DNS Not Satisfactory

While trying to connect to a remote webserver via SSH last night, I found that my machine refused to resolve the hostname to an IP address. I couldn’t ping the server either, but could view a webpage hosted on it. Now this was a new one on me – I figured that my machine was caching a bad DNS record for the webserver, and couldn’t connect because the server’s IP had since changed. That didn’t really explain why I was able to access the server from a webbrowser, but I ran with it. So how do you refresh your DNS cache in Linux? It’s easy to do in Windows, but the Goog and the Bing let me down spectacularly on this issue.

This morning, I tried to connect via SSH from my school network, and couldn’t get a connection there either. This reinforced the idea that a local DNS cache might have an outdated record in it, because at school, I was using a different nameserver than at home, and a whole 12 hours had elapsed. Out of theories, and lacking a method to refresh my local DNS cache, I hit the #debian channel on IRC for some guidance. Unlike my last two trips to this channel, I got help from a number of people within minutes (must be a timezone thing), and found out that unless I manually installed one, Debian does not maintain a DNS cache. Well, there goes that idea.

So where was I getting my DNS lookup service? A quick look at my /etc/resolv.conf file showed that the only entry in it was 192.168.1.1, which is the IP of my home router. The file also has a huge warning banner that claims that any changes will be overwritten by the operating system. Makes sense, as when I connect to a new network, I presumably get DNS resolution from their router, which may have a different IP address than mine. The guys on IRC instructed me to try to connect to the server with it’s IP address instead of it’s hostname, thereby taking the DNS resolution at the router out of the picture. This worked just fine.

They then instructed me to add a line to the file with the IP address of the nameserver that the router is using. In the case of our home network, we use OpenDNS, a local company with static servers. I did so, and could immediately resolve the IP of my remote server, and obtain an SSH connection to it.

Well fine, my problem is solved by bypassing DNS resolution at the router, but it still doesn’t explain what’s going on here. Why, if DNS resolution was failing at the router level (presumably because the router maintains some kind of DNS cache), did it work for my webbrowser, but not the for ssh, scp, or ping commands? Don’t they all resolve nameservers in the same way? Further, if it was the router cache that had a bad record in it, why did the problem also manifest itself at school, where the router is taken entirely out of the picture?

Further, will the file actually be overwritten by the OS the next time I connect to a different wireless network? If so, will my manual entry be erased, and will the problem return? Time will tell. Something smells fishy here, and it all points to the fact that my machine is in fact retaining a local DNS cache. How else can I explain away the problem manifesting itself on the school network? Further, even if I do have a local cache that is corrupted or contains a bad record, why did Iceweasel bypass it and resolve the address of the webserver at the router level (thereby allowing it to connect, even though the ssh, scp, and ping commands could not)?

LINUX!!11



Be the first to comment

Leave a Reply

Your email address will not be published.


*