name resolution failing in Ubuntu

This looks to me as a problem with the ADSL router and the way it does DNS caching.
When your DNS server is 192.168.0.1, then the router acts as a middle-man for name resolutions.
Now, Linux is IPv6 ready, so name resolutions are compatible with IPv6. Some routers get confused by the way IPv6 is used in Linux and you do not get name resolutions.

To verify, setup other DNS servers such as those of your ISP, in /etc/resolv.conf.

To fix/workaround, you can either
1. Disable the DNS proxy/cache that your router provides, if possible. Thus, the ISP DNS is used.
2. Use www.opendns.com for your DNS needs. On top of that you can have some nice extra features.
3. Disable IPv6 altogether from your system. This might be a bit tricky. You need to look into ubuntuforums.org for more.

I hope this helps.

Unfortunately, there is no way for me to disable DNS in the DI-524 router. I did add the openDNS IP addresses 208.67.222.222 and 208.67.220.220 in /etc/resolv.conf but still no go in firefox, gaim, ssh and package manager. I even tried my ISP's DNS in resolv.conf but it does not work either. As for the IPv6, it was always there, I might give it a try but something tells me it is not the solution.

Just a simple idea, but maybe you have a non working proxy set up in gnome? That would explain why opera works and firefox does not.

Wireshark (former Ethereal) is good for debuging such problems, you would have to figure out how to install it however :)

I don't use a proxy, it is all direct connection to the Internet(in my case internet is handled by my router).

I was trying to find some common thing, can't think of anything else that would make ping resolve addresses and the rest not. Even if you don't use it maybe something is wrong with it (there is a shared proxy package smproxy, with setting in system-->preferences-->proxy).

I've understood that ping can resolve names, so it's probably not a dns issue, anyway you can test it like that:

nslookup
> lserver <some dns ip>
> <some address to resolve>

It can be an ipv6 problem too, maybe some update has broken something?

I have System > Preferences > Network Proxy and it has direct connection to the internet selected. nslookup <208.67.222.222> gives me an answer, nslookup <67.69.184.84> gives me an answer, nslookup <206.47.244.91> also gives me an answer( they all give default server and address with same ip again). These were some DNS IP addresses. nslookup <hostname> gives me the IP address of the hostname, but firefox still cannot browse by FQDN.

The only updates I do are the Ubuntu 7.04 updates, the only updates I have not installed are the kernel updates, the lftp and gnome-btdownload update, i have installed the rest of them.

There is also a separate proxy setting in firefox, but that wouldn't explain the rest. Some libraries are common to some of the applications you've named, but i can't find any which all would depend on (for instance libnss is one for gaim and firefox, but not ssh).

You have not set up a local dns caching or anything similar? Maybe you were doing something uncommon when this stopped to work, installed some new applications just before that?

I would try making a new user account (adduser in terminal) and see if it's working with fresh user settings.

Also i'd like to see a packets' capture if you get one some time.

By the way, why don't you install kernel updates, you have a custom kernel?

I disabled ipv6 and now... only firefox works with FQDN, I thank you all for this insight, BUT still, ssh <hostname> does not work, gaim cannot connect, package manager does not download, update manager does not update, e.g. in package manager, it says: W: Failed to fetch http://ca.archive.ubuntu.com/ubuntu/pool/universe/u/unrar-free/unrar-free_0.0.1+cvs20060609-1_i386.deb
  Could not resolve 'ca.archive.ubuntu.com'

i have not setup any local dns caching, i do not recall doing anything uncommon(I only browse, download, listen to mp3, watch movies), on Monday all was ok, Tuesday I did not turn on the PC and yesterday I discovered this problem. I did not install any new application on Monday, nor on Wednesday (except for ubuntu updates). Let's see if a new user will resolve the rest of the issues.

I don't have a custom kernel, it is just that a new kernel does not start the gnome terminal( i know there is a workaround, but let's focus on this matter first).

I have setup a new account, in the new account, i can browse fine with firefox, but the other problems persist, gaim does not connect, ssh <hostname> still gives the same error message and update manager cannot update.

You have disabled ip6 in firefox (using about:config) or in ubuntu all togheter (changing /etc/modprobe.d/aliases)?

I disabled IPv6 altogether in /etc/modprobe.d/aliases. I also tried by having my PC direct to the modem, firefox works but again, ssh <hostname>, gaim, package manager and update manager does not work, saying could not resolve as mentioned earlier.

