Hi, Can you check if the VR is able to resolve the domain names by pinging from VR ?
-Sanjeev -----Original Message----- From: Vihar [mailto:vih1...@gmail.com] Sent: Monday, July 21, 2014 5:43 AM To: us...@cloudstack.apache.org Cc: dev@cloudstack.apache.org Subject: RE: DNS service on VR not responding Hi, Yes, if I remove or comment out the first nameserver entry for the VR's IP, and only leaving 8.8.8.8 and 8.8.4.4, guest VMs will be running fine and will be able to resolve domains properly." Are you able to ping the first DNS server IP address that you commented out? Regards Vihar K On Jul 20, 2014 11:29 PM, "Santhosh Edukulla" <santhosh.eduku...@citrix.com> wrote: > Do a traceroute to an external domain say google.com from guest vm, as > you mentioned below, both by commenting out vr ip and not, in > resolv.conf, you may see the difference. > > "Yes, if I remove or comment out the first nameserver entry for the > VR's IP, and only leaving 8.8.8.8 and 8.8.4.4, guest VMs will be > running fine and will be able to resolve domains properly." > > > Santhosh > ________________________________________ > From: Indra Pramana [in...@sg.or.id] > Sent: Sunday, July 20, 2014 1:48 PM > To: us...@cloudstack.apache.org > Cc: dev@cloudstack.apache.org > Subject: Re: DNS service on VR not responding > > Hi Santhosh, > > Good day to you, and thank you for your email. > > Traceroute packets seems to be dropped, I think it's by default. See > result > below: > > # traceroute X.X.X.2 > traceroute to X.X.X.2 (X.X.X.2), 30 hops max, 60 byte packets > 1 * * * > 2 * * * > 3 * * * > > However, I am able to ping, and there is a response when I tried to > telnet to port 53. > > 64 bytes from X.X.X.2: icmp_req=4 ttl=64 time=2.00 ms > 64 bytes from X.X.X.2: icmp_req=5 ttl=64 time=0.291 ms > 64 bytes from X.X.X.2: icmp_req=6 ttl=64 time=0.384 ms ^C > --- X.X.X.2 ping statistics --- > 6 packets transmitted, 6 received, 0% packet loss, time 4999ms rtt > min/avg/max/mdev = 0.270/0.603/2.006/0.628 ms > > # telnet X.X.X.2 53 > Trying X.X.X.2... > Connected to X.X.X.2. > Escape character is '^]'. > > netstat -a on the VR shows the service is listening on domain port (53). > > tcp 0 0 r-2606-VM:domain *:* LISTEN > > tcp 0 0 X.X.X.2:domain *:* LISTEN > > udp 156992 0 r-2606-VM:domain *:* > > udp 164032 0 X.X.X.2:domain *:* > > Can you advise if there's anything else I need to check? > > Looking forward to your reply, thank you. > > Cheers. > > > > > On Mon, Jul 21, 2014 at 1:17 AM, Santhosh Edukulla < > santhosh.eduku...@citrix.com> wrote: > > > Run trace route from guest vms, the result will yield to the point > > where packet drop is happening, could be a network acl rule issue, > > but tracert command can lead to some answers. > > > > List running ports as well on VR, do a telnet to dns port on router > > from guest vm to verify for its response. > > > > Santhosh > > ________________________________________ > > From: Indra Pramana [in...@sg.or.id] > > Sent: Sunday, July 20, 2014 1:06 PM > > To: us...@cloudstack.apache.org > > Cc: dev@cloudstack.apache.org > > Subject: Re: DNS service on VR not responding > > > > Hi Rafael, > > > > Good day to you, and thank you for your reply. > > > > Can't find anything wrong on dnsmasq.log / daemon.log, just some log > > entries related to DHCP, nothing on DNS. I masked the IP addresses > > since they are public. > > > > === > > Jul 20 16:21:51 r-2606-VM dnsmasq[3519]: DHCPDISCOVER(eth0) X.X.X.X > > 06:62:a8:01:13:37 > > Jul 20 16:21:51 r-2606-VM dnsmasq[3519]: DHCPOFFER(eth0) X.X.X.X > > 06:62:a8:01:13:37 > > Jul 20 16:21:51 r-2606-VM dnsmasq[3519]: DHCPREQUEST(eth0) X.X.X.X > > 06:62:a8:01:13:37 > > Jul 20 16:21:51 r-2606-VM dnsmasq[3519]: DHCPACK(eth0) X.X.X.X > > 06:62:a8:01:13:37 yyyyyy > > Jul 20 16:23:53 r-2606-VM dnsmasq[3519]: DHCPINFORM(eth0) X.X.X.X > > 06:43:4a:01:12:65 > > Jul 20 16:23:53 r-2606-VM dnsmasq[3519]: DHCPACK(eth0) X.X.X.X > > 06:43:4a:01:12:65 zzzzzz > > === > > > > Yes, the guest VMs are having difficulties resolving domains into IP > > addresses because of the problem on the VR's DNS server. > > > > $ host www.google.com X.X.X.X (where X.X.X.X is the IP address of > > the > VR) > > ;; connection timed out; no servers could be reached > > > > However, from within the VR, I am able to resolve domains just fine. > > > > Any advise where can I start troubleshooting this? > > > > Looking forward to your reply, thank you. > > > > Cheers. > > > > > > > > On Sun, Jul 20, 2014 at 11:26 PM, Rafael Weingartner < > > rafaelweingart...@gmail.com> wrote: > > > > > Have you taken a look at dnsmasq.log in the VR ? > > > What do you mean with not responding? The addresses are not being > > resolved > > > to ip addresses? > > > > > > > > > On Sun, Jul 20, 2014 at 11:53 AM, Indra Pramana <in...@sg.or.id> > wrote: > > > > > > > Dear all, > > > > > > > > All our guest VMs are having our virtual router (VR)'s IP > > > > address on /etc/resolv.conf. In the past two weeks, I just > > > > realised that the DNS service on the VR is not working, and > > > > doesn't respond to DNS queries > > from > > > > the DNS clients on the guest VM. > > > > > > > > I have tried to stop and start back the VR, but the problem persists. > > > > > > > > DHCP services seems to be running fine, only DNS services are > > > > not > > > working. > > > > From what I understand, both services are provided by dnsmasq, > correct? > > > > > > > > Any advice on how can I resolve the problem? > > > > > > > > Looking forward to your reply, thank you. > > > > > > > > Cheers. > > > > > > > > > > > > > > > > -- > > > Rafael Weingärtner > > > > >
