Unknown host

guercheLE · June 25, 2023, 8:44pm

Anyone to the rescue? dig and nslookup work fine and return ip when I query hostname, but ping, ssh and others are able to connect only through ip. When I try using hostname always get "Unknown host"

luciano@MacBook-Air-de-Luciano ~ % dig srv1.grch.home

; <<>> DiG 9.10.6 <<>> srv1.grch.home
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31298
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232

;; QUESTION SECTION:
;srv1.grch.home. IN A

;; ANSWER SECTION:
srv1.grch.home. 0 IN A 192.168.31.254

;; Query time: 15 msec
;; SERVER: 192.168.31.233#53(192.168.31.233)
;; WHEN: Sun Jun 25 16:50:51 -03 2023
;; MSG SIZE rcvd: 59

luciano@MacBook-Air-de-Luciano ~ % nslookup srv1.grch.home
Server: 192.168.31.233
Address: 192.168.31.233#53

Name: srv1.grch.home
Address: 192.168.31.254

luciano@MacBook-Air-de-Luciano ~ % ping -c 4 srv.grch.home
ping: cannot resolve srv.grch.home: Unknown host

luciano@MacBook-Air-de-Luciano ~ % ping -c 4 192.168.31.254
PING 192.168.31.254 (192.168.31.254): 56 data bytes
64 bytes from 192.168.31.254: icmp_seq=0 ttl=64 time=14.095 ms
64 bytes from 192.168.31.254: icmp_seq=1 ttl=64 time=12.171 ms
64 bytes from 192.168.31.254: icmp_seq=2 ttl=64 time=13.771 ms
64 bytes from 192.168.31.254: icmp_seq=3 ttl=64 time=7.437 ms

--- 192.168.31.254 ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 7.437/11.868/14.095/2.660 ms
luciano@MacBook-Air-de-Luciano ~ %

deHakkelaar · June 25, 2023, 10:51pm

Tada:

Spot the differences

guercheLE · July 7, 2023, 2:04am

Sure you did spot a very small difference (ping was missing 1 after src). Fixed the typo, but problem persists. I guess it might be related to any firewall rule blocking traffic or any port not open or ICMP blocking, but haven't figured out it yet. Any way, thanks for replying.

lucianoguerche@fce26c1e82fc ~ % nslookup srv1.grch.home
Server: 192.168.31.224
Address: 192.168.31.224#53

Name: srv1.grch.home
Address: 192.168.31.254

lucianoguerche@fce26c1e82fc ~ % ping -c 4 srv1.grch.home
ping: cannot resolve srv1.grch.home: Unknown host
lucianoguerche@fce26c1e82fc ~ %

chrislph · July 7, 2023, 6:03am

Try

dig -x 192.168.31.254

and see if that returns srv1.grch.home or whether there is another suffix you weren't aware of, such as .lan

What is resolving these, is it a Pi-hole? In the first post the DNS is at 192.168.31.233 and in the last post it's at 192.168.31.224.

Bucking_Horn · July 7, 2023, 10:11am

ping uses additional methods of resolving hostnames, not just DNS (and for that same reason, ping would be inadequate for analysing DNS issues).

Sometimes, nslookup software is stubbornly refusing to use DNS.
You may try forcing a DNS lookup by appending a dot to your ping, e.g.

ping -c 1 srv1.grch.home.

But chrislph's observation is worth checking:
If the machine that ran your ping would be aware of multiple DNS servers, a given DNS request may hit any of those DNS servers, including one that would not know about srv1.grch.home (or how to filter and block unwanted domains).

You have to make sure that Pi-hole is the only DNS server for your client.

deHakkelaar · July 9, 2023, 6:26pm

When diagnosing DNS issues, you use nslookup or dig AND check the logs:

pihole -t

What does above show when do the nslookup compared to the ping?

I also suspect its got to do with the search/suffix domain mentioned earlier already.
On that lucianoguerche@fce26c1e82fc host, what domains are displayed when run below two?

dnsdomainname

cat /etc/resolv.conf

guercheLE · July 10, 2023, 2:28am

Hi Chris,

It is Pi-hole which is resolving it. The pi-hole ip address has changed because I made some adjustments on my router static's ip address allocations.

I am sending below the results:

lucianoguerche@fce26c1e82fc ~ % lucianoguerche@fce26c1e82fc ~ % dig srv1.grch.lan

; <<>> DiG 9.10.6 <<>> srv1.grch.lan
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29407
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;srv1.grch.lan.                 IN      A

;; ANSWER SECTION:
srv1.grch.lan.          0       IN      A       192.168.31.254

;; Query time: 14 msec
;; SERVER: 192.168.31.224#53(192.168.31.224)
;; WHEN: Sun Jul 09 23:26:51 -03 2023
;; MSG SIZE  rcvd: 58

lucianoguerche@fce26c1e82fc ~ % dig -x 192.168.31.254

; <<>> DiG 9.10.6 <<>> -x 192.168.31.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50186
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;254.31.168.192.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
254.31.168.192.in-addr.arpa. 0  IN      PTR     22faf8ae3ad6.

