HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=16)
-   -   country section show only 100% unresolved (http://www.howtoforge.com/forums/showthread.php?t=10232)

shadowspank 30th January 2007 22:30

country section show only 100% unresolved
 
I have looked over the forums and did not find anything that would fix my problem what I am seeing with Webalizer is that Usage by country shows unresolved/unknown. I have the server on behind a firewall using nat. All the stats show up right but this.. I have looked at /etc/webalizer.conf and I do have the dns_cache.db file listed and its set at 10. Server has full access to the internet. Nothing is being blocked outgoing. www.domain.com/stats works fine I just get Usage by country unresolved/unknown. Please help thanks.

martinfst 31st January 2007 16:29

Looks like it cannot access the outside DNS servers. What's in /etc/resolv.conf? Do you have bind running locally?

shadowspank 31st January 2007 17:15

I do have bind running and it works great I use it for one of my dns servers.
Here is the output from /etc/resolv.conf
nameserver 10.11.1.5
nameserver 4.2.2.1


I can run nslookup on the local dns server and I get an output of zone file information I have added to the server.

> ls -d domain.com
[domain.com]
domain.com. SOA domain.com. admin.domain.com. (20070
13001 28800 7200 604800 86400)
domain.com. A 10.11.1.5
domain.com. NS domain.com.
www A 10.11.1.5
www MX 10 www.domain.com.
domain.com. SOA domain.com. admin.domain.com.. (20070
13001 28800 7200 604800 86400)

domain.com. was placed for posting in place of my real domain.
>

But as you can see its running and in place I can run updates on the server yum update and so on they all use host names to get the updates. Lan is not blocked any access to the internet.

martinfst 31st January 2007 17:29

The nameserver IP's do look like local IP's and do not point to a valid nameserver. What happens if you do e.g. (from commandline)
Code:

dig google.com
Because your testing here only shows your local Bind server resolves for it's own internal network.
With the dig google.com you should at least see the ANSWER section like:
Code:

;; ANSWER SECTION:
google.com.            300    IN      A      64.233.167.99
google.com.            300    IN      A      64.233.187.99
google.com.            300    IN      A      72.14.207.99


jnsc 31st January 2007 17:33

It looks like your server only resolves the zone it is hosting itself.

if you try this command what output do you get?

Code:

dig -x 72.14.207.99
Update:
martinfst was faster

shadowspank 31st January 2007 17:48

Looks like your right. its only looking at it self how do I fix this..

[root@www ~]# dig google.com
;; reply from unexpected source: 10.11.1.5#53, expected 4.2.2.1#53
;; Warning: ID mismatch: expected ID 9856, got 55525

; <<>> DiG 9.3.1 <<>> google.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 9856
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;google.com. IN A

;; Query time: 2169 msec
;; SERVER: 10.11.1.5#53(10.11.1.5)
;; WHEN: Wed Jan 31 08:45:26 2007
;; MSG SIZE rcvd: 28

jnsc 31st January 2007 17:51

you have to change your /etc/resolv.conf file. Enter the dns server of your ISP.

shadowspank 31st January 2007 18:34

I changed my dns servers to
nameserver 68.94.156.1
nameserver 68.94.157.1
~

now I am not getting any responce. I am using m0n0wall ruleset is
TCP DMZ net * WAN address *

shadowspank 31st January 2007 18:51

I think I found the problem m0n0wall was dropping ICMP and UDP packets.
to the wan interface I allowed them and I was able to get a response.

dig google.com

; <<>> DiG 9.3.1 <<>> google.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48340
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION:
;google.com. IN A

;; ANSWER SECTION:
google.com. 8 IN A 64.233.187.99
google.com. 8 IN A 72.14.207.99
google.com. 8 IN A 64.233.167.99

;; AUTHORITY SECTION:
google.com. 313660 IN NS ns2.google.com.
google.com. 313660 IN NS ns3.google.com.
google.com. 313660 IN NS ns4.google.com.
google.com. 313660 IN NS ns1.google.com.

;; ADDITIONAL SECTION:
ns1.google.com. 314003 IN A 216.239.32.10
ns2.google.com. 340571 IN A 216.239.34.10
ns3.google.com. 340571 IN A 216.239.36.10
ns4.google.com. 340571 IN A 216.239.38.10

;; Query time: 11 msec
;; SERVER: 68.94.156.1#53(68.94.156.1)
;; WHEN: Wed Jan 31 09:47:27 2007
;; MSG SIZE rcvd: 212

Now I will just wait till 4am or tomorrow and check the stats see if they have updated with anything new. I will keep you guys posted thanks.

shadowspank 1st February 2007 17:46

I checked the stats today after I visited the site from outside and inside still shows 100%unresolved would this be a problem with the server being behind a NAT?


All times are GMT +2. The time now is 16:08.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.