Linux is not appending domain name in DNS query

broy32000 · February 9, 2020, 3:58am

In my /etc/resolv.conf file there is domain name defined. But when I do nslookup the domain name is not appended. Why?

vbe · February 9, 2020, 4:05am

Hi,

Can you be more explicit?

How?

broy32000 · February 9, 2020, 4:15am

cat /etc/resolv.conf 
options timeout 2
options attempts 2
nameserver 192.168.1.126
nameserver 192.168.1.12

Note that I have kept 2nd server down

Query and response without FQDN:

nslookup -q=A AtypeQuery
;; Got SERVFAIL reply from 192.168.1.126, trying next server
;; connection timed out; no servers could be reached

Query and response with FQDN

nslookup -q=A AtypeQuery.biman.net
Server:		192.168.1.126
Address:	192.168.1.126#53

** server can't find AtypeQuery.biman.net: NXDOMAIN

Note that non-FQDN elicits "ServFail" response

broy32000 · February 9, 2020, 9:23am

I think it is adding (at least now) the domain name. But that is not improving the result.
See below the DNS server returns "ServFail" eventually.

command : nslookup shortname
TCPDUMP: 
21:57:38.002691 IP 192.168.1.119.55378 > 192.168.1.126.53: 11322+ A? shortname.biman.net. (37)
21:57:38.003080 IP 192.168.1.126.53 > 192.168.1.119.55378: 11322 NXDomain* 0/1/0 (109)
21:57:38.003301 IP 192.168.1.119.48757 > 192.168.1.126.53: 14424+ A? shortname. (27)
21:57:38.003648 IP 192.168.1.126.53 > 192.168.1.119.48757: 14424 ServFail 0/0/0 (27)

But when I feed the FQDN name in command line it works fine

Command: nslookup FQDN.biman.net
Output:

22:00:46.121081 IP 192.168.1.119.39563 > 192.168.1.126.53: 625+ A? FQDN.biman.net. (32)
22:00:46.121716 IP 192.168.1.126.53 > 192.168.1.119.39563: 625 NXDomain* 0/1/0 (104)

Note that the neither host, FQDN , short exists. I would expect "NXDomain" as opposed to "ServFail" in the first case too.

rbatte1 · February 10, 2020, 1:02pm

You probably need to add a search record in your resolv.conf file. The manual page has the appropriate syntax. You can add multiple suffixes if you need to. Do you have a selection you would want to loop through?

I hope that this helps. Give it a try and let us know if you are still stuck.

Kind regards,
Robin

broy32000 · February 11, 2020, 7:50am

Hi Robin, I think I missed something when I posted the question. When query is made for short name, client does append the domainname (bimna.net) first time. When DNS server returns with NXDomain then client drops the domain name, and tries again. This is when the DNS server results "ServFail" and delays.

So my rephrased question is: Is there any way to instruct the client not to drop the domainname ? Windows client does not drop it.

cat /etc/resolv.conf 
search  biman.net 
nameserver 192.168.1.126
nameserver 192.168.5.2  (DOWN)
	

root@VDIkali:~/DNS_RCA# nslookup shortnname_wo_explicit_type
;; Got SERVFAIL reply from 192.168.1.126, trying next server
;; connection timed out; no servers could be reached
 TCPDUMP:
06:25:36.137108 IP 192.168.1.119.43377 > 192.168.1.126.53: 12245+ A? shortnname_wo_explicit_type.biman.net. (55) (The domain is appended in the first try)
06:25:36.137583 IP 192.168.1.126.53 > 192.168.1.119.43377: 12245 NXDomain* 0/1/0 (127)
06:25:36.137879 IP 192.168.1.119.38507 > 192.168.1.126.53: 31605+ A? shortnname_wo_explicit_type. (45) (The domain is dropped in the 2nd try)

06:25:36.138216 IP 192.168.1.126.53 > 192.168.1.119.38507: 31605 ServFail 0/0/0 (45)
06:25:36.138427 IP 192.168.1.119.58620 > 192.168.5.2.53: 31605+ A? shortnname_wo_explicit_type. (45)
06:25:41.138473 IP 192.168.1.119.58620 > 192.168.5.2.53: 31605+ A? shortnname_wo_explicit_type. (45)
06:25:46.139362 IP 192.168.1.119.58620 > 192.168.5.2.53: 31605+ A? shortnname_wo_explicit_type. (45)

Neo · February 11, 2020, 8:00am

You might consider adding the "short name alias" in your /etc/hosts file.

broy32000 · February 11, 2020, 8:05am

Hi Neo,
Are you suggesting that I should create short name alias for potentially every name that is absent in DNS ? Note that "ServFail" happens for absent records.

Neo · February 11, 2020, 8:28am

You can either create an entry in /etc/hosts or as a CNAME in your DNS (but in DNS, you must type the domain name, not a single "short name" without the domain name.

Without visibility into your DNS, it's hard to tell what your problem is and if you would post the exact domain name it would be easier to help you debug and so post the FQDN and we can look it up on the Internet.

But, just to give you one example of a real server name on the Internet, like www.unix.com .

Even me, I cannot type www to get to www.unix.com unless I put an entry in my /etc/hosts file.

That is how the Internet works. DNS needs domain names. It is the "DOMAIN NAME SYSTEM".

If you want to use a short word alias, you need to use /etc/hosts . That is how the Internet works.

a_server# cat /etc/hosts
127.0.0.1   localhost
209.126.104.117 www.unix.com www

If I wanted to type "icecream" and to to this site, I would then have this:

a_server# cat /etc/hosts
127.0.0.1   localhost
209.126.104.117 www.unix.com icecream www

What am I missing here? This is how it has always worked, as far as I can remember. DNS needs domain names. If you want a short single word alias, you need an /etc/hosts file entry, or so that is how I have always done it.

Like I said, maybe I'm missing something, LOL But this is how I have always done it.... and never had a problem in big and small orgs/networks/domains.

Neo · February 11, 2020, 8:44am

Also, to be clear, I am not saying it is not possible there is another way to do this beside /etc/hosts .

What I am saying is that I have been doing this for many decades (since before the Internet was commercial), and some orgs I have worked as their lead network systems engineer are very huge, and everyone types the FQDN to get to hosts, routers, hubs and switches on network, and when they want or need short one name aliases, we always use /etc/hosts and we have never had a problem, ever.

Maybe I'm just a "simple" kind-of-guy because I like to keep things simple and so they work cleanly and without problems.

If you have 100 servers or 200 and they all need one word "short cuts" to get to a FQDN, just create one file and distribute it to all who need it. That is how we have always done it.

I guess some try the "append it automatically", but frankly, I have seen that method (many years ago) have problems, so that is not how we did it; so I'm telling you want works, for sure. Sometimes keeping things simple works very good

broy32000 · February 11, 2020, 8:53am

I think I have failed to articulate the problem. Let me try again.
The client, in the first attempts, append the domainname (as it is in the resolv.conf). If the record is not found then it tries again -- this time it drops the domainname. How do I stop the 2nd attempt or dropping of the domain?

root@VDIkali:~/DNS_RCA# nslookup  shortname
;; Got SERVFAIL reply from 192.168.1.126, trying next server
;; connection timed out; no servers could be reached

The tcpdump when the above command was run:

21:33:11.849105 IP 192.168.1.119.45270 > 192.168.1.126.53: 52975+ A? shortname.biman.net. (37)
21:33:11.849581 IP 192.168.1.126.53 > 192.168.1.119.45270: 52975 NXDomain* 0/1/0 (109)
21:33:11.849809 IP 192.168.1.119.50812 > 192.168.1.126.53: 5497+ A? shortname. (27)
21:33:11.850141 IP 192.168.1.126.53 > 192.168.1.119.50812: 5497 ServFail 0/0/0 (27)
21:33:11.850261 IP 192.168.1.119.51672 > 192.168.5.2.53: 5497+ A? shortname. (27)
21:33:16.850422 IP 192.168.1.119.51672 > 192.168.5.2.53: 5497+ A? shortname. (27)

Please observe that the domain name , biman.net has been appended only in the first appempt

Neo · February 11, 2020, 8:57am

AH... OK.. thanks (I feel better now... LOL)

Yes to be clear, I understand how to use the

search test.com

directive in

resolve.conf

I just don't use it because it has always given me problems.

SO, back to your issue.

can you ping?

shortname.biman.com

as wels as ping?

shortname

(sorry if you discussed this earlier)

broy32000 · February 11, 2020, 9:01am

biman.net is the domain name. "shortname" does not exist neither as a DNS record , nor as device's name. I am just explaining how DNS client is behaving when query is made for a non-existent record

Neo · February 11, 2020, 9:06am

OK.. sorry I am lost in your posts.

So, you want this output? (of course your names servers will be different)

ubuntu# nslookup shortname
Server:		69.64.44.20
Address:	69.64.44.20#53

** server can't find shortname: NXDOMAIN

broy32000 · February 11, 2020, 9:08am

Exactly, I want that.

Neo · February 11, 2020, 9:12am

Cool.

At least I'm not "as lost as I was before" LOL

Can you post your /etc/resolv.conf file (again, if you already posted it, sorry)

broy32000 · February 11, 2020, 9:13am

Here it is:

root@VDIkali:~/DNS_RCA# cat /etc/resolv.conf 
search  biman.net 
nameserver 192.168.1.126
nameserver 192.168.5.2

Neo · February 11, 2020, 9:20am

and yours:

root@VDIkali:~/DNS_RCA# nslookup  shortname
;; Got SERVFAIL reply from 192.168.1.126, trying next server
;; connection timed out; no servers could be reached

Seems to indicate to me your nameservers are not set up correctly on either of your two nameservers:

nameserver 192.168.1.126
nameserver 192.168.5.2

Is that assessment incorrect?

Neo · February 11, 2020, 9:32am

Let me ask you this, seemly dumb question on my part:

What happens if you do this:

telnet 192.168.1.126 53

??

For example, my local DNS server is:

macos# telnet 192.168.2.1 53
Trying 192.168.2.1...
Connected to 192.168.2.1.
Escape character is '^]'.



....