# [SOLVED] Yet another hostname problem [SOLVED]

## sniper.mdr

Hello, 

first of all, yes, i've used the search function of the forum  :Smile:  All the hostname problems comes from a problem in resolv.conf, but mine not.

All was working fine in my dedicated server, the ping worked, my different services worked well, I was quite satisfied. But one day, with no reason, I started not been able ton ping or emerge --sync or emerge anything 

```
snip srodrigu # emerge --sync

Notice: (-3, 'Temporary failure in name resolution')

>>> Starting rsync with rsync://rsync.gentoo.org/gentoo-portage...

>>> Checking server timestamp ...

rsync: getaddrinfo: rsync.gentoo.org 873: Temporary failure in name resolution

rsync error: error in socket IO (code 10) at clientserver.c(107) [receiver=2.6.8

]

>>> Retrying...
```

or a normal emerge:

```
snip srodrigu # emerge links

Calculating dependencies... done!

>>> Emerging (1 of 2) media-libs/tiff-3.8.2-r2 to /

>>> Downloading 'http://gentoo.modulix.net/gentoo/distfiles/tiff-3.8.2-tiff2pdf.

patch.bz2'

--22:49:38--  http://gentoo.modulix.net/gentoo/distfiles/tiff-3.8.2-tiff2pdf.pat

ch.bz2

           => `/usr/portage/distfiles/tiff-3.8.2-tiff2pdf.patch.bz2'

Resolving gentoo.modulix.net... failed: Temporary failure in name resolution.

>>> Downloading 'http://ftp.club-internet.fr/pub/mirrors/gentoo/distfiles/tiff-3

.8.2-tiff2pdf.patch.bz2'

--22:49:38--  http://ftp.club-internet.fr/pub/mirrors/gentoo/distfiles/tiff-3.8.

2-tiff2pdf.patch.bz2

           => `/usr/portage/distfiles/tiff-3.8.2-tiff2pdf.patch.bz2'

Resolving ftp.club-internet.fr... failed: Temporary failure in name resolution.

>>> Downloading 'ftp://ftp.rez-gif.supelec.fr/pub/Linux/distrib/gentoo/distfiles

/tiff-3.8.2-tiff2pdf.patch.bz2'

--22:49:38--  ftp://ftp.rez-gif.supelec.fr/pub/Linux/distrib/gentoo/distfiles/ti

ff-3.8.2-tiff2pdf.patch.bz2

           => `/usr/portage/distfiles/tiff-3.8.2-tiff2pdf.patch.bz2'

Resolving ftp.rez-gif.supelec.fr... failed: Temporary failure in name resolution
```

So i checked my ping,

```
snip srodrigu # ping -c 3 66.219.59.46

PING 66.219.59.46 (66.219.59.46) 56(84) bytes of data.

64 bytes from 66.219.59.46: icmp_seq=1 ttl=52 time=119 ms

64 bytes from 66.219.59.46: icmp_seq=2 ttl=52 time=119 ms

64 bytes from 66.219.59.46: icmp_seq=3 ttl=52 time=119 ms

--- 66.219.59.46 ping statistics ---

3 packets transmitted, 3 received, 0% packet loss, time 2002ms

rtt min/avg/max/mdev = 119.062/119.182/119.371/0.312 ms

snip srodrigu # ping -c 3 www.gentoo.org

ping: unknown host www.gentoo.org
```

So it Is definetly a problem with my name resolution.

My /etc/resolv.conf:

```
snip srodrigu # cat /etc/resolv.conf

# Generated by dhcpcd for interface eth1

nameserver 88.191.254.60

nameserver 88.191.254.70
```

I am turning crazy, I can't really see what is the problem   :Mad: 

Thank you very much for your healp   :Wink: Last edited by sniper.mdr on Mon Sep 25, 2006 10:47 am; edited 1 time in total

----------

## lavluda

Can u ping the nameserver ???

----------

## sniper.mdr

 *lavluda wrote:*   

> Can u ping the nameserver ???