Gilbert,

This issue of the Net connection not working in Ubuntu (but working elsewhere) appears somewhat frequently here, so it is good to figure out a way to identify the problem, then find an easy workaround.
I just had a read at http://aplawrence.com/MacOSX/dns_puzzle.html which apparently talks about the same issue.

I do not know if you have a technical background; to view the issue you would need to install "wireshark", a GUI packet analyser that can show you how exactly the network packets look like. You can see there when the DNS resolutions fail, and how these failed packets look like.
Please tell me if this is clear to you.

Hi Simos,

Can you just give me the quick steps needed in Wireshark to analyse my trouble? Am at work right now, so I will only be able to install and test it in around eight hours.

Run it in the root mode, start a capture, (capture-->options-->start; select a proper interface if necessary), try name resolution with something not working, stop & save the capture. Start another capture and do a resolution with something that works, save it again. Try to limit the communication besides the name resolution. Make those captures available somewhere, and maybe i can give you some more information on what's not working.

I did two captures, one for ssh<ipaddr> whichs works and one for a gaim login which does not connect me to the msn server. As for ssh<hostname>, wireshark says there is no data to capture. So I need an email address to send you guys the two captures I have made, please provide me with an email address or anything that will allow me to send you the two capture files. Thanks.

You can find my mails on the overview screen here, feel free to send it to any. I can publish those captures somewhere, if you wish.

If there is no communication, then it's a different category of a problem at all. Maybe system logs would explain something, try dmesg & auth.log.

Wouldn't hurt to try gaim with different servers, protocols.

By the way, i don't think we have mentioned that it can also be a problem with a firewall on the router.

Hi,

You can publish them anywhere, am ok with that. I got the IP for messenger.hotmail.com, replace the hostname server by 207.46.96.153 but gaim still does not connect me to msn. I also connected my PC direct to the modem and I still cannot ssh<hostname> or connect to gaim, Hope that helps.

From the information I gave above, the problem appears to be with the router. If you search the Net, you will get too many results on similar issues. It's a bit technical, but at http://aplawrence.com/MacOSX/dns_puzzle.html there are some nice hints. Apparently, OS/X is also affected.

What I did not find is some explanation on the true nature of the problem. I encountered the same issue some time before, but I would need such a problematic system now to figure out what's going on. It is quite straightforward. You have a program that works on Windows but does not work on Linux. You capture the packets in both cases, and you simply compare.

A caution here is about the capture files. Please do not put them online as they may carry other unintended data. You may post my email.

Both captures are from Linux, one that is working, i.e. ssh<ipaddress>, and one that is not working, gaim login. I emailed Wrwrwr the captures in text format because i was unable to attach the captures as is (hotmail says zero-byte files), hope wrwrwr can read it. For some reason, ssh<hostname> did not produce any data packets...

Ok, i can read these, no colors however ;) If you would compress them maybe hotmail wouldn't interfere. I won't publish them as they contain more sensitive information that i would normally expect from such captures, i'll send you a private mail about that in short.

Summary of the captures.

The first one, direct connection with ssh, looks very normal, first a tcp connection is established, then a reverse dns query on the address you've connected to succeeds, and then a ssh key is exchanged. All goes well without any retries, dropped packages or anything, no signs of problems at all. Some time after ssh communication ceases there are also some unrelated ssdp notifications from your machine.

The second one is not really gaim trying to connect to your server, but just your machine trying to find services in your local network using simple service discovery protocol. Your router responds offering wan connection and that's all. It is probable that if you retried with gaim after using network you would get no communication.

So the conclusion is that neither gaim, nor, as you say, ssh even tries to connect.

So to summarise, what is not working on my Ubuntu7.04 is name resolution, except for firefox, ping, host, dig, nslookup, tracepath. I don't know what else works but I know what else does not work. In my GUI sopcast tv player, it connects to http://www.sopcast.com/gchlxml, now it is not able to show the lists of channels as well, again name resolution is failing somewhere in Ubuntu. I paste the same url in firefox and it loads. So what would cause that? Is there a corruption of data somewhere? Firefox had the same symptom, then i disabled IPv6 and all is well with firefox again, could all these be related to IPv6 somehow? Or is the issue related to the fact that I have not updated the kernel? I am still using 2.6.20-15-generic. Thanks.

A possible workaround for the synaptic would be to put ips instead of hostnames into /etc/apt/sources.list. Maybe you would be able to efficiently reinstall things then.

