Firstly we need to determine if is it a DNS problem?
One of the quickest ways of doing that is to PING one of the addresses. So if we PING www.QEDux.co.za and we get no response - that's one thing (maybe your network is not connected to the Internet). If you have access to the Internet then it is possible that "ping" cannot access a DNS service to determine which IP address it needs to send a packet to. ("ping" uses "dig" to determine the IP address of a host, before it starts sending echo requests to the host).
We might also try "host www.QEDux.co.za" and if it cannot resolve the name into an IP address then we know that there might well be a DNS fault.
Another way of testing is to do an "arp -a". If the "arp -a" takes some time to return, it probably means it's trying to do a DNS look-up and that might be an indication that we have the DNS problem.
Lastly then, we can use our trusty dig. If we say "dig www.QEDux.co.za" we should get a response from our DNS server to tell us exactly what the IP address for www.QEDux.co.za is.
If you look at dig you can see that it gives us the question section and the answer section and it also tells us how long it took to answer that question. In my case, it took 39ms to answer the question, which probably means our DNS server, locally, is performing fine. If it took a long time this would indicate an issue or problem with the DNS Server.
debian:~> dig qedux.co.za ; <<>> DiG 9.2.2 <<>> qedux.co.za ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38401 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;qedux.co.za. IN A ;; ANSWER SECTION: qedux.co.za. 86170 IN A 196.25.102.2 ;; Query time: 4 msec ;; SERVER: 196.14.187.146#53(196.14.187.146) ;; WHEN: Thu Mar 11 10:58:41 2004 ;; MSG SIZE rcvd: 45 |
debian:~> host qedux.co.za qedux.co.za has address 196.25.102.2 debian:~> |
Another thing to check when you are trying to resolve DNS issues is to check in which order your DNS is looked up.
A possible scenario is that it is first looked up in files (like /etc/hosts) and then NIS and then DNS.
In the exercises you would need to go and remove the DNS out of your nsswitch.conf to see whether it is able to resolve your IP address.
You can use "nslookup" to check the DNS.
linux:~ # nslookup Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. > qedux.co.za Server: 196.14.187.146 Address: 196.14.187.146#53 Non-authoritative answer: Name: qedux.co.za Address: 196.25.102.2 |
If I try and look up www.ananzi.co.za it shows me that ananzi.co.za has the IP address 196.4.90.16 - it also tells me that this is a non-authoritative answer from the server and in my case, the server is my DNS server, locally.
debian:~> nslookup Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. > www.ananzi.co.za Server: 196.14.187.146 Address: 196.14.187.146#53 Non-authoritative answer: Name: www.ananzi.co.za Address: 196.4.90.16 |
I can request to use a different DNS server if I edit my resolve.conf.
I've now changed my DNS server to use a different DNS server and now when I do an nslookup on mail.goodle.com its using a different DNS server.
"nslookup" is one of the ways to look things up. I'm not going to dwell on it, its being replaced by dig so I want to spend a bit more time looking at dig.