests
-
Feeds
Vanilla 1.1.4 is a product of Lussumo. More Information: Documentation, Community Support.
This discussion has been inactive for longer than 30 days, and is thus closed.
-
I have a gateway running Ubuntu10.04LTS32/Bind9 and a client dual booting windows 7-64/Ubuntu 10.04LTS32.
I have a problem where the client has difficulty accessing a specific url, archive.ubuntu.com. Unfortunately this happens to be the update url for Ubuntu.
The Windows partition on the client can ping archive.ubuntu.com but the name resolves after 30 seconds.
The Ubuntu partition cannot ping archive.ubuntu.com the lookup fails.
I can ping archive.ubuntu.com from the ubuntu gateway without problems.
Based on this I think the gateway is causing the problem due to an incorrect locally defined version of archive.ubuntu.com, which after it fails to resolv after 30 seconds turns to the bind server for a successful lookup.
To find the answer, I'm looking for the difference between a local dns lookup on Ubuntu and a remote dns lookup. The answer could also be in bind.
Before I start pasting config files are there any ideas?
Keep in mind this setup was working flawlessly for 6 months resolving everything. Only now that I've booted into my 2nd partition, Ubuntu, did I realize that I couldn't resolv the update archive names, including ca.archive.ubuntu.com, us.archive.ubuntu.com and archive.ubuntu.com. -
- CommentAuthormaintenance
- CommentTimeMay 13th 2012 edited
Ping isn't for name resolution, and uses multiple resolution methods, so there is always the chance of using something other than DNS, and the time it takes is due to attempting to get an ICMP response. Try dig instead.
I get the same IPs no matter what the subdomain of
archive.ubuntu.com I look up.
archive.ubuntu.com. 246 IN A 91.189.92.184
archive.ubuntu.com. 246 IN A 91.189.92.188
archive.ubuntu.com. 246 IN A 91.189.92.189
archive.ubuntu.com. 246 IN A 91.189.92.192
archive.ubuntu.com. 246 IN A 91.189.92.193
archive.ubuntu.com. 246 IN A 91.189.88.22
archive.ubuntu.com. 246 IN A 91.189.88.23
archive.ubuntu.com. 246 IN A 91.189.88.25
archive.ubuntu.com. 246 IN A 91.189.88.26
archive.ubuntu.com. 246 IN A 91.189.88.28
archive.ubuntu.com. 246 IN A 91.189.88.29
archive.ubuntu.com. 246 IN A 91.189.92.151
archive.ubuntu.com. 246 IN A 91.189.92.152
archive.ubuntu.com. 246 IN A 91.189.92.153
archive.ubuntu.com. 246 IN A 91.189.92.154
archive.ubuntu.com. 246 IN A 91.189.92.155
archive.ubuntu.com. 246 IN A 91.189.92.156
archive.ubuntu.com. 246 IN A 91.189.92.176
archive.ubuntu.com. 246 IN A 91.189.92.177
archive.ubuntu.com. 246 IN A 91.189.92.179
archive.ubuntu.com. 246 IN A 91.189.92.180
archive.ubuntu.com. 246 IN A 91.189.92.181
archive.ubuntu.com. 246 IN A 91.189.92.182
archive.ubuntu.com. 246 IN A 91.189.92.183
If it is a problem with a bad local cache in the gateway, power it off for a couple minutes until the capacitors fully discharge then power back on and try again. Or manually clear the bind server cache. If you have manually defined a local IP for archive.ubuntu.com somewhere in bind, remove the definition.
If dig takes a long time to resolve the domain, or to connect after name resolution, there may be something wrong at the server you reach, or you may be experiencing suboptimal routing leading to a timeout. Do
dig -t txt which.opendns.com
(Assuming you are using OpenDNS here) And paste the result here. What is your general geographic location?
You may also want to traceroute archive.ubuntu.com
edit: All the servers listed here http://www.robtex.com/dns/archive.ubuntu.com.html#records are reported as being in the UK, so it probably doesn't matter which IP you use if you want to add an entry to the hosts file or traceroute one of the IPs. -
I've already restarted bind to clear its cache.
I didn't manually define archive.ubuntu.com for bind, in fact I grepped the entire system for the string.
Dig can't find it from the client,
ubusr123@ubusr123-desktop:~$ dig archive.ubuntu.com
;; Truncated, retrying in TCP mode.
; <<>> DiG 9.7.0-P1 <<>> archive.ubuntu.com
;; global options: +cmd
;; connection timed out; no servers could be reached
When I ran dig from the server I got the proper response, a list of all the server ips. Bind is caching the result because dig now takes 0ms.
Thats why I think it's a local problem on the gateway. Ugh.... time for files... -
gateway logs
cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 GlaDOS
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
cat /etc/resolv.conf
nameserver 127.0.0.1
cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: compat
group: compat
shadow: compat
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis -
- CommentAuthormaintenance
- CommentTimeMay 14th 2012
Your gateway probably isn't at 127.0.0.1. The address of your DNS server (gateway) should be listed there in resolv.conf as well. If dhclient isn't running, the address won't be added automatically (i.e., in a statically addressed network). -
Thats the gateway's resolv.conf, I'm telling it to use bind for its dns lookups.
Bind is hosted on 127.0.0.1 and 10.11.12.1 (the lan). I wanted the lookups to be consistent between the server and client hence I also tell the server to use it.
Thanks for the help but I'm going to manually add archive.ubuntu.com to the ubuntu client's hosts file.
If Ubuntu wants to fuck with me and add an outdated archive server resolution somewhere in the OS I'll patch it up with duct tape.
GG -
- CommentAuthormaintenance
- CommentTimeMay 14th 2012
Oh, so what about the Ubuntu client workstation? Does it have the appropriate configurations in resolv.conf and dhclient.conf?
You can have a look at https://store.opendns.com/setup/operatingsystem/ubuntu if it helps, but note that this is an instruction for configuring the external resolver addresses on the client, which you would replace with your internal DNS server address on which you had already configured the forwarders.
Certainly, adding some of those IPs for the domain in the hosts file should work. Regardless, best wishes in getting Ubuntu to behave properly for you immediately.
You may also want to see some of the notes in the thread here:
http://askubuntu.com/questions/29071/apt-get-update-cannot-find-ubuntu-servers
and
http://askubuntu.com/questions/48025/what-to-do-when-cant-update-anymore-with-apt-get
the second of which might explain why you'd have an issue if updating a deprecated LTS version - they may change the server names. 12 LTS is current.(Although it seems the domains which 10 is looking for are still live, if 10 is actually attempting to reach archive.ubuntu.com or a subdomain thereof.)
Again, best wishes for a speedy resolution (uh, no pun intended).Thankful People: shwick2 -
:<
ya resolv.conf dhclient are setup right
and it looks like 10.04 is good until 2015
so its an anomaly, which I will fight with another anomaly, until my network explodes in upon itself -
- CommentAuthormaintenance
- CommentTimeMay 17th 2012
1 to 9 of 9
This discussion has been inactive for longer than 30 days, and is thus closed.