I know what else is not working, whois is not working. Let me give a specific example,
whois honesty.encs.concordia.ca gives getaddrinfo(whois.cira.ca): Name or service not known.
whois 132.205.96.51 gives getaddrinfo(whois.arin.net): Name or service not known
Both should give the notice and terms of use message but in my case, they are not.

A possible testing method is the following.
Find a website/server that is not accessible. According to the current theory that says that if the DNS answer is too big, then it does not work.
I will assume that "www.google.com" is such a problematic host. Please replace if needed.

Step 1:

$ dig www.google.com
$ host www.google.com

This will try to resolve the hostname using your current DNS settings. If there is a problem, this command will hang, or give a strange error. Please post the result here.

Step 2:

$ dig www.google.com 208.67.222.222
$ host www.google.com 208.67.222.222

Here we do the same, but using the OpenDNS servers. You mentioned above that OpenDNS did not work either. Here we can verify the result.

Step 3:

$ host -T www.google.com

This makes a tcp request to your router for DNS result. According to some people, this should appears to be a factor in the router not working.

step 1 and step 2 give positive results, but step 3 gives the following:
;; Connection to 192.168.0.1#53(192.168.0.1) for www.google.com failed: connection refused.
So what is wrong with this DI-524 router? We are making progress here i think. Thanks.

That's another interesting thing that tcp dns query doesn't work, but that's not the problem with gaim or ssh, as these don't send any query at all. This is probably some low level stuff, like failure with binding a socket, so i vote for some system damage or other system problem, not something on router or any further.

I've also checked if downgrading kernel would cause something like that. It doesn't.

So things to do would be:
- run ssh in debug mode: ssh -vvv,
- run gaim in debug mode: gaim --debug,
- check debug messages: dmesg,
- check iptables: sudo iptables --list,
- check system logs: system-->administration-->system logs, auth.log, syslog look for some errors, warnings,
- try purging installing gaim, ssh, and different networking components these depend on

ssh -vvv honesty.encs.concordia.ca

OpenSSH_4.3p2 Debian-8ubuntu1, OpenSSL 0.9.8c 05 Sep 2006
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
ssh: honesty.encs.concordia.ca: Name or service not known

gaim msn login

proxy: No environment settings found, not using a proxy
dns: DNS query for 'messenger.hotmail.com' queued
dns: Created new DNS child 7106, there are now 1 children.
dns[7106] Error: getaddrinfo returned -2
dns: Successfully sent DNS request to child 7106
dns: Got response for 'messenger.hotmail.com'
dnsquery: Error resolving messenger.hotmail.com:
Name or service not known
proxy: Connection attempt failed: Error resolving messenger.hotmail.com:
Name or service not known
msn: Connection error from Notification server (messenger.hotmail.com): Unable to connect

iptables --list

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

In both cases getaddrinfo fails with same error (-2 is also Name or service unknown). This function is provided by standard c library (libc6 package). There are some other functions providing same functionality (e.g. gethostbyname) and probably that's why some simple things work while others don't.

Manual says that, EAI_NONAME (the error returned) is "Neither nodename nor servname provided, or not known.", where nodename and servname are arguments to the function, and it's very improbable those would n't be provided by both gaim and ssh.

The function uses three configuration files, i'll provide some examples of how they should look, so you can check:

$ cat /etc/resolv.conf
nameserver <first dns ip>
nameserver <second dns ip>
domain MSHOME

$ cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 <machine name, after @ in prompt>.MSHOME

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd: compat
group: compat
shadow: compat

hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
networks: files

protocols: db files
services: db files
ethers: db files
rpc: db files

netgroup: nis

Sorry for the long post, let us know if anything differs.

cat /etc/resolv.conf

nameserver 192.168.0.1

cat /etc/hosts

127.0.0.1 LAFAYA localhost

cat /etc/nsswitch.conf

passwd: compat
group: compat
shadow: compat

hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
networks: files

protocols: db files
services: db files
ethers: db files
rpc: db files

netgroup: nis

AND the problem has been solved. I removed [NOTFOUND=return] from /etc/nsswitch.conf and gaim, ssh, whois and my sopcast player all behave as usual now. Still one more question though, why did this happen? Did something put the [NOTFOUND=return] in nsswitch.conf? Should [NOTFOUND=return] normally be there or not?

AND the problem has been solved. I removed [NOTFOUND=return] from /etc/nsswitch.conf and gaim, ssh, whois and my sopcast player all behave as usual now. Still one more question though, why did this happen? Did something put the [NOTFOUND=return] in nsswitch.conf? Should [NOTFOUND=return] normally be there or not?

