DNS on Linux box fails from WinXP client after a few minutes.

I'm pulling my hair out with a networking problem I've been having. I
have a Linksys router that connects to my cable modem. I have a Redhat
Fedora Linux box, a Windows XP box, and a Mac laptop that are connected
to the router (a cornicopia of OSs!). I want to set up this home
network so that the Linux box will act as the DNS, so I can resolve
internal addresses, etc.

Now, this seems to be working OK, except for one thing - my WinXP box
suddenly fails to resolve domain names after about 5 minutes or so.
nslookup _always_ works - it queries the Linux box and gets the right
answer. ping and Internet Explorer / Firefox stop working for any
domain name after a few minutes. The Mac OS X laptop never has a
problem - its ping and browser always work.

When I turn on query logging and monitor the Linux /var/log/messages,
and then web browse on the failed WinXP client, named detects the name
resolution request, appears to be working fine, but often says "same
message sent x times" (x=3-5) (like the response doesn't reach the XP
box?). This is completely bizarre, and I don't even know where to
begin troubleshooting.

Does this ring a bell for anyone?

Thanks in advance,

Scott

> I'm pulling my hair out with a networking problem I've been having. I
> have a Linksys router that connects to my cable modem. I have a Redhat
> Fedora Linux box, a Windows XP box, and a Mac laptop that are connected
> to the router (a cornicopia of OSs!). I want to set up this home
> network so that the Linux box will act as the DNS, so I can resolve
> internal addresses, etc.
>
> Now, this seems to be working OK, except for one thing - my WinXP box
> suddenly fails to resolve domain names after about 5 minutes or so.
> nslookup _always_ works - it queries the Linux box and gets the right
> answer. ping and Internet Explorer / Firefox stop working for any
> domain name after a few minutes. The Mac OS X laptop never has a
> problem - its ping and browser always work.
>
> When I turn on query logging and monitor the Linux /var/log/messages,
> and then web browse on the failed WinXP client, named detects the name
> resolution request, appears to be working fine, but often says "same
> message sent x times" (x=3-5) (like the response doesn't reach the XP
> box?). This is completely bizarre, and I don't even know where to
> begin troubleshooting.

This sounds to me more like a Windows problem than a network problem.
Since, as you say, OSX can always resolve names, and some clients (e.g.
nslookup) on the Windows box can resolve names consistently, it doesn't
sound as though there's any problem getting DNS queries resolved on your
LAN.

The only other thing I can see to do is to use a packet sniffer on the
Windows box to find out for sure if answers to the failed DNS queries
are arriving there. That would tell you for sure whether the problem is
in the LAN or on the Windows box.

Good luck,
Andrew.

--
To reply by email, replace "deadspam.com" by "alumni.utexas.net"

Andrew Schulman wrote:

>> I'm pulling my hair out with a networking problem I've been having.
>> I
>> have a Linksys router that connects to my cable modem. I have a
>> Redhat Fedora Linux box, a Windows XP box, and a Mac laptop that are
>> connected
>> to the router (a cornicopia of OSs!). I want to set up this home
>> network so that the Linux box will act as the DNS, so I can resolve
>> internal addresses, etc.
>>
>> Now, this seems to be working OK, except for one thing - my WinXP box
>> suddenly fails to resolve domain names after about 5 minutes or so.
>> nslookup _always_ works - it queries the Linux box and gets the right
>> answer. ping and Internet Explorer / Firefox stop working for any
>> domain name after a few minutes. The Mac OS X laptop never has a
>> problem - its ping and browser always work.
>>
>> When I turn on query logging and monitor the Linux /var/log/messages,
>> and then web browse on the failed WinXP client, named detects the
>> name resolution request, appears to be working fine, but often says
>> "same message sent x times" (x=3-5) (like the response doesn't reach
>> the XP
>> box?). This is completely bizarre, and I don't even know where to
>> begin troubleshooting.
>
> This sounds to me more like a Windows problem than a network problem.
> Since, as you say, OSX can always resolve names, and some clients
> (e.g. nslookup) on the Windows box can resolve names consistently, it
> doesn't sound as though there's any problem getting DNS queries
> resolved on your LAN.
>
> The only other thing I can see to do is to use a packet sniffer on the
> Windows box to find out for sure if answers to the failed DNS queries
> are arriving there. That would tell you for sure whether the problem
> is in the LAN or on the Windows box.
>
> Good luck,
> Andrew.
>
As Andrew said, this seems to be more of a problem with Windows than
with the network itself. On the Windows box, go to the NIC's Properties
from Device Manager (double-click the entry to get Properties). Now
look on the Power Management tab and disable "allow Windows to turn off
the device..." and see if that helps.

