Posted by: Mangesh_Linux_Administrator | August 28, 2010

Some tricky questions


Some tricky questions in interviews
Some basic DNS troubleshooting in Linux.
First collect the information which has created the problem by doing some investigation(such as logs, debug messages etc) .
Prepare your tools which is required for your troubleshooting.
Troubleshooting is nothing but considering so many issues that may cause the problem and working one by one to pin point the actual culprit which created the issue.
once issue is pin-pointed you have to work on that issue with the tools/commands/logs all other resources and have to resolve it.

Coming to troubleshooting DNS aka named services, here are the steps how we can resolve the DNS related issue:

I will take one scenario “suppose my client is unable to resolve host-names to IP address”

Step1:Check the DNS server is configured on Client end or not

check in below file if name server is configured to proper DNS server or not
#vi /etc/resolv.conf

If the client is configured with proper DNS server follow to next step

Stpe2:Ping to DNS server ip address

#ping serveripadd

If pinging is happening proceed with the next step other wise click here to do network troubleshooting.

Step3:So pinging is happening… then there is a communication path between Server-client, so we have to check weather DNS server is running or not. Here nmap can be used to check what ports opened on server.

#nmap serveripadd

Example:

#nmap 125.22.73.23

this command will give you output what are the services running/ports opened on remote server, if DNS server is running and working fine means you can see DNS port(53) in the list of opened ports. If suppose server is not running/port blocked you can click here to troubleshoot in this way.

Step4:Now checking DNS server issue in deep
Checking under whom the DNS server is register and its properties .
#whois example.com
Checking what server is used to resolve and some basic info.
#nslookup http://www.example.com
Checking who is resolving and what is resolving in details about DNS server.
#dig http://www.example.com

Task: Port 53 open and listing requests
By default BIND listen DNS queries on port 53. So make sure port 53 is open and listing user requests. by running any one of the following tests. See if you can telnet to port 53 from remote computer:
$ telnet remote-server-ip 53
OR
telnet ns1.nixcraft.org domain
Output:
Trying 192.168.0.5…
Connected to ns1.nixcraft.org.
Escape character is ‘^]’.
If you cannot connect make sure firewall is not blocking your requests. Next use netstat command to list open and listing port 53 on server itself:
$ netstat -tulpn | grep :53
OR
# netstat -atve
Output:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode
tcp        0      0 ns1.nixcraft.org:domain *:*                     LISTEN      named      10386
tcp        0      0 rhx.test.com:domain     *:*                     LISTEN      named      10384
tcp        0      0 *:ssh                   *:*                     LISTEN      root       1785
tcp        0      0 rhx.test.com:rndc       *:*                     LISTEN      named      10388
tcp        0      0 rhx.test.com:smtp       *:*                     LISTEN      root       1873
tcp        0      0 ns1.nixcraft.org:ssh    w2k.nixcraft.org:1057   ESTABLISHED root       10501
tcp        0      0 rhx.test.com:32773      rhx.test.com:domain     TIME_WAIT   root       0
tcp        0      0 ns1.nixcraft.org:32775  ns1.nixcraft.org:domain TIME_WAIT   root       0
tcp        0      0 rhx.test.com:32774      rhx.test.com:domain     TIME_WAIT   root       0
Make sure iptables firewall is not blocking request on server:
# iptables -L -n
OR
# iptables -L -n | less
Make sure named is running:
# /etc/init.d/named status
If not start named:
# chkconfig named on
# service named start
Task: Use log files
You can use log files after starting/restarting bind to see error messages:
# tail –f /var/log/message
Output:
Nov 17 16:50:25 rhx named[3539]: listening on IPv4 interface lo, 127.0.0.1#53
Nov 17 16:50:25 rhx named[3539]: listening on IPv4 interface eth0, 192.168.0.5#53
Nov 17 16:50:25 rhx named[3539]: command channel listening on 127.0.0.1#953
Nov 17 16:50:25 rhx named[3539]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Nov 17 16:50:25 rhx named[3539]: nixcraft.org.rev:1: no TTL specified; using SOA MINTTL instead
Nov 17 16:50:25 rhx named[3539]: zone 0.168.192.in-addr.arpa/IN: loaded serial 12
Nov 17 16:50:25 rhx named[3539]: zone localhost/IN: loaded serial 42
Nov 17 16:50:25 rhx named[3539]: zone nixcraft.org/IN: loaded serial 12
Nov 17 16:50:25 rhx named[3539]: running
Task: Check zone file for errors
You can check zone file syntax and /etc/named.conf file using following utilities. named-checkconf command is named (BIND) configuration file syntax checking tool.
# named-checkconf /etc/named.conf
Output:
/etc/named.conf:32: missing ‘;’ before ‘zone’
Plesse note that if named-checkconf did not find any errors it will not display in output on screen.
Check zone file syntax for errors. named-checkzone is zone file validity checking tool. named-checkzone checks the syntax and integrity of a zone file. It performs the same checks as named does when loading a zone. This makes named checkzone useful for checking zone files before configuring them into a name server.
# named-checkzone localhost /var/named/localhost.zone
OR
#named-checkzone nixcraft.org /var/named/nixcraft.org.zone
Output:
zone nixcraft.org/IN: loaded serial 12
OK
Task: Testing BIND/DNS with utilities
You can use host and dig utilties to test your bind configuration.
host: host is a simple utility for performing DNS lookups. It is normally used to convert names to IP addresses and vice versa.
dig: dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.
List IP address associated with host names:
# host nixcraft.org
OR
# host www
Output:
http://www.nixcraft.org has address 192.168.0.6
Perform a zone transfer for zone name using -l option:
# host -l nixcraft.org
nixcraft.org SOA ns1.nixcraft.org. admin.nixcraft.org. 12 10800 900 604800 86400
nixcraft.org name server ns1.nixcraft.org.
nixcraft.org mail is handled by 10 mail.nixcraft.org.
nixcraft.org has address 192.168.0.5
gw.nixcraft.org has address 192.168.0.254
mail.nixcraft.org has address 192.168.0.7
ns1.nixcraft.org has address 192.168.0.5
w2k.nixcraft.org has address 192.168.0.1
http://www.nixcraft.org has address 192.168.0.6
nixcraft.org SOA ns1.nixcraft.org. admin.nixcraft.org. 12 10800 900 604800 86400
Other examples
# dig mail.nixcraft.org
# dig 192.168.0.5

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Categories

%d bloggers like this: