<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<p><font face="monospace">Hi,</font></p>
<p><font face="monospace">My DNS system if perfectly working :</font></p>
<p>
<blockquote type="cite"><font face="monospace">[xavier@numenor ~]$
dig dns.google.com<br>
<br>
; <<>> DiG 9.16.15 <<>> dns.google.com<br>
;; global options: +cmd<br>
;; Got answer:<br>
;; ->>HEADER<<- opcode: QUERY, status: NOERROR,
id: 12276<br>
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0,
ADDITIONAL: 1<br>
<br>
;; OPT PSEUDOSECTION:<br>
; EDNS: version: 0, flags:; udp: 1232<br>
; COOKIE: 7b606d7c32a99906010000006097b6d7f61894ea0a92dac2
(good)<br>
;; QUESTION SECTION:<br>
;dns.google.com. IN A<br>
<br>
;; ANSWER SECTION:<br>
dns.google.com.
880 IN A 8.8.4.4<br>
dns.google.com.
880 IN A 8.8.8.8<br>
<br>
;; Query time: 0 msec<br>
;; SERVER: ::1#53(::1)<br>
;; WHEN: Sun May 09 12:17:59 CEST 2021<br>
;; MSG SIZE rcvd: 103<br>
</font></blockquote>
</p>
<p><font face="monospace">On other hosts in my home, it works, too.</font></p>
<p><font face="monospace">But on one machine, it fails :</font></p>
<p>
<blockquote type="cite"><font face="monospace"><span
style="color:#000000;background-color:#ffffff;">[xavier@feanor
~]$ dig @numenor dns.google.com +trace
</span><br>
</font>
<font face="monospace"><br>
; <<>> DiG 9.16.8-Ubuntu <<>> @numenor
dns.google.com +trace
<br>
; (1 server found)
<br>
;; global options: +cmd
<br>
. 518400 IN NS
m.root-servers.net.
<br>
. 518400 IN NS
b.root-servers.net.
<br>
. 518400 IN NS
e.root-servers.net.
<br>
. 518400 IN NS
d.root-servers.net.
<br>
. 518400 IN NS
h.root-servers.net.
<br>
. 518400 IN NS
f.root-servers.net.
<br>
. 518400 IN NS
g.root-servers.net.
<br>
. 518400 IN NS
c.root-servers.net.
<br>
. 518400 IN NS
i.root-servers.net.
<br>
. 518400 IN NS
j.root-servers.net.
<br>
. 518400 IN NS
k.root-servers.net.
<br>
. 518400 IN NS
l.root-servers.net.
<br>
. 518400 IN NS
a.root-servers.net.
<br>
. 518400 IN RRSIG NS 8 0 518400
20210521170000 20210508160000 14631 .
IgUiqHrRXT5hTAa5wnubyCL0T9iq+iRAQIUQlIStRYqZh6Qp5W3sZLum
6O+EkYZALJda6RJwQY8oPEgQVQymGmGyAxcZBekX5vsMm8MgovQIA+Ev
SroSeV9yXDURHqt8af+25bw<br>
6YyUQEOblPehxyUYYkF9cP8FlieAUw1Fn
HMvqpQlEn2sYS4UjA+euhcS2k7jnyEdBNbXbEZVq56zHK1aHPQIp2f4/
byHaC55zPJ5rgLwMUh+8JuP47wb4NWAKIj76EUlqcidfI8hxZI5KPoNZ
vmIcEtQSfRYqVxoc+BiEEgalw5afAmXjEtvJaWm4v5383uatiQ1s9AgC
MPQFHw==
<br>
couldn't get address for 'm.root-servers.net': not found</font></blockquote>
</p>
<p><font face="monospace">None of the root servers can't be found.
My root hint file is up to date.</font></p>
<p><font face="monospace">The network configuration on this machine
:</font></p>
<p><font face="monospace">
<blockquote type="cite"><span style="font-family:monospace"><span
style="color:#000000;background-color:#ffffff;">[xavier@feanor
~]$ nmcli device show enp10s0
</span><br>
GENERAL.DEVICE: enp10s0
<br>
GENERAL.TYPE: ethernet
<br>
GENERAL.HWADDR: 04:7D:7B:02:68:67
<br>
GENERAL.MTU: 1500
<br>
GENERAL.STATE: 100 (connected)
<br>
GENERAL.CONNECTION: Wired
<br>
GENERAL.CON-PATH:
/org/freedesktop/NetworkManager/ActiveConnection/3
<br>
WIRED-PROPERTIES.CARRIER: on
<br>
IP4.ADDRESS[1]: 192.168.100.25/24
<br>
IP4.GATEWAY: 192.168.100.254
<br>
IP4.ROUTE[1]: dst = 0.0.0.0/0, nh
= 192.168.100.254, mt = 100
<br>
IP4.ROUTE[2]: dst =
192.168.100.0/24, nh = 0.0.0.0, mt = 100
<br>
IP4.ROUTE[3]: dst =
169.254.0.0/16, nh = 0.0.0.0, mt = 1000
<br>
IP4.DNS[1]: 192.168.100.144
<br>
IP4.DNS[2]: 192.168.100.254<br>
</span></blockquote>
This is not an ACL problem, the whole subnet is allowed. Nmap
and/or telnet shows no blocked port problem</font></p>
<p><font face="monospace">Trying on the secondary leads to the same
behaviour<br>
</font></p>
<p><font face="monospace">Eventually, I am lost.</font></p>
<p><font face="monospace">Could anyone help ?</font></p>
<p><font face="monospace">Thanks,</font></p>
<p><font face="monospace">Regards<br>
</font></p>
<pre class="moz-signature" cols="72">--
Xavier Humbert
CRT Supervision et Exploitation de Niveau 1
Rectorat de Nancy-Metz
03 83 86 27 39
</pre>
</body>
</html>