Malke
--
"I have a cunning plan..."

Thanks for the help. I tried a packet sniffer, and the behaviour was a
little odd. It looked like the WinXP box was asking the Linux box for
name resolution, giving up quickly, then asking my ISP's DNS for the
answer. Both sources would return an answer eventually. This didn't
appear to be the direct cause, but it was odd because I only wanted the
Linux box to answer DNS queries - so I think I have mis-configured my
router. When things inevitably started failing, the sniffer program
would suddenly start calling the "source" and "destination" machines by
name, rather than IP. So something had happened at that point - then a
lot of requests also starting going to a service called NBNS (which I
gather is some NetBIOS equivalent for name resolution) which never
returned an answer, thus causing the whole setup to stop working. The
Linux named service still continued to receive requests however.

Looks like a big mess probably of my doing - apparently Mac OS X can
handle it, but Windows cannot.

I've simply shut down named on my Linux machine, and told the router to
just give the ISP's DNS's to my local network via DHCP. This will give
me a chance to lick my wounds (and get some surfing done) until I
figure out how I can get it working properly.

Best,

Scott

In comp.os.linux.networking <(E-Mail Removed). com> (E-Mail Removed) wrote:
> answer. Both sources would return an answer eventually. This didn't
> appear to be the direct cause, but it was odd because I only wanted the
> Linux box to answer DNS queries - so I think I have mis-configured my
> router. When things inevitably started failing, the sniffer program

Sounds like your DHCP server for your LAN is configured to give out
too many DNS servers. You need to configure it to just give out the
address of your Linux box as a DNS server, then configure named on
that box to forward to your ISP's servers (or to go directly to the
roots, if you want that).

> name, rather than IP. So something had happened at that point - then a
> lot of requests also starting going to a service called NBNS (which I
> gather is some NetBIOS equivalent for name resolution) which never

That's a Windows behavior: query both DNS and NetBIOS Name Service
for name-to-address translations. MacOS and Linux only query DNS.
If you don't have Samba running on the Linux box, you won't have
anything that can respond to NBNS queries. I'm recalling there were
some tweaks you could do with gpedit.msc to make WinXP behave better
when it comes to name resolution, but I can't recall what they
were and I don't have an XP machine within reach to check.

--
death.net: because for some problems there's only one solution.

(E-Mail Removed) wrote:
> Thanks for the help. I tried a packet sniffer, and the behaviour was a
> little odd. It looked like the WinXP box was asking the Linux box for
> name resolution, giving up quickly, then asking my ISP's DNS for the
> answer. Both sources would return an answer eventually. This didn't
> appear to be the direct cause, but it was odd because I only wanted the
> Linux box to answer DNS queries - so I think I have mis-configured my
> router. When things inevitably started failing, the sniffer program
> would suddenly start calling the "source" and "destination" machines by
> name, rather than IP. So something had happened at that point - then a
> lot of requests also starting going to a service called NBNS (which I
> gather is some NetBIOS equivalent for name resolution) which never
> returned an answer, thus causing the whole setup to stop working. The
> Linux named service still continued to receive requests however.
>
> Looks like a big mess probably of my doing - apparently Mac OS X can
> handle it, but Windows cannot.
>
> I've simply shut down named on my Linux machine, and told the router to
> just give the ISP's DNS's to my local network via DHCP. This will give
> me a chance to lick my wounds (and get some surfing done) until I
> figure out how I can get it working properly.
>

I'm using dnsmasq <http://thekelleys.org.uk/dnsmasq/doc.html>
as a forwarding name server in a Linux NAT box. It's light-years
easier to configure than bind & co and it's able to resolve
local names from the server's /etc/hosts.

If you'd like to use the Linux box as the name server, check
that the XP box does not have the ISP's name server IP's in
its name server list.

--

Tauno Voipio
tauno voipio (at) iki fi

>> answer. Both sources would return an answer eventually. This didn't
>> appear to be the direct cause, but it was odd because I only wanted the
>> Linux box to answer DNS queries - so I think I have mis-configured my
>> router. When things inevitably started failing, the sniffer program
>
> Sounds like your DHCP server for your LAN is configured to give out
> too many DNS servers. You need to configure it to just give out the
> address of your Linux box as a DNS server, then configure named on
> that box to forward to your ISP's servers (or to go directly to the
> roots, if you want that).

On that line, I'll echo Tauno's recommendation to use dnsmasq. It can serve
as both DNS and DHCP server for your LAN, so you can just turn off the
router's DHCP server. It's easy to configure.

Good luck,
Andrew.

--
To reply by email, change "deadspam.com" to "alumni.utexas.net"