Weird DNS issues - Linux

[shadow_man]

Hi,

I'm in a mixed environment.

Linux, OSX and Windows.

I use AD for DNS. I'm having a weird issue at the moment. All of the hosts are using the same DNS servers (AD)

Windows host:

ping hostname.example = INSTANT resolution and ping reply.

Linux host:

ping hostname.example = IP resolves instantly, but delay of about 30 sec per packet, but response times on packets themselves are normal.

---

I've used NSLOOKUP to confirm that DNS resolution is working correctly, which it is and DNS resolution is instant, but pings are not.

I've changed the Linux boxes to use Google's DNS and as such resolution is instant and pings are instant.

It's clearly an issue with my DNS server (AD) and its clearly reverse DNS related as if I add a PTR for the troublesome host, then resolution / ping becomes instant on the Linux hosts.

Any advice? I'm a bit lost as to why this used to work 100% , but since Friday its been giving issues and wants me to add custom PTR records to have prompt resolution / ping replies.

EDIT: Tested the Mac's and they don't suffer this issue - possibly they don't look for a PTR and reverse DNS every packet like Linux does?

Any ideas?

Thanks,

 

[SauRoNZA]

Post the output of...

cat /etc/resolv.conf

Are these issues only to external domains or to internal ones as well? Could be your search domain settings causing a bit of a loop maybe.

Also what Linux exactly? They all approach this quite differently.


Do these Linux systems have Static IP entries instead of DHCP? Because if they are on Static IP's then the simple answer would be that they are configured incorrectly.

Actually while you are at it post the output of...

cat /etc/network/interfaces

Well that works for Debian/Ubuntu variations at least.

 

[Peon]

So on the linux box you will ping google and get like 15ms ping and then 30 secs later another line with 15ms ping? Like that?

 

[shadow_man]

So on the linux box you will ping google and get like 15ms ping and then 30 secs later another line with 15ms ping? Like that?

Correct, although the ping time for each packet is fine, the delay between pinging each packet is bad due to reverse DNS issues, hence the PTR fixes that? Make sense?

 

[shadow_man]

Post the output of...

cat /etc/resolv.conf


my_pdc_ip
my_bdc_ip

Are these issues only to external domains or to internal ones as well?

Internal

Also what Linux exactly? They all approach this quite differently.

Ubuntu 12.04 LTS

Do these Linux systems have Static IP entries instead of DHCP? Because if they are on Static IP's then the simple answer would be that they are configured incorrectly.

Static and no its not a config issue in /etc/network/interfaces - the machines using DHCP have the same issues.

cat /etc/network/interfaces

Well that works for Debian/Ubuntu variations at least.

cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
       address 192.168.22.206
       netmask 255.255.254.0
       gateway 192.168.23.250
       dns-nameservers 192.168.22.10 192.168.22.11

..

 

[SauRoNZA]

Try adding...

dns-search example.com

Or whatever your search domains are to the /etc/network/interfaces file.

Those would normally be populated by DHCP when using AD, but obviously isn't when using Static IP and unlike Windows which I think queries it from DNS server entries it needs to be manually populated.

And remember to ifdown / ifup the interface once you made the changes.


See if that helps.

 

[shadow_man]

Try adding...

dns-search example.com

Or whatever your search domains are to the /etc/network/interfaces file.

Those would normally be populated by DHCP when using AD, but obviously isn't when using Static IP and unlike Windows which I think queries it from DNS server entries it needs to be manually populated.

And remember to ifdown / ifup the interface once you made the changes.


See if that helps.

These DNS entries are externally set on a DNS server outside the company, so I doubt a dns-search is going to help, but thanks.

 

[ginggs]

Maybe this?
http://www.lowlevelmanager.com/2011/09/fix-linux-dns-issues-with-local.html

 

[SauRoNZA]

These DNS entries are externally set on a DNS server outside the company, so I doubt a dns-search is going to help, but thanks.

Well that's why I asked if it's internal or external.

But no harm in trying either.

 

[shadow_man]

Well that's why I asked if it's internal or external.

But no harm in trying either.

To clarify IP is internal, but the DNS entry itself is hosted outside of the local network.

My AD servers then act as DNS servers for the local pc's.

 

[Peon]

It worked before friday so its something stupid and simple. No need to break the whole house down to redo the tiles in the bathroom.

What version of server are you running?

 

[shadow_man]

It worked before friday so its something stupid and simple. No need to break the whole house down to redo the tiles in the bathroom.

What version of server are you running?

For DNS, Win 2008 R2 Enterprise.

The Linux boxes are all Ubuntu 12.04 LTS editions.

I'm assuming the issue is something like a Windows update as the AD server got rebooted due to maintenance on Friday and since then issues. I've yet to play around properly though.

 

[Peon]

I'm no expert so wont pretend but I would guess it was a security update. m$ updates I seen do the strangest things. I had one client after applying a sec update their textboxes had a delayed reaction in IE.

Meaning you would put your cursor in a text box for a username as an example and then about 20 secs later the cursor would appear and you could start typing. I forget which MS number update it was but all I know is after removing it the problem went away.

 

[Peon]

What happened with the DNS issue?