The joy of (broken) DNS

landman@balto ~
$ ping jackrabbit
<span id="more-140"></span>
landman@balto ~
$ nslookup !$
nslookup jackrabbit
Address:  x.y.z.t

Name:    jackrabbit

landman@balto ~
$ ping jackrabbit
ping: unknown host jackrabbit

Oh… it gets better.

Run strace on ping jackrabbit. I want to know where the failure is. I’ll tell you why in a minute.

  487  246858 [main] ping 3308 sig_send: returning 0x0 from sending signal -34
21823  268681 [main] ping 3308 wsock_init: res 0
  607  269288 [main] ping 3308 wsock_init: wVersion 514
  313  269601 [main] ping 3308 wsock_init: wHighVersion 514
 6813  276414 [main] ping 3308 wsock_init: szDescription WinSock 2.0
  674  277088 [main] ping 3308 wsock_init: szSystemStatus Running
  340  277428 [main] ping 3308 wsock_init: iMaxSockets 0
  326  277754 [main] ping 3308 wsock_init: iMaxUdpDg 0
  297  278051 [main] ping 3308 wsock_init: lpVendorInfo 0
2293433 2571484 [main] ping 3308 __set_errno: void __set_winsock_errno(const cha
r*, int):234 val 1
  740 2572224 [main] ping 3308 __set_winsock_errno: __dup_ent:334 - winsock erro
r 11001 -> errno 1
  559 2572783 [main] ping 3308 cygwin_gethostbyname: dup_ent returned NULL for n
ame jackrabbit, h 0x0

Hey… you notice that winsock stuff? Yeah, this is cygwin. On Windows XP professional. My laptop booted into windows.

So, you say, cygwin is hosed.

Not quite.

c:\home\landman>ping jackrabbit

Pinging [] with 32 bytes of data

Reply from bytes=32 time<1ms TTL=64
Reply from bytes=32 time<1ms TTL=64
Reply from bytes=32 time<1ms TTL=64
Reply from bytes=32 time<1ms TTL=64

Ping statistics for
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

(some time elapses)

c:\home\landman>ping jackrabbit
Ping request could not find host jackrabbit. Please check the name and try again

Uh huh.

I am booted into windows for some work on documents that I am sharing with other windows users. This is a well run and functional network. Has been for years (very nearly a decade now).

Every now and then, I dunno, a few hours after acquiring a dhcp lease, and well before the lease timeout, this machine suddenly forgets where some critical machines are. Host resolution fails. I can see the lookups, but windows seems content to ignore them. Ok… this happens only under windows, to be fair. Under Linux, the laptop happily resolves against the same DNS server w/o problems.

This has happened to me on more than just this laptop. I see this on machines all over the place. Not just ours. At other reasonably well constructed network locations.

As a sanity check:

[root@rpath ~]# ping jackrabbit
PING ( 56(84) bytes of data.
64 bytes from ( icmp_seq=0 ttl=64 time=4.88 ms
64 bytes from ( icmp_seq=1 ttl=64 time=0.221 ms

--- ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 0.221/2.554/4.888/2.334 ms, pipe 2

Uh huh.

Well, the DNS server is working. The machine is reachable from the laptop. By IP address.

landman@balto ~
$ ping
PING ( 56 data bytes
64 bytes from icmp_seq=0 ttl=64 time=2 ms
64 bytes from icmp_seq=1 ttl=64 time=0 ms

---- PING Statistics----
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip (ms)  min/avg/max/med = 0/1/2/1

landman@balto ~
$ ping jackrabbit
ping: unknown host jackrabbit

Broken DNS access does not impress me. Especially on a network and server that does DNS very well.

Maybe it is some of that special sauce we keep hearing about. Anyone know how to turn it off so that the thing works without having to reseat the network cable or do an ipconfig/renew ?

Viewed 6911 times by 1357 viewers


One thought on “The joy of (broken) DNS

  1. I know this must be quite an old article but incase someone else finds this looking for solutions.

    This type of behaviour instilled itself in a pc i was asked to repair, it turned out to be a spambot fudging with the dns stuff (although it did not at that point appear to change the hosts file).

    It hid itself very well the only reason i found it in the end was that it was in my lockup zone for repairing machines, this zone has strict firewall rules and verbose logging, it was hammering outbound 25, wasn’t getting anywhere but it was sure trying.

Comments are closed.