DNS and DHCP Working With Problems

HalNineThousand

I've been using DNSMasq to handle dhcp and dns on my LAN and it's worked just fine, but I'm taking that machine offline, so I am transferring those to PFSense.  Initially I went through, on PFSense, and set up all the addresses on my LAN that I need to be consistent by specifying, through the web interface, the MAC address, the host name and desired IP address.  I have included a few dummy MAC addresses so I could include the virtual systems I'll be setting up later.  (I wanted to get it all done while I was at it.)

At this point, I was not using the dhcp from PFSense.  My Linux server was providing both dhcp and dns services.  Then, when I got things ready, I activated the dns and dhcp on PFSense and started by changing over one computer at a time.  Initially I told my iMac the DNS was at 172.16.7.1 (PFSense) and not 172.16.7.2 (which is where the Linux server is/was).  It got the new address easily, but wasn't getting any DNS info from it.

I had to play around with forwarding and finally reboot PFSense and finally got it working (just regular restarts and restarting dnsmasq on PFSense wasn't doing it).  I stopped dnsmasq on the Linux server and changed over all my boxen to the new one.  On my Macs, that was a matter of just changing the setting on the preferences to use DHCP for the address.  On Linux, I changed /etc/network/interfaces to this:

auto eth0
iface eth0 inet dhcp

to replace the longer static entries that specified everything like the gateway and so on.

If I use host and a system name, I get the address.  It works for external IP addresses, too.  But there's a rub:  It doesn't work for ssh.  For example I used to use:

ssh scarecrow

and I'd get that system.  Same with all the other systems.  But now, when I do that, I get:

ssh: Could not resolve hostname ozma.thresh.oz: nodename nor servname provided, or not known

I can use ssh and connect with the same box if I specify the IP address, though.  I can also ssh to a system outside my LAN by specifying the FQDN.  I know I can alter the sshd config file, but I'm concerned this is just part of a bigger problem and I'd rather fix it now than get burned later somehow.

There's also one other issue I've noticed.  I have two Linux boxen running right now.  On one, if I type

host scarecrow

I get the IP address without trouble.  This happens if I use the FQDN for my LAN or just the system name.  But if I'm on one of the Linux systems and do that, I get:

[root@scarecrow:~]$ host scarecrow
scarecrow.thresh.oz    A      172.16.7.4
!!! scarecrow.thresh.oz A record has zero ttl

If I do this for a system outside my LAN, I get the FQDN.

I've checked /etc/network/interfaces and I have the same thing in there that I have in for the other Linux box without that trouble.  The only difference there is I am using eth1 as the default and not eth0.  (I made that decision 3 years ago, and I can't remember why.)  (And I have set the TTL on the DHCP Server page on PFSense to the defaults.)

So the DNS seems to work.  I can get addresses for a hostname, inside or outside the LAN, but I can't get addresses for ssh and one computer gets readings that are different than the others.

Any ideas what's going wrong on this?  Any help would be appreciated!

Here's the DHCP log from when I just rebooted PFSense (which didn't fix or change anything):

Aug 24 11:37:28 dhcpd: Internet Systems Consortium DHCP Server V3.0.5
Aug 24 11:37:28 dhcpd: Copyright 2004-2006 Internet Systems Consortium.
Aug 24 11:37:28 dhcpd: All rights reserved.
Aug 24 11:37:28 dhcpd: For info, please visit http://www.isc.org/sw/dhcp/
Aug 24 11:37:28 dhcpd: Wrote 0 deleted host decls to leases file.
Aug 24 11:37:28 dhcpd: Wrote 0 new dynamic host decls to leases file.
Aug 24 11:37:28 dhcpd: Wrote 0 leases to leases file.
Aug 24 11:37:28 dhcpd: Listening on BPF/vr1/00:00:24:c9:dc:31/172.16/16
Aug 24 11:37:28 dhcpd: Sending on BPF/vr1/00:00:24:c9:dc:31/172.16/16
Aug 24 11:37:28 dhcpd: Sending on Socket/fallback/fallback-net
Aug 24 11:37:32 dhcpd: Internet Systems Consortium DHCP Server V3.0.5
Aug 24 11:37:32 dhcpd: Copyright 2004-2006 Internet Systems Consortium.
Aug 24 11:37:32 dhcpd: All rights reserved.
Aug 24 11:37:32 dhcpd: For info, please visit http://www.isc.org/sw/dhcp/
Aug 24 11:37:32 dhcpd: Wrote 0 deleted host decls to leases file.
Aug 24 11:37:32 dhcpd: Wrote 0 new dynamic host decls to leases file.
Aug 24 11:37:32 dhcpd: Wrote 0 leases to leases file.
Aug 24 11:37:32 dhcpd: Listening on BPF/vr1/00:00:24:c9:dc:31/172.16/16
Aug 24 11:37:32 dhcpd: Sending on BPF/vr1/00:00:24:c9:dc:31/172.16/16
Aug 24 11:37:32 dhcpd: Sending on Socket/fallback/fallback-net
Aug 24 11:39:38 dhcpd: DHCPDISCOVER from 00:04:20:1a:8a:19 via vr1
Aug 24 11:39:39 dhcpd: DHCPOFFER on 172.16.7.240 to 00:04:20:1a:8a:19 (SqueezeboxController) via vr1
Aug 24 11:39:41 dhcpd: DHCPDISCOVER from 00:04:20:1a:8a:19 (SqueezeboxController) via vr1
Aug 24 11:39:41 dhcpd: DHCPOFFER on 172.16.7.240 to 00:04:20:1a:8a:19 (SqueezeboxController) via vr1
Aug 24 11:39:41 dhcpd: DHCPREQUEST for 172.16.7.240 (172.16.7.1) from 00:04:20:1a:8a:19 (SqueezeboxController) via vr1
Aug 24 11:39:41 dhcpd: DHCPACK on 172.16.7.240 to 00:04:20:1a:8a:19 (SqueezeboxController) via vr1

GruensFroeschli

Try setting the domain under general settings to something else than local.
Also you could try the complete name (server.domain.mynet)

HalNineThousand

@GruensFroeschli:

Try setting the domain under general settings to something else than local.
Also you could try the complete name (server.domain.mynet)

It makes no difference.  Still the same problems.

HalNineThousand

I can add to this that almost any program, other than host, does not get the system names from the DNS on PFSense.  I've tried experimenting, for instance:

[hal@polychrome:~]$ ping glenda
ping: cannot resolve glenda: Unknown host

wallabybob

Have you used dig to nslookup to see what nameserver gets invoked and then compared the output from different systems?

On my Linux netbook:

nslookup www.google.com

Server: 192.168.51.173
Address: 192.168.51.173#53

Non-authoritative answer:
www.google.com canonical name = www.l.google.com.
Name: www.l.google.com
Address: 66.102.11.104

A tcpdump specifying port 53 (DNS) could also be useful for understanding what is happening to particular DNS requests on particular systems. Does  # ping glenda even generate a DNS request  to the correct server?

HalNineThousand

I've been so busy I haven't had time to get back to this.

I spent a LOT of time I didn't have dealing with this, then, about two days ago, I tried to go back to the original system for DNS/DHCP and suddenly none of the computers could communicate at all – not even by IP address!

I pulled all the CAT5 from the main switch, except for the connection between my iMac and my firewall and they started talking and DNS was working.  Then I added one more computer, it worked, and I added the others in steps and now it's working.

Do systems in a LAN talk with each other or cache information that others can get?  Because now it's working perfectly, but it took pulling almost every system off the LAN to make it work.