PDA

View Full Version : DNS slow Internet / no access




iampaulb
Feb 3, 2013, 12:55 PM
I have tried to set my DNS up on my server a few times but always fall short of a super slow internet connection or no internet access at all.

i have set it up with a .local address for the time being so its working with super speedy downloads and net surfing.

when its set up with a .private address and i turn the DNS on it becomes very slow and sometimes doesnt even get to a loaded page.

i have put 3 forwarding IPs 1 is the one which DNS adds. its the 127.0.0.1 i think..then the two which i have from network setup when dhcp is turned on.

but everything is still mega slow or unresponsive...any ideas?



switon
Feb 3, 2013, 09:02 PM
Hi lampaulb,

When your Internet is slow when you are running your own DNS server generally means that your DNS configuration was not done properly...thus your DNS service has to "time out" first before the queries are passed "up stream" to a DNS server on the Internet which then fills the requests. This make your Internet appear unusually slow.

Are you positive that your DNS names are FQDNs? That is, does the Machine Name end in a "dot", as in something like: "MyAppleTV.MyHomeServer.private." ? If not, then you need to resetup your DNS service.

Regards,
Switon

iampaulb
Feb 4, 2013, 01:52 AM
yup. my server name was server.bazinga.private.

Is it something to do with the router config you reckon? I havent properly looked into that idea you gave me about dyndns. Maybe i should go for a trail first and see what i can sort out.

switon
Feb 4, 2013, 08:22 AM
Hi iampaulb,

If I were you, I would sort out your DHCP/DNS/router problems first before trying the dynamic dns thing. Dyndns.com or no-ip.com will provide you with a dynamic domainname so that you can access your home server from anywhere on the Internet, but I think you will appreciate running your own DNS server for local hostnames and as a caching DNS server. And once you get DNS working, then you might think about OD and Kerberos that will provide you with networked accounts and the ability to only type your password once and have Kerberos take care of additional password requests. But first your DNS has to be working properly.

You might look at your log files to see if there are any errors or warning, and they may tell you what the problem is. Is there a conflict between your DHCP and DNS? Does your server have a "reverse zone"? Do your other devices have a proper reverse zone? Have you stopped and restarted your DNS server? Have you cleared the cache of your DNS server? Can you ping a device on your LAN using your DNS service, say "ping MyMBP.MyHomeServer.private"?

Regards,
Switon

iampaulb
Feb 4, 2013, 01:28 PM
swinton my internet is now working fine

I have used the changehostname in terminal and got

Primary address = 192.168.10.100

Current HostName = home.bazinga.prv
DNS HostName = home.bazinga.prv

The names match. There is nothing to change.
dirserv:success = "success"
home:~ administrator$

and witht he look up i got this via the IP -

Lookup has started…

Trying "100.10.168.192.in-addr.arpa"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57552
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; QUESTION SECTION:
;100.10.168.192.in-addr.arpa. IN PTR

;; ANSWER SECTION:
100.10.168.192.in-addr.arpa. 10800 IN PTR home.bazinga.prv.

;; AUTHORITY SECTION:
10.168.192.in-addr.arpa. 10800 IN NS home.bazinga.prv.

;; ADDITIONAL SECTION:
home.bazinga.prv. 10800 IN A 192.168.10.100
home.bazinga.prv. 10800 IN AAAA fe80::922b:34ff:fed1:ad6

Received 133 bytes from 127.0.0.1#53 in 2 ms

and this via the hostname

Lookup has started…

Trying "home.bazinga.prv"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19162
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;home.bazinga.prv. IN ANY

;; ANSWER SECTION:
home.bazinga.prv. 10800 IN A 192.168.10.100
home.bazinga.prv. 10800 IN AAAA fe80::922b:34ff:fed1:ad6

;; AUTHORITY SECTION:
bazinga.prv. 10800 IN NS home.bazinga.prv.

Received 92 bytes from 127.0.0.1#53 in 0 ms

i have set up the DNS using this...http://www.justinrummel.com/10-8-mountain-lion-server-dns/

but i cant ping the hostname...any ideas?

switon
Feb 4, 2013, 02:41 PM
Hi iampaulb,

It looks like your DNS is working...but maybe you need to do a:

sudo scutil --set HostName home.bazinga.prv


Can you ping 192.168.10.100? Do you have "stealth" mode turned on? If so, then your machine won't replay to echo requests.

While it looks like your DNS is working, let's check again:


ifconfig
route -v get home.bazinga.prv
host -v 192.168.10.100
host -v home.bazinga.prv
hostname
sudo changeip -checkhostname


If everything checks out, then it should work. Can you SSH to home.bazinga.prv?

ssh username@home.bazinga.prv


Regards,
Switon

iampaulb
Feb 4, 2013, 04:01 PM
If everything checks out, then it should work. Can you SSH to home.bazinga.prv?

ssh username@home.bazinga.prv


Regards,
Switon

Last login: Mon Feb 4 22:12:50 on console
home:~ administrator$ ssh administrator@home.bazinga.prv
Password:
Last login: Mon Feb 4 22:43:35 2013
home:~ administrator$ ssh paul@home.bazinga.prv
Password:
Password:
Password:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,keyboard-interactive).
home:~ administrator$

i got this...the local administrator account worked but the local network account paul (which is allowed to administer the server) the password i used for the account doesnt work. Which is strange...