Thanks a lot Wrwrwr and Simos, you're the men...

Gilbert

> To: <email address hidden>
> From: <email address hidden>
> Subject: Re: [Question #14511]: name resolution failing in Ubuntu
> Date: Sun, 7 Oct 2007 18:06:31 +0000
>
> Your question #14511 on Ubuntu changed:
> https://answers.launchpad.net/ubuntu/+question/14511
>
> Wrwrwr proposed the following answer:
> You may also try putting dns up front hosts line in nsswitch.conf, at
> least then it should attempt to use dns for name resolution
> (alternatively remove [NOTFOUND=return]).
>
> --
> If this answers your question, please go to the following page to let us
> know that it is solved:
> https://answers.launchpad.net/ubuntu/+question/14511/+confirm?answer_id=30
>
> If you still need help, you can reply to this email or go to the
> following page to enter your feedback:
> https://answers.launchpad.net/ubuntu/+question/14511
>
> You received this question notification because you are a direct
> subscriber of the question.

_________________________________________________________________
Connect to the next generation of MSN Messenger
http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=wlmailtagline

This "not found..." is normally there. Removing it allows name resolution to fall back to standard unicast dns, when a name is not resolved through hosts file or multicast dns.

We still don't really know why does mdns fail on your network. You could check if avahi deamon is running at all "ps -ef | grep avahi", could try to reinstall it, or check if you don't block the multicast to udp 224.0.0.251 (:5353).

avahi is not running on my Ubuntu and I don't think am blocking the multicast to udp (actually i don't know to check it). So, what else could have caused this?

Avahi provides mdns on ubuntu, it should be running.

Try running it manually: "sudo avahi-daemon --debug", to see if it has any problems.

It is excellent news that we got closer to the source of the problem, and we have a workaround that works.
Something we miss is the exact nature of the problem. This should avoid having people hitting the same issue.
Searching the Ubuntu buglist, we get
https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/94940
which I believe describes your problem.

This [NOTFOUND=return] is paired up with the previous value. In the case "mdns4_minimal [NOTFOUND=return]", I think that if mdns4_minimal does not find the hostname, then it simply returns so that the next in line (dns) can continue.

What I would recommend is to try out the following variations:

Variation A
    hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 (this is the original, does not work)
Variation B
    hosts: files dns
Variation C
    hosts: files mdns4 [NOTFOUND=return] dns
Variation D
    files mdns4_minimal dns mdns4 (that's the solution you tried)

If we could produce an outcome out of this discussion such as, if you have Avahi disabled, then you need Variation B (or D), it would be great for other users.

I don't know why the avahi is not running (i've not tried avahi-daemon --debug yet), but here are the results of testing variations B and C:
Variation B works and variation C also works. Of course, on my Ubuntu7.04, I don't have avahi-daemon running for some reason, and as far as how I use Ubuntu, i do not see any reason for me to have avahi-daemon running, unless you tell me what operations will not work without the avahi-daemon running. All four variations have identical response time (I mean I did not feel one is slower that any other).

The speed differences would appear in some special circumstances (dns server refusing to do reverse lookup).

Standard dns should be enough for nearly all purposes, so it's most likely not be worth struggling to get avahi. Unless we can't stand not knowing why it stopped working. ;)

I would leave these options as close as possible to the original, as to minimize the probability that a further update will break something again (what if avahi decides to run after lets say a kernel upgrade):
files mdns4_minimal dns [NOTFOUND=return] mdns4

Hi guys,

Since my original problem has been solved, i am going ahead in closing the issue. Thank you all for your great help, the community forum has only strengthened my new bond to open source software. I will keep that avahi-daemon in mind in case some dns issues creep up again.

Gilbert.

Thanks Wrwrwr, that solved my question.

This is my error message, and it is becoming so frustrating, cannot assess web pages, cannot access YouTube, because no volume, the screen comes up and that is it. What is going on?
Page Not Found
Error

The page you have requested could not be found.

Please click BACK to return to the previous page.

@carolyn crownover

Please don't append a new question on a old and already answered or marked as solved question.

Please create a separate thread for your new question, or else visitors to this solution page
will get confused.

Please make new question from here: https://answers.launchpad.net/ubuntu/+addquestion
you will get better chance to get right answer on a fresh tagged "open" question.
Solved or answered questions are usually not read from answering people.

Thank you