DNS server failed,all other servers unable to login (48 Views)
Reply
Valued Contributor
stephen peng
Posts: 597
Registered: ‎05-24-2004
Message 1 of 15 (48 Views)
Accepted Solution

DNS server failed,all other servers unable to login

dear all,
there are serveral servers in the LAN enviroment,and one server is configured as dns server at /etc/resolv.conf, and there was no /etc/nsswitch.conf at each server. today, the dns server failed, and I could ping all other servers in the LAN, but I could not telnet to them, I could not even telnet itself from every server(telnet hung, like waiting for reply). Was it a usual circumstance? without nsswitch.conf, TCP/IP request would always query dns and would not bypass dns? It confused me, would I "lost" all the servers if the dns server failes?!
Could any one please expain this to me, and thanks a lot!
Please use plain text.
Valued Contributor
stephen peng
Posts: 597
Registered: ‎05-24-2004
Message 2 of 15 (48 Views)

Re: DNS server failed,all other servers unable to login

Another detail was that, if I delete default gateway of one server, it could telnet itself or be telnet from the network switch. Was it also a certain thing in such enviroment?

thanks a lot!
Please use plain text.
Trusted Contributor
John Guster
Posts: 506
Registered: ‎03-16-2006
Message 3 of 15 (48 Views)

Re: DNS server failed,all other servers unable to login

you should be able to ping and telnet by IP when the DNS server is down; /etc/nsswitch.conf should be configured to direct name-service request to go /etc/hosts first, then go DNS if it is failed. check /usr/newconfig/etc/nsswitch.XXX depending on your situation.
With DNS server down, you should enter each server into /etc/hosts to provide smooth coomunication between all the servers.
Please use plain text.
Honored Contributor
Steven Schweda
Posts: 9,068
Registered: ‎02-23-2005
Message 4 of 15 (48 Views)

Re: DNS server failed,all other servers unable to login

> [...] I could ping all other servers [...]

By name, or by IP address? As usual, showing
actual commands with their actual output can
be more helpful than vague descriptions and
interpretations.

> [...] I could not telnet to them [...]

"I could not" is not a useful problem
description. It does not say what you did.
It does not say what happened when you did
it.

> [...] telnet hung [...]

Better, but not complete. Where, exactly,
did it hang? (Before the "login" prompt?
After the password response? ...) How long
did you wait for it to unhang?

> [...] would I "lost" all the servers [...]

I don't yet know how "lost" they are?

Are these local servers all specified in each
other's /etc/hosts files?
Please use plain text.
Esteemed Contributor
R.O.
Posts: 390
Registered: ‎04-20-2003
Message 5 of 15 (48 Views)

Re: DNS server failed,all other servers unable to login

If your only name resolution method is DNS and it fails, you won't be able to telnet "hostname". You should configure a secondary dns server for a case like this.
Try to configure a "nsswitch.conf" in one server with something like:

hosts: files [NOTFOUND=continue] dns [UNAVAIL=return]

With this, "telnet hostname" will return you to prompt if DNS server is not responding (and the hostname you want is not in "/etc/hosts" file)

Regards,


Regards,
"When you look into an abyss, the abyss also looks into you"
Please use plain text.
Valued Contributor
stephen peng
Posts: 597
Registered: ‎05-24-2004
Message 6 of 15 (48 Views)

Re: DNS server failed,all other servers unable to login

all,
1,I tried to ping and telnet all using IPs but not hostname,
2, There was no /etc/nsswitch.conf on each server
3, telnet hung after following output:
telnet 0
Trying...
Connected to 0.
Escape character is '^]'.
(0 was just one case)
and I could not wait to estimate how long it would hang
4,All servers were at each's /etc/hosts
5,All the time ping was good for every server
6,why it could not telnet itself when there was a default gateway? and could telnet itself when I delete the default gateway?
7,when the dns server fails, there was no way to telnet to or from all the servers?that was really unacceptable!why would this happenï¼
Please use plain text.
Trusted Contributor
John Guster
Posts: 506
Registered: ‎03-16-2006
Message 7 of 15 (48 Views)

Re: DNS server failed,all other servers unable to login

telnet to itself should be done with command:
"telnet localhost" assumming locahost is in the /etc/hosts file like
"127.0.0.1 localhost loopback"

telnet 0 is not the way to telnet itself.
Please use plain text.
Valued Contributor
stephen peng
Posts: 597
Registered: ‎05-24-2004
Message 8 of 15 (48 Views)

Re: DNS server failed,all other servers unable to login

johnï¼
OK, it could not telnet itself using its own IP,when there was a default gateway configured.
Please use plain text.
Trusted Contributor
John Guster
Posts: 506
Registered: ‎03-16-2006
Message 9 of 15 (48 Views)

Re: DNS server failed,all other servers unable to login

you got post info to us:
1. cat /etc/hosts
2. netstat -in
3. netstat -nr
4. cat /etc/services|grep telnet
5. cat /etc/inetd.conf|grep telnet
6. arp -a
7. make sure you have entry in /etc/nsswitch.conf: hosts: files [NOTFOUND=continue TRYAGAIN=continue] dns
8. can you do telnet localhost?
Please use plain text.
Valued Contributor
stephen peng
Posts: 597
Registered: ‎05-24-2004
Message 10 of 15 (48 Views)

Re: DNS server failed,all other servers unable to login

john,
I have commented the only line of /etc/resolv.conf and restart inetd, and it was ok for telnet. I just want to figure out for what reason could this happen. there was NO /etc/nsswitch.conf at each node(would this force telnet to query dns server without plan b even I did not use hostname?). I am pretty sure that the problem was caused by the failure of dns server, why it queried dns server when I telnet using IPs and what role the default gateway played(without default gateway, host could be telnet from switch) in such LAN enviroment? I consider that it should not query dns server when telnet using IPs, but I now doubt about it. what happened was far beyond my knowledge.

thank you for your reply
Please use plain text.
Valued Contributor
stephen peng
Posts: 597
Registered: ‎05-24-2004
Message 11 of 15 (48 Views)

Re: DNS server failed,all other servers unable to login

furthermore, I could not telnet localhost when the problem happened.
Please use plain text.
Trusted Contributor
John Guster
Posts: 506
Registered: ‎03-16-2006
Message 12 of 15 (48 Views)

Re: DNS server failed,all other servers unable to login

you have ARP in cache which might help in ping.
Please use plain text.
Honored Contributor
Steven Schweda
Posts: 9,068
Registered: ‎02-23-2005
Message 13 of 15 (48 Views)

Re: DNS server failed,all other servers unable to login

> [...] I could not wait to estimate how long
> it would hang

How long did you wait before you decided not
to wait? Milliseconds? Minutes? Hours?
Days? Any useful info at all?

> [...] (would this force telnet to query dns
> server without plan b even I did not use
> hostname?) [...]

The Telnet server normally tries to get the
name of the client by looking up its IP
address. It doesn't care how the client
found the server. If this (reverse) look-up
is slow (or hangs), then the Telnet
connection may be slow (or hang).

> furthermore, I could not [...]

"I could not" remains useless as a problem
description.

> you got post info to us:
> [...]

It would probably help if we had some idea of
the IP addresses, netmasks, routes, and so
on. Your opinion of the configuration is
interesting, but may be less valuable than
actual facts.
Please use plain text.
Valued Contributor
stephen peng
Posts: 597
Registered: ‎05-24-2004
Message 14 of 15 (48 Views)

Re: DNS server failed,all other servers unable to login

attached file present some information of network status.
Please use plain text.
Honored Contributor
rick jones
Posts: 3,814
Registered: ‎12-02-1996
Message 15 of 15 (48 Views)

Re: DNS server failed,all other servers unable to login

Doesn't really help directly, but I will note there is a reason that DNS serving is generally two or more systems and why the /etc/resolv.conf file can take more than one nameserver entry. It is to provide redundancy in the face of server failures.

If there is no nsswitch.conf file, the name resolution code assumes a particular set of defaults, which includes using DNS (IIRC).
there is no rest for the wicked yet the virtuous have no pillows
Please use plain text.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation