ping cannot resolve a name

bzidler · November 21, 2013, 4:55pm

After upgrading to 13.1 I have a strange issue. I can resolve names with nslookup or dig, and can ping the IP of any site, but ping cannot resolve it itself. And Firefox cannot either. By entering the IP of all repositories in /etc/hosts I could get all updates with zypper, but I still have the same problem. I, of course, checked /etc/nsswitch.conf which specifies files and dns for a search. Also my /etc/resolv.conf is ok. And /etc/sysconfig/network/config has NETCONFIG_DNS_FORWADER set to resolver.The general config is the same as the one before upgrade from 12.3. A tcpdump on wlan1 while trying to ping [noparse]www.yahoo.com[/noparse] shows that there is no try for a resolution of the name. I don’t use network manager. And I have a normal routing table :

orion:/etc/sysconfig/network > netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         192.168.1.254   0.0.0.0         UG        0 0          0 wlan1
127.0.0.0       0.0.0.0         255.0.0.0       U         0 0          0 lo
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 wlan1
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 wlan1

Any idea ?

ab · November 21, 2013, 11:29pm

Is ‘nscd’ running? I think it’s involved in this functionality.

Some applications use the system’s DNS functionality, while other
applications have their own. Google Chrome/Chromium, for example, will
often do DNS stuff even when other browsers on the same box will not due
to a DNS problem with the system.

That ‘dig’ works makes me think the system overall is fine, at least as
far as the network/firewall is concerned, but it may be worthwhile to take
a LAN trace of port 53 stuff to see what differs, if anything.

Code:

sudo /usr/sbin/tcpdump -n -s 0 -i any port 53 -w /tmp/port53.cap

Post the file somewhere for us to review, or if that is sensitive somehow
remove from the ‘-w’ to the end and add ‘-vvv’ and see if anything shows
up. Be sure to keep track of which timestamps are for which tests (dig
vs. ping vs. host vs. FireFox).

–
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below…

bzidler · November 22, 2013, 12:36am

Thanks a lot for your answer. But I won’t be able to try this because after several hours on this problem (and some other issues with KDE) I gave up and went for a new fresh install. Which of course leads to many new problems, but at least the network connectivity and DNS is solved. As often we will never know what was wrong.

bzidler · November 29, 2013, 1:41pm

I have found the solution to the problem of no name resolution by ping after an upgrade. It may happen to someone else, and that’s why I give it here.

Doing an strace I discovered that ping could not open resolv.conf. This one was a soft link that I point to the file I want to use at some point :

orion:/etc # ls -la resol*
lrwxrwxrwx 1 root root 14 Nov 29 10:06 resolv.conf → resolv.conf.bt
-rw-r–r-- 1 root root 76 Jul 31 2012 resolv.conf.bt
-rw-r–r-- 1 root root 56 Jul 16 2012 resolv.conf.google
-rw-r–r-- 1 root root 818 Apr 7 2012 resolv.conf.netconfig
-rw-r–r-- 1 root root 77 Aug 1 2012 resolv.conf.opendns
-rw-r–r-- 1 root root 75 Jun 15 09:00 resolv.conf.opennic
-rw-r–r-- 1 root root 67 Jul 17 2012 resolv.conf.router

On Opensuse 12.3 there was no problem with this. But on 13.1 I get :

open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied)
uname({sys=“Linux”, node=“orion”, …}) = 0
stat("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=76, …}) = 0
open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied)

I just had to remove the link and copy the resolv.conf that I wanted to use. Why is the symbolic link not allowing a read, I don’t know. And why is it working for nslookup or dig that also need to open resolv.conf I don’t know either :

orion:/etc # strace nslookup Yahoo
…
open("/etc/resolv.conf", O_RDONLY) = 6
fstat(6, {st_mode=S_IFREG|0644, st_size=76, …}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa23ffa0000

robin_listas · November 29, 2013, 3:58pm

On 2013-11-29 13:46, bzidler wrote:

> I just had to remove the link and copy the resolv.conf that I wanted to
> use. Why is the symbolic link not allowing a read, I don’t know. And why
> is it working for nslookup or dig that also need to open resolv.conf I
> don’t know either :

I do: apparmour.

It is on the release notes (the current version, not the web version).

–
Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

mimis-suse10 · December 7, 2014, 1:51pm

Thank you so much Carlos !!!

I lost 5 hours of my Sunday trying to pin down this!
Such problems are UNACCEPTABLE - do you hear SuSE team? what a jerk must you be to hide such a problem in an update? are you having fun with people running around like crazy?

m