Reproduce `Temporary failure in name resolution` - linux

How can I reproduce manually the Temporary failure in name resolution error, when doing ping google.com in linux?
Probably, I can add a broken DNS server by my own and specify it in /etc/resolv.conf?
I need this for testing my project.

You can try this in /etc/nsswitch.conf:
hosts: files
That is remove all traces of the dns service for the hosts case (a normal line is something more like hosts: files dns but have a look at yours before changing it).
Then, if a name/IP is in /etc/hosts the name resolution works, if it is not, it does not work as the DNS is not consulted.

Related

How do I configure DNS in ubuntu? Why is it displayed that the domain name resolution has failed temporarily?

I guess it's because my virtual machine is not connected to the Internet correctly, but I don't understand how to configure DNS? I tried a lot, but I don’t quite understand it. It’s the first time to learn computer, hoping to help me, thank you 🙏
The examples below use Cloudflare (1.1.1.1) and Google (8.8.8.8) DNS Servers. You might want to consider using a local DNS forwarder, or different, more privacy friendly public DNS servers, instead.
If using Ubuntu Server:
As per the documentation (https://ubuntu.com/server/docs/network-configuration), the resolver configuration file (/etc/resolv.conf), is dynamically generated by Netplan.
You can temporarily add nameserver entries to /etc/resolv.conf, for example:
nameserver 1.1.1.1
nameserver 8.8.8.8
However, those will be overwritten by Netplan. If the changes worked, make them permanent by looking for the Netplan configuration file, usually a .yaml in /etc/netplan. Add a nameserver block, or modify the existing one:
nameservers:
addresses: [1.1.1.1, 8.8.8.8]
If using Ubuntu Desktop:
Assuming NetworkManager is installed:
Look for the connection name:
nmcli con
Add your DNS servers:
nmcli con mod <connectionName> ipv4.dns "1.1.1.1 8.8.8.8"
In the future, please consider using the https://askubuntu.com/ forums for these questions instead.

Correct DNS settings but not working in the browser

My domain isn't resolving and I have pinged the IP address but it shows there is 0% packet loss. But when I go to the site in a browser, it can't connect to it.
I've tried for few hours to figure this out, and there is so much information out there but I feel like I've tried it all. I have checked my DNS settings, and I have checked my server logs for errors etc. What could be wrong?
I hope this isn't too much of a noob question, but I am kinda new to DNS stuff. I've done it before but find it hard to figure out the cause if something does go wrong.
In order to troubleshoot DNS issues, here is a list of common troubleshooting steps:
Double-check your DNS settings:
This means checking that your A record(s) is/are correct, and that they point to a valid (and the correct) IP address; checking that your CNAME record(s) is/are correct. Also check other records, if applicable;
Try visiting your website by entering its IP address into the Address Bar of your browser. If you still cannot connect to the site in a browser, it is likely that you are entering the IP address incorrectly, or that your provider is experiencing server or DNS problems, or that your DNS Server is not configured correctly (if you are running your own DNS Server). In this case, I would contact your provider, or go back to the documentation for the DNS Server you are using;
Flush your DNS cache. You can do this by entering the following command at a Command Prompt: ipconfig /flushdns, and then pressing Enter;
Ensure that your Hosts file contains valid entries. You can find out more about the Hosts file at the following address, which also contains a link to download a Hosts file with default configuration:
How can I reset the Hosts file back to the default?

Is it possible to detect HOSTS file resolution vs DNS resolution

For diagnostic purposes I would like to be able to find out if a customer has a hostname failure because of a HOSTS file entry. Is it possible to detect that a DNS query was resolved by HOSTS or DNS?
(Of course I'm curious about multiple OSes: Windows, HPUX, AIX, Linux, Mac)
I suspect it may be possible if I could bypass the hostname resolution sequencing configuration of the machine. Of course reading the HOSTS file directly is an option but if there's an in memory problem (i.e. virus, or just changed to remove the misconfiguration but not taken effect yet) then it wouldn't be helpful.
On Windows, if you are looking up server1 you can compare the IP address printed in the output of ping server1 with the output of the nslookup server1 command.
This URL states that on Windows, nslookup does not use the hosts file:
https://serverfault.com/questions/95036/what-can-cause-a-dns-lookup-to-ignore-a-hosts-file-entry
Both ping server1 and nslookup server1 print the IP address they associate with server1, but ping will use the hosts file (on my system) and nslookup does not.

Can /etc/hosts config reverse resolution?

As we all known, we can add 'ip host' item in /etc/hosts to mock a DNS's name resolution, now comes the question, can I use /etc/hosts to do inverse resolution, form ip to hostname? Or is there any other handy way to do this? Thanks!
Maybe. It will depend on the tool you use to do the lookup and the configuration of resolving on your computer.
For example gethostbyaddr() will check /etc/hosts if "files" is in the hosts section of your /etc/nsswitch.conf
Note however that not all tools will do a local resolve, such as the "host" command for example, so it depends entirely on how you are attempting to do the lookup.
Yes. It does that automatically if the application uses Name Service Switch libraries (most applications do), and if /etc/nsswitch.conf is configured to resolve IPs from /etc/hosts with a line such as this:
hosts: files dns
You can test the reverse name resolution with either of the options below:
getent hosts 127.0.0.1
or
resolveip 127.0.0.1
No. That can only be done on a DNS server.
Yes you can. If you use dnsmasq, you can interfere in a number of ways to get a forward lookup going to 127.0.0.1 and the reverse lookup from 127.0.0.1 going to your host. For example, if your hostname is host1.mydomain.com with a real IP address of 192.168.1.12, then you can get 127.0.0.1 to resolve to it by doing the following in the dnsmasq configuration file:
host-record=host1.mydomain.com,127.0.0.1
The forward interference can be done in many ways, here is one:
alias=192.168.1.12,127.0.0.1
Obviously you need to set up the rest of dnsmasq properly to forward to your real DNS server ... but that is simple enough

How to define a subdomain in nsd3

nsd3 is very little-known but super-lightweight and stable DNS server which makes it a great alternative to bind9 for low-end boxes. There is a very good tutorial here on how to set up nsd3 on debian server.
My problem is that I need to set up a subdomain subd1.mydomain.com that is going to be severed on another VPS. I tried to add
subdmn1.mydomain.com. IN 1.2.3.5
(assuming that my destination IP is 1.2.3.5 different from current machine's IP 1.2.3.4) Then after running
nsdc rebuild
service nsd3 restart
the subdmn1.mydomain.com fails to resolve to the IP. Any clues will be much appreciated.
nsd3 accepts BIND-style zone files, so in your zone file for mydomain.com, you can add a line that looks like this:
subdomain1 IN A 1.2.3.5
That makes subdomain1.mydomain.com resolve to 1.2.3.5, while your normal A record can point to the 1.2.3.4 IP.
You have to take care however that you defined the $ORIGIN domain correctly, otherwise it won't work. That means that your domain name must include a period at the end, like this: mydomain.com.
I personally always use sudo zonec -v for compiling the zone file database, because that gives a verbose output with all errors (if any) clearly displayed.
For a very thorough example of zone files and DNS configuration, you can also check out: http://www.zytrax.com/books/dns/ch6/mydomain.html
Did you forget to increment serial number? I on the other hand keep forgetting to run 'nsdc rebuild'.

Resources