Send Bristol mailing list submissions to
bristol@mailman.lug.org.uk
To subscribe or unsubscribe via the World Wide Web, visit
https://mailman.lug.org.uk/mailman/listinfo/bristol
or, via email, send a message with subject or body 'help' to
bristol-request@mailman.lug.org.uk
You can reach the person managing the list at
bristol-owner@mailman.lug.org.uk
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Bristol digest..."
Today's Topics:
1. Re: Mysterious DNS problem (Y Martin)
2. Re: Mysterious DNS problem (Y Martin)
3. Re: Mysterious DNS problem (Amias Channer)
----------------------------------------------------------------------
Message: 1
Date: Sun, 19 Oct 2014 12:46:52 +0000
From: Y Martin <ym2013@riseup.net>
To: Bristol and Bath Linux User Group <bristol@mailman.lug.org.uk>
Subject: Re: [bristol] Mysterious DNS problem
Message-ID: <5443B2BC.5060001@riseup.net>
Content-Type: text/plain; charset=ISO-8859-1
Hi Ian
Thank you for your reply. Yes bitmask is a better implemention of
encrypted communication because I believe in giving our Article 12 Human
Right to privacy a healthy exercise (use 'em or lose 'em!)
Sorry, I should have mentioned that I have uninstalled bitmask but the
problem persists.
So I am trying to find out what bitmask has changed in my DNS
configuration and how to undo it :-(
ohh dear, the price we pay for privacy!!!
Sincerely,
Yousef
Ian Plain:
> Lets get this right Bitmask is not a "VPN" program in they way most people
> would think it, you have installed a encryption program to hide what you
> are doing for some reason.
>
> it clearly states that DNS WONT use public DNS servers .
> https://bitmask.net/en/help/vpn/linux#dns
>
> As they say
>
> "For these reasons, Bitmask will ensure that all DNS requests that your
> computer makes are rerouted to the DNS server of the provider."
>
> so there is your prolem
>
>
>
>
> On 17 October 2014 20:36, Y Martin <ym2013@riseup.net> wrote:
>
>> Hi
>>
>> I've had a mysterious problem with DNS on my Debian PC not working for
>> over a week now and I havent been able to fix it :-(
>>
>> I was wondering if there is someone out there that can shine a light on
>> this mystery for me.
>>
>> It happened after I installed the VPN program called bitmask and this
>> bitmask wiki page makes me think it is the culpret:
>> https://bitmask.net/en/help/vpn/linux#dns
>> I lodged a bitmask bug report https://leap.se/code/issues/6197
>>
>> So I can ping IPs (eg. 8.8.8.8) but not URLs ("ping: unknown host
>> www.google.com").
>> ----------------------------------------------------------------------
>> Dig and nslookup dont seem to work:
>>
>> $ dig www.google.com
>> ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> www.google.com
>> ;; global options: +cmd
>> ;; connection timed out; no servers could be reached
>>
>> $ nslookup www.google.com
>> ;; connection timed out; no servers could be reached
>> ----------------------------------------------------------------------
>> My /etc/nsswitch.conf seems fine:
>>
>> passwd: compat
>> group: compat
>> shadow: compat
>> hosts: files dns
>> networks: files
>> protocols: db files
>> services: db files
>> ethers: db files
>> rpc: db files
>> netgroup: nis
>> ----------------------------------------------------------------------
>> I thought dpkg restoring default settings might help but it didnt:
>>
>> dpkg-reconfigure isc-dhcp-client
>> dpkg-reconfigure bind9
>> ----------------------------------------------------------------------
>> iptables isnt dropping anything on port 53
>> ----------------------------------------------------------------------
>>
>> By the way, my /etc/resolve.conf is:
>> nameserver 192.168.1.123 #this is my router
>>
>> but Ive tried:
>> nameserver 8.8.8.8 #still doesnt work :-(
>>
>> ----------------------------------------------------------------------
>>
>> Im beginning to wonder if there is such a thing as DNS gods that I
>> should have made some prayers and offerings to. Can anyone shine a light
>> on things?
>>
>> Yours hopefully,
>>
>> Yousef
>>
>> _______________________________________________
>> Bristol mailing list
>> Bristol@mailman.lug.org.uk
>> https://mailman.lug.org.uk/mailman/listinfo/bristol
>>
>
>
>
>
>
> This body part will be downloaded on demand.
>
------------------------------
Message: 2
Date: Mon, 20 Oct 2014 10:04:16 +0000
From: Y Martin <ym2013@riseup.net>
To: Bristol and Bath Linux User Group <bristol@mailman.lug.org.uk>
Subject: Re: [bristol] Mysterious DNS problem
Message-ID: <5444DE20.2030303@riseup.net>
Content-Type: text/plain; charset=ISO-8859-1
Hi Martin
Sorry for the delay in getting back to you. Ive been a bit unwell. Here
is the output of 'route' and 'ifconfig':
$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
default 192.168.1.123 0.0.0.0 UG 0 0 0 eth1
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
$ ifconfig
eth1 Link encap:Ethernet HWaddr 00:1c:ac:98:17:f2
inet addr:192.168.1.136 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::21c:acff:fe98:17f2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1687 errors:0 dropped:0 overruns:0 frame:0
TX packets:1594 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1868346 (1.7 MiB) TX bytes:378434 (369.5 KiB)
Interrupt:19 Base address:0xe000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2329 errors:0 dropped:0 overruns:0 frame:0
TX packets:2329 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:877136 (856.5 KiB) TX bytes:877136 (856.5 KiB)
192.168.1.123 is my router which is attached to the ADSL router in the
house. 192.168.1.123 does have some iptables rules. I have tried my
internet without it but DNS still doesnt work. Another PC connected to
192.168.1.123 works fine (DNS lookups, internet etc). But perhaps I
should take 192.168.1.123 out of the equation when posting outputs to
you to keep things simple.
Best wishes,
Yousef
Martin Habets:
> Hi,
>
> Check the output of route and ifconfig. Maybe you're encased in a VPN
> due to the bitmask thing (which I'm not familiar with).
>
> Martin
>
> On Fri, Oct 17, 2014 at 07:36:09PM +0000, Y Martin wrote:
>> Hi
>>
>> I've had a mysterious problem with DNS on my Debian PC not working for
>> over a week now and I havent been able to fix it :-(
>>
>> I was wondering if there is someone out there that can shine a light on
>> this mystery for me.
>>
>> It happened after I installed the VPN program called bitmask and this
>> bitmask wiki page makes me think it is the culpret:
>> https://bitmask.net/en/help/vpn/linux#dns
>> I lodged a bitmask bug report https://leap.se/code/issues/6197
>>
>> So I can ping IPs (eg. 8.8.8.8) but not URLs ("ping: unknown host
>> www.google.com").
>> ----------------------------------------------------------------------
>> Dig and nslookup dont seem to work:
>>
>> $ dig www.google.com
>> ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> www.google.com
>> ;; global options: +cmd
>> ;; connection timed out; no servers could be reached
>>
>> $ nslookup www.google.com
>> ;; connection timed out; no servers could be reached
>> ----------------------------------------------------------------------
>> My /etc/nsswitch.conf seems fine:
>>
>> passwd: compat
>> group: compat
>> shadow: compat
>> hosts: files dns
>> networks: files
>> protocols: db files
>> services: db files
>> ethers: db files
>> rpc: db files
>> netgroup: nis
>> ----------------------------------------------------------------------
>> I thought dpkg restoring default settings might help but it didnt:
>>
>> dpkg-reconfigure isc-dhcp-client
>> dpkg-reconfigure bind9
>> ----------------------------------------------------------------------
>> iptables isnt dropping anything on port 53
>> ----------------------------------------------------------------------
>>
>> By the way, my /etc/resolve.conf is:
>> nameserver 192.168.1.123 #this is my router
>>
>> but Ive tried:
>> nameserver 8.8.8.8 #still doesnt work :-(
>>
>> ----------------------------------------------------------------------
>>
>> Im beginning to wonder if there is such a thing as DNS gods that I
>> should have made some prayers and offerings to. Can anyone shine a light
>> on things?
>>
>> Yours hopefully,
>>
>> Yousef
>>
>> _______________________________________________
>> Bristol mailing list
>> Bristol@mailman.lug.org.uk
>> https://mailman.lug.org.uk/mailman/listinfo/bristol
>
> _______________________________________________
> Bristol mailing list
> Bristol@mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/bristol
>
------------------------------
Message: 3
Date: Mon, 20 Oct 2014 11:44:08 +0100
From: Amias Channer <me@amias.net>
To: Bristol and Bath Linux User Group <bristol@mailman.lug.org.uk>
Subject: Re: [bristol] Mysterious DNS problem
Message-ID:
<CAMgU7XU3-C1JkJ438YXgCzuiTiBwPF31xuCUrOzGr9wbBk4YdA@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Hello Martin,
Whats the DNS server specified at the VPN endpoint and why are you not
using that ? i suspect the VPN endpoint is not allowing you to use a
public DNS server because it almost certainly won't resolve hostnames for
machines inside the VPN or any way to find them out and secondly to prevent
leaking of DNS queries that could compromise the security of the VPN by
disclosing where you are trying to get to.
DNS is a public facing service so if you are using a private network you
need private DNS.
Cheers
Amias
On 20 October 2014 11:04, Y Martin <ym2013@riseup.net> wrote:
> Hi Martin
>
> Sorry for the delay in getting back to you. Ive been a bit unwell. Here
> is the output of 'route' and 'ifconfig':
>
> $ route
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> default 192.168.1.123 0.0.0.0 UG 0 0 0
> eth1
> 192.168.1.0 * 255.255.255.0 U 0 0 0
> eth1
>
> $ ifconfig
> eth1 Link encap:Ethernet HWaddr 00:1c:ac:98:17:f2
> inet addr:192.168.1.136 Bcast:192.168.1.255 Mask:255.255.255.0
> inet6 addr: fe80::21c:acff:fe98:17f2/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:1687 errors:0 dropped:0 overruns:0 frame:0
> TX packets:1594 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:1868346 (1.7 MiB) TX bytes:378434 (369.5 KiB)
> Interrupt:19 Base address:0xe000
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> inet6 addr: ::1/128 Scope:Host
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:2329 errors:0 dropped:0 overruns:0 frame:0
> TX packets:2329 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:877136 (856.5 KiB) TX bytes:877136 (856.5 KiB)
>
>
> 192.168.1.123 is my router which is attached to the ADSL router in the
> house. 192.168.1.123 does have some iptables rules. I have tried my
> internet without it but DNS still doesnt work. Another PC connected to
> 192.168.1.123 works fine (DNS lookups, internet etc). But perhaps I
> should take 192.168.1.123 out of the equation when posting outputs to
> you to keep things simple.
>
> Best wishes,
>
> Yousef
>
>
> Martin Habets:
> > Hi,
> >
> > Check the output of route and ifconfig. Maybe you're encased in a VPN
> > due to the bitmask thing (which I'm not familiar with).
> >
> > Martin
> >
> > On Fri, Oct 17, 2014 at 07:36:09PM +0000, Y Martin wrote:
> >> Hi
> >>
> >> I've had a mysterious problem with DNS on my Debian PC not working for
> >> over a week now and I havent been able to fix it :-(
> >>
> >> I was wondering if there is someone out there that can shine a light on
> >> this mystery for me.
> >>
> >> It happened after I installed the VPN program called bitmask and this
> >> bitmask wiki page makes me think it is the culpret:
> >> https://bitmask.net/en/help/vpn/linux#dns
> >> I lodged a bitmask bug report https://leap.se/code/issues/6197
> >>
> >> So I can ping IPs (eg. 8.8.8.8) but not URLs ("ping: unknown host
> >> www.google.com").
> >> ----------------------------------------------------------------------
> >> Dig and nslookup dont seem to work:
> >>
> >> $ dig www.google.com
> >> ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> www.google.com
> >> ;; global options: +cmd
> >> ;; connection timed out; no servers could be reached
> >>
> >> $ nslookup www.google.com
> >> ;; connection timed out; no servers could be reached
> >> ----------------------------------------------------------------------
> >> My /etc/nsswitch.conf seems fine:
> >>
> >> passwd: compat
> >> group: compat
> >> shadow: compat
> >> hosts: files dns
> >> networks: files
> >> protocols: db files
> >> services: db files
> >> ethers: db files
> >> rpc: db files
> >> netgroup: nis
> >> ----------------------------------------------------------------------
> >> I thought dpkg restoring default settings might help but it didnt:
> >>
> >> dpkg-reconfigure isc-dhcp-client
> >> dpkg-reconfigure bind9
> >> ----------------------------------------------------------------------
> >> iptables isnt dropping anything on port 53
> >> ----------------------------------------------------------------------
> >>
> >> By the way, my /etc/resolve.conf is:
> >> nameserver 192.168.1.123 #this is my router
> >>
> >> but Ive tried:
> >> nameserver 8.8.8.8 #still doesnt work :-(
> >>
> >> ----------------------------------------------------------------------
> >>
> >> Im beginning to wonder if there is such a thing as DNS gods that I
> >> should have made some prayers and offerings to. Can anyone shine a light
> >> on things?
> >>
> >> Yours hopefully,
> >>
> >> Yousef
> >>
> >> _______________________________________________
> >> Bristol mailing list
> >> Bristol@mailman.lug.org.uk
> >> https://mailman.lug.org.uk/mailman/listinfo/bristol
> >
> > _______________________________________________
> > Bristol mailing list
> > Bristol@mailman.lug.org.uk
> > https://mailman.lug.org.uk/mailman/listinfo/bristol
> >
>
> _______________________________________________
> Bristol mailing list
> Bristol@mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/bristol
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.lug.org.uk/mailman/private/bristol/attachments/20141020/383f07be/attachment.html>
------------------------------
_______________________________________________
Bristol mailing list
Bristol@mailman.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/bristol
End of Bristol Digest, Vol 573, Issue 1
***************************************
Tidak ada komentar:
Posting Komentar