I also tried the following:

home:~ administrator$ ssh administrator@home.bazinga.prv
Password:
Last login: Mon Feb 4 22:48:59 2013
home:~ administrator$ ssh administrator@bazinga.prv
ssh: Could not resolve hostname bazinga.prv: nodename nor servname provided, or not known
home:~ administrator$

I pinged the IP and it works prefectly the host name though doesnt..

few screen dumps for you.

iampaulb
Feb 4, 2013, 04:55 PM
when i try to access the host name via the web i get the first

and the ip is the second...I may need to create a trust ssl cert?

And also when accessing the host name from the web "on the server" it works?

PS: thanks for all your help...maybe some amazon vouchers coming your way

switon
Feb 4, 2013, 08:01 PM
Hi,

Did you do the scutil command that I listed above?

What happens if you do "ssh username@192.168.10.100" ?

Switon

iampaulb
Feb 4, 2013, 08:29 PM
Last login: Mon Feb 4 23:19:37 on console
home:~ administrator$ ssh administrator@192.168.10.100
Password:
Last login: Tue Feb 5 02:26:50 2013
home:~ administrator$

This is all that happened, i put my password in and it returned to the administration$

home:~ administrator$ sudo scutil --set HostName home.bazinga.prv
Password:
home:~ administrator$

switon
Feb 4, 2013, 08:57 PM
Hi iampaulb,

Yes, I was just checking that SSH was working. What you did was login using ssh creating a new login session...it looks the same as the one you ssh-ed from, but if you now do an "exit" at the prompt it should exit your new ssh session and return to your old terminal session, thereby showing you that indeed you have established a new ssh session. In other words, it didn't just return to the same administrator session.

Or, you could also ssh to your other username, say you are logged in as "administrator", then you could "ssh paul@192.168.10.100" and check that the "paul" account also has Remote Login permission.

Well, with ssh working we are back to figuring out why DNS is not working. When you first setup your Server, did you follow the instructions and setup a SSL certificate and everything? If not, why don't you do that now.

Switon

switon
Feb 4, 2013, 09:27 PM
This is all that happened, i put my password


What is running your DHCP? Is your server or is your router?

Add your router or other device to your DNS, say something like "router.bazinga.prv". Can you then "ping router.bazinga.prv"? Can you ping your router's LAN IP address? Can you ping your router's Internet IP address?

Flush your DNS cache:
dscacheutil -flushcache

Restart your DNS service. (Perhaps even reboot your server.)

Do:

ifconfig
route -v get home.bazinga.prv
host -v 192.168.10.100
host -v home.bazinga.prv
hostname
sudo changeip -checkhostname
networksetup -listallnetworkservices
networksetup -getdnsservers "Ethernet"
netstat -nr
scutil --dns
sudo serveradmin fullstatus dns


And why don't you Private Message me the results instead of putting up screenshots on this forum...

Switon

iampaulb
Feb 5, 2013, 01:53 AM
Swinton. after much dreaming and tossing and turning last night i think i borked my server! lol

So going home after work giving it a rebuild and ill try everything again and let you know how i get on. Didnt think of posting the route as a DNS entry but yes the route deals with the DHCP

PS: Can a host name be anything if you are setting up the name under a domain?

home.bazinga.p
bazinga.prv
bazin.ga
bazinga.uk

are what i have come up with. but havent bought them from a hosting company

switon
Feb 5, 2013, 06:24 AM
Hi iampaulb,

Domain names must be FQDNs, so this is a slight restriction (limits to number of characters and what characters can be used and delimited by dots). Whatever company you purchase your Internet domain name from may have further restrictions. The top level domain (the ".com" portion) of the domain name is controlled by the IANA and restricted to be from a set of possibilities (these used to be much more restrictive than they are today). And, of course, you can't pick a domain name that is already in use.

On the other hand, the domain name that you choose for your internal LAN is pretty much open, the only requirement being that it be a FQDN so BIND will work.

Give your router a name on your LAN. If you have any other devices connected to your local network, give them names also, such as your network switches, laptops, NASes, iPhones, iPads, AppleTVs, smartphones, DLNA devices, printers, etc. Setup your DNS server with all of these names. Make sure you don't have a conflict with two different DHCP services running, say your router and your server.

This will work, and you will enjoy the ability to VPN into your LAN from the Internet, the setup just has a steep initial energy barrier that has to be climbed.

Good luck,
Switon

P.S. If, after starting over with your server you still are having troubles, then execute the "information" commands that I listed in my last post and send them to me by PM.

iampaulb
Feb 5, 2013, 06:32 AM
ok so name all my devices in my dns. ok ill give that a go.

"can you give me some examples please" as the devices wont have static Ip's or am i over thinking it?

Yeah going to start all over, i have a pci-e card coming today so i can add an extra TB of space.

So might as well rebuild the OS with the usb stick i got it only takes 30mins and all the important stuff is on the other drives. but ill let you know how i get on.

Or i can post your my email via PM