Bug 520304

Summary: No name resolution in http, ftp, ssh and yum
Product: [Fedora] Fedora Reporter: Clodoaldo Pinto Neto <clodoaldo.pinto.neto>
Component: NetworkManagerAssignee: Dan Williams <dcbw>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: low    
Version: 10CC: dcbw, wacker
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-10-16 22:51:27 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Clodoaldo Pinto Neto 2009-08-30 11:46:07 UTC 
http, ftp, ssh and yum can't have names resolved. Firefox only works when network.dns.disableIPv6 it set to true.

# yum update
Loaded plugins: refresh-packagekit
http://linuxdownload.adobe.com/linux/i386/repodata/repomd.xml: [Errno 4] IOError: <urlopen error (-2, 'Name or service not known')>
Trying other mirror.
Error: Cannot retrieve repository metadata (repomd.xml) for repository: adobe-linux-i386. Please verify its path and try again

$ ssh example.com
ssh: Could not resolve hostname example.com: Name or service not known

If I setup squid and export http_proxy="http://localhost:3128" in /etc/profile then Firefox and Yum work.

I have two other machines, F11 and F6, behind the same ADSL router and neither have a problem.

I have opendns servers set in resolv.conf:

# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 208.67.220.220
nameserver 208.67.222.222
nameserver 10.1.1.1

# cat network
NETWORKING=yes
HOSTNAME=d2.localdomain
GATEWAY=10.1.1.1

# cat network-scripts/ifcfg-eth0
# Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller
DEVICE=eth0
BOOTPROTO=none
DNS1=208.67.220.220
DNS2=208.67.222.222
DNS3=10.1.1.1
HWADDR=00:21:97:00:79:21
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
NM_CONTROLLED=yes
PEERDNS=yes
DHCP_HOSTNAME=d2.localdomain
IPADDR=10.1.1.110
NETMASK=255.0.0.0
GATEWAY=10.1.1.1

Wireshark can capture the DNS traffic (port 53) when using Firefox network.dns.disableIPv6 set to true. Otherwise there is no DNS traffic from any service.

Stopping iptables or ip6tables does not help.
Comment 1 Dan Williams 2009-10-16 21:00:39 UTC 
Can you ping the nameservers?  Can you ping the gateway 10.1.1.1?
Comment 2 Clodoaldo Pinto Neto 2009-10-16 21:12:28 UTC 
Sure:

$ ping 10.1.1.1
PING 10.1.1.1 (10.1.1.1) 56(84) bytes of data.
64 bytes from 10.1.1.1: icmp_seq=1 ttl=64 time=1.94 ms

$ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 208.67.220.220
nameserver 208.67.222.222
nameserver 10.1.1.1

$ ping 208.67.220.220
PING 208.67.220.220 (208.67.220.220) 56(84) bytes of data.
64 bytes from 208.67.220.220: icmp_seq=1 ttl=56 time=511 ms
Comment 3 Dan Williams 2009-10-16 21:59:46 UTC 
and even when this ping works, DNS still doesn't work unless you have a squid proxy or something?

Does 'dig cnn.com' work?  What does it return?
Comment 4 Clodoaldo Pinto Neto 2009-10-16 22:12:15 UTC 
When I stop squid ping still works. What does not work (can't resolve host names) is Firefox (unless network.dns.disableIPv6 it set to true), yum, ssh.

Dig works without squid:

$ dig cnn.com

; <<>> DiG 9.5.2-RedHat-9.5.2-1.fc10 <<>> cnn.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53577
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;cnn.com.			IN	A

;; ANSWER SECTION:
cnn.com.		140	IN	A	157.166.255.18
cnn.com.		140	IN	A	157.166.255.19
cnn.com.		140	IN	A	157.166.224.25
cnn.com.		140	IN	A	157.166.224.26
cnn.com.		140	IN	A	157.166.226.25
cnn.com.		140	IN	A	157.166.226.26

;; Query time: 505 msec
;; SERVER: 208.67.220.220#53(208.67.220.220)
;; WHEN: Fri Oct 16 19:11:24 2009
;; MSG SIZE  rcvd: 121
Comment 5 Dan Williams 2009-10-16 22:45:09 UTC 
What glibc version do you have?
Comment 6 Dan Williams 2009-10-16 22:45:58 UTC 
Also, can you grab the output of 'ifconfig -a' for me?
Comment 7 Dan Williams 2009-10-16 22:51:27 UTC 
I think this is your issue:

http://www.fedorafaq.org/#dns-slow

https://bugzilla.redhat.com/show_bug.cgi?id=459756

Going to dupe to that bug since that's probably the issue.

*** This bug has been marked as a duplicate of bug 459756 ***
Comment 8 Clodoaldo Pinto Neto 2009-10-17 11:17:41 UTC 
It does not look like that bug.

$ rpm -q glibc
glibc-2.9-3.i686
glibc-2.9-3.x86_64

$ ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:21:97:00:79:21  
          inet addr:10.1.1.110  Bcast:10.255.255.255  Mask:255.0.0.0
          inet6 addr: fe80::221:97ff:fe00:7921/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1198977 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1645896 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:130849154 (124.7 MiB)  TX bytes:745091080 (710.5 MiB)
          Interrupt:18 Base address:0x8000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:533895 errors:0 dropped:0 overruns:0 frame:0
          TX packets:533895 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:75708827 (72.2 MiB)  TX bytes:75708827 (72.2 MiB)

pan0      Link encap:Ethernet  HWaddr C6:53:4D:00:08:D3  
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

virbr0    Link encap:Ethernet  HWaddr FA:05:01:DC:73:2B  
          inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0
          inet6 addr: fe80::f805:1ff:fedc:732b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:665 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 b)  TX bytes:106887 (104.3 KiB)

$ rpm -q dnsmasq
dnsmasq-2.46-2.fc10.x86_64

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0
10.0.0.0        0.0.0.0         255.0.0.0       U     1      0        0 eth0
0.0.0.0         10.1.1.1        0.0.0.0         UG    0      0        0 eth0