;; Query time: 52 msec
;; SERVER: fe80::a639:b3ff:feb7:4585%12#53(fe80::a639:b3ff:feb7:4585%12)
;; WHEN: Sun Jul 09 23:26:55 -03 2023
;; MSG SIZE  rcvd: 82

lucianoguerche@fce26c1e82fc ~ %

guercheLE · July 10, 2023, 2:32am

Hi Buck,

Pi-hole is the only DNS server I enlisted on my router.

Tried what you asked me for, but to no success

lucianoguerche@fce26c1e82fc ~ % ping -c 1 srv1.grch.home.

ping: cannot resolve srv1.grch.home.: Unknown host

lucianoguerche@fce26c1e82fc ~ %

guercheLE · July 10, 2023, 2:46am

Hi,

I wasn't checking the logs. Following is what I got from the logs

For nslookup:
02:35:32: query[A] srv1.grch.lan from 192.168.31.251
02:35:32: /etc/pihole/custom.list srv1.grch.lan is 192.168.31.254

When I run ping, no new entries are written to the log

When I try running dnsdomainname, I get:

lucianoguerche@fce26c1e82fc ~ % dnsdomainname

zsh: command not found: dnsdomainname

lucianoguerche@fce26c1e82fc ~ %

And resolv.conf

lucianoguerche@fce26c1e82fc ~ % cat /etc/resolv.conf

#
# macOS Notice
#
# This file is not consulted for DNS hostname resolution, address
# resolution, or the DNS query routing mechanism used by most
# processes on this system.
#
# To view the DNS configuration used by this system, use:
# scutil --dns
#
# SEE ALSO
# dns-sd(1), scutil(8)
#
# This file is automatically generated.
#
nameserver fe80::a639:b3ff:feb7:4585%en0
nameserver 192.168.31.224
nameserver 192.168.31.42

lucianoguerche@fce26c1e82fc ~ %

Above are my two pi-holes, but I have no idea where this fe80::a639:b3ff:feb7:4585%en0 entry came from. I will try to take it out and see if it fixes the problem.

guercheLE · July 10, 2023, 2:49am

When I run scutil --dns, I get:

lucianoguerche@fce26c1e82fc ~ % scutil --dns
DNS configuration

resolver #1
nameserver[0] : fe80::a639:b3ff:feb7:4585%12d
nameserver[1] : 192.168.31.224
nameserver[2] : 192.168.31.42
if_index : 12 (en0)
flags : Request A records, Request AAAA records
reach : 0x00020002 (Reachable,Directly Reachable Address)

resolver #2
domain : local
options : mdns
timeout : 5
flags : Request A records, Request AAAA records
reach : 0x00000000 (Not Reachable)
order : 300000

resolver #3
domain : 254.169.in-addr.arpa
options : mdns
timeout : 5
flags : Request A records, Request AAAA records
reach : 0x00000000 (Not Reachable)
order : 300200

resolver #4
domain : 8.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records, Request AAAA records
reach : 0x00000000 (Not Reachable)
order : 300400

resolver #5
domain : 9.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records, Request AAAA records
reach : 0x00000000 (Not Reachable)
order : 300600

resolver #6
domain : a.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records, Request AAAA records
reach : 0x00000000 (Not Reachable)
order : 300800

resolver #7
domain : b.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records, Request AAAA records
reach : 0x00000000 (Not Reachable)
order : 301000

DNS configuration (for scoped queries)

resolver #1
nameserver[0] : fe80::a639:b3ff:feb7:4585%12d
nameserver[1] : 192.168.31.224
nameserver[2] : 192.168.31.42
if_index : 12 (en0)
flags : Scoped, Request A records, Request AAAA records
reach : 0x00020002 (Reachable,Directly Reachable Address)
lucianoguerche@fce26c1e82fc ~ %

guercheLE · July 10, 2023, 2:57am

The actual problem I faced and which made me resort to dig, nslookup and dig (the tools I know little about), is that I have cockpit (http://cockpit-project.org/) on srv1.grch.lan on port 9090 and when I tried to open it on safari, safari alway said it could not open the page because it did not find the server.

guercheLE · July 10, 2023, 2:59am

I just tried opening https://srv1.grch.lan:9090/ again on Safari and got same error, but on Google Chrome it worked fine.

guercheLE · July 10, 2023, 3:35am

I just figured out fe80::a639:b3ff:feb7:4585 is my wireless router ipv6 address. It seems Safari and ping are asking for ipv6 and for that matter, it is requesting to the wireless router instead of the piholes. Have no idea on how to fