Reply
kehrli
Aspirant

wrong IP address found with nslookup

Firmware Version 
V1.0.4.12_10.1.46

 

I'm working with servers on the local network (192.168.1.*).  I'm having trouble getting them to resolve correctly.  I have 2 hosts, both of which have DHCP address allocations on the router.  Host1 is 192.168.1.245.  Host2 is 192.168.1.242.  Both hosts have entries in the hosts file for each other and for themselves.  Host1 is on a Win7 box, and Host2 is on a debain linux box. 

 

On the linux box (Host2) when I issue the nslookup command I get:

 

~: $ nslookup Host2
Server: 192.168.1.1
Address: 192.168.1.1#53

Non-authoritative answer:
Name: Host2
Address: 198.105.244.228
Name: Host2
Address: 198.105.254.228

 

These IP addresses resolve to Search Guide Inc. My ISP (Charter, US) uses a service of theirs to try and send me to a search page when a dns lookup results in a not found.

 

When I do an nslookup from the windows box to the linux box (Host1 to Host2) I get the same result.

 

When I ping in either direction, I get instant results as it appears that in both cases the hosts file is being used.  But in other applications, in particular, when ssh-ing into the linux box, a reverse dns lookup is occurring that is causing a problem.  But regardless of that, this is just a misconfigured dns setup. 

 

How can I fix it so that local network computers and ip addresses are not being sent out to external dns servers for processing? 

Model: R8000|Nighthawk X6 AC3200 Smart WIFI Router
Message 1 of 3
antinode
Guru

Re: wrong IP address found with nslookup

> [...] Both hosts have entries in the hosts file for each other and for
> themselves.  Host1 is on a Win7 box, [...]

   I'm impressed that you managed to find the "hosts" file on Windows.

> [...] when ssh-ing into the linux box, a reverse dns lookup is
> occurring that is causing a problem. [...]

   SSH, Telnet, and a bunch of other services may do this.  Complaints
about slow connections are often traced to slow/failing reverse DNS
look-ups (on the server, of the connecting client).

   I don't know enough about how the resolvers on these systems operate
(and I know nothing about how yours might be configured), so I don't
know if you can expect them to look at the "hosts" file before trying
DNS.  Using "nslookup" directly may do things differently from the way
the actual resolver works, too.  (No bets, but I'd expect "nslookup" to
use DNS, even if the resolver were configured to look at "files" before
"dns".)

> How can I fix it so that local network computers and ip addresses are
> not being sent out to external dns servers for processing?

   One way would be to run your own local DNS server, and point clients
to that (first).  Around here, for example, "/etc/resolv.conf" might
look like this:

      search antinode.info
      nameserver 10.0.0.140
      nameserver 10.0.0.1

where "10.0.0.140" is where my local name server runs, and "10.0.0.1" is
the router (D7000[v1], V1.0.1.64_1.0.1).

   I don't think that you can easily persuade a typical Netgear router
to suggest that alternate DNS server to a DHCP client, but most of my
systems (other than Internet-of-Junk gizmos) have static IP
configurations, so that doesn't bother me.  I haven't tried it, so I
know nothing, but perhaps you could specify a local DNS server under
ADVANCED > Setup > Internet Setup : Domain Name Server (DNS) Address :
Primary DNS, along with a (manually specified) ISP DNS server (as the
Secondary DNS).

Message 2 of 3
kehrli
Aspirant

Re: wrong IP address found with nslookup

Thank you.  I've tried everything I could find on the net to solve this one.  Fortunately, this internal address is accessible from the outside world.  The router has port forwarding wet up for the ssh port.   So, I just switched to accessing it from it's external address via my dynamic dns address.  It works very quickly that way.

 

I'm pretty sure this has to do with dns and the reverse lookup issue, but I checked on all of the settings that can prevent that, and none of them made any change whatsoever.  I tried:

 

UseDNS      no

VerifyReverseMapping      no

 

And also commenting out the 2 GSSAPI options

in /etc/ssh/sshd_config

 

Message 3 of 3
Top Contributors
Discussion stats
  • 2 replies
  • 2795 views
  • 0 kudos
  • 2 in conversation
Announcements