 

yes 

```
snip srodrigu # ping -c 3 88.191.254.60

PING 88.191.254.60 (88.191.254.60) 56(84) bytes of data.

64 bytes from 88.191.254.60: icmp_seq=1 ttl=61 time=0.253 ms

64 bytes from 88.191.254.60: icmp_seq=2 ttl=61 time=0.189 ms

64 bytes from 88.191.254.60: icmp_seq=3 ttl=61 time=0.192 ms

--- 88.191.254.60 ping statistics ---

3 packets transmitted, 3 received, 0% packet loss, time 1998ms

rtt min/avg/max/mdev = 0.189/0.211/0.253/0.031 ms

snip srodrigu # ping -c 3 88.191.254.70

PING 88.191.254.70 (88.191.254.70) 56(84) bytes of data.

64 bytes from 88.191.254.70: icmp_seq=1 ttl=61 time=0.222 ms

64 bytes from 88.191.254.70: icmp_seq=2 ttl=61 time=0.186 ms

64 bytes from 88.191.254.70: icmp_seq=3 ttl=61 time=0.236 ms

--- 88.191.254.70 ping statistics ---

3 packets transmitted, 3 received, 0% packet loss, time 1999ms

rtt min/avg/max/mdev = 0.186/0.214/0.236/0.027 ms
```

And I've tried to change them. Make no difference

----------

## lavluda

 *sniper.mdr wrote:*   

>  *lavluda wrote:*   Can u ping the nameserver ??? 
> 
> yes 

 

Ok, now test 

```
nslookup google.com
```

if it's cann't get ip, please test this connection with a live CD. Or contact with the ISP to check if the nameserver working ok.

----------

## sniper.mdr

 *lavluda wrote:*   

>  *sniper.mdr wrote:*    *lavluda wrote:*   Can u ping the nameserver ??? 
> 
> yes  
> 
> Ok, now test 
> ...

 

Well..

```
snip srodrigu # nslookup google.com

;; connection timed out; no servers could be reached

```

As I've said before, It's a dedicated server, so I don't have acces to the computer. 

Nothing to do with iptables? i don't know what to do  :Embarassed: 

I will probably send a mail to the copany if I cannot resolv the problem  :Sad: 

----------

## sniper.mdr

any ideas?   :Sad: 

----------

## elgato319

Try to use some other nameservers e.g. aol ones

dns-06.ns.aol.com ( 149.174.211.8 )

or microsoft ones

ns5.msft.net ( 65.55.238.126 )

Be sure that outgoing UDP Port 53 is not blocked by any firewall.

----------

## ova

Try

```
dig @88.191.254.60 www.gentoo.org

dig @88.191.254.60 www.gentoo.org
```

to check that dns servers are (not)working.

----------

## sniper.mdr

Well, it definitly comes from my iptables, but don't actually see the problem:

```
snip srodrigu # cat /etc/init.d/firewall

#!/bin/bash

echo Setting firewall rules...

#

# Snip's config

#

# vidage

iptables -t filter -F

iptables -t filter -X

# avant tout : autoriser SSH

iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT

# ne pas casser les connexions etablies

iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

# interdire toute connexion entrante

iptables -t filter -P INPUT DROP

iptables -t filter -P FORWARD DROP

# interdire toute connexion sortante

iptables -t filter -P OUTPUT DROP

# autoriser les requetes DNS, FTP, HTTP (pour les mises a jour) (873 --> rsync?)

iptables -t filter -A OUTPUT -p tcp --dport 21 -j ACCEPT

iptables -t filter -A OUTPUT -p tcp --dport 80 -j ACCEPT

iptables -t filter -A OUTPUT -p tcp --dport 53 -j ACCEPT

iptables -t filter -A INPUT -p tcp --dport 53 -j ACCEPT

iptables -t filter -A OUTPUT -p tcp --dport 873 -j ACCEPT

# autoriser loopback

iptables -t filter -A INPUT -i lo -j ACCEPT

iptables -t filter -A OUTPUT -o lo -j ACCEPT

# Refuser ping

#iptables -t filter -A INPUT -p icmp -j DROP

iptables -t filter -A INPUT -p icmp -j ACCEPT

iptables -t filter -A OUTPUT -p icmp -j ACCEPT

#

# gestion des connexions entrantes autorisées

#

# iptables -t filter -A INPUT -p <tcp|udp> --dport <port> -j ACCEPT

# http, https

iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT

iptables -t filter -A INPUT -p tcp --dport 443 -j ACCEPT

# ftp

iptables -t filter -A INPUT -p tcp --dport 20 -j ACCEPT

iptables -t filter -A INPUT -p tcp --dport 21 -j ACCEPT

#teamspeak

#iptables -t filter -A INPUT -p tcp --dport 14534 -j ACCEPT

iptables -t filter -A INPUT -p tcp --dport 8767 -j ACCEPT

iptables -t filter -A INPUT -p udp --dport 8767 -j ACCEPT
```

I've accepted INUT and OUTPUT for the port 53, so it normally has to work   :Sad: 

----------

## sniper.mdr

Well, I focuysed on my firewall rules, just put also output udp for port 53, and that made it. Stupid error from me. Thank you very much for your help by the way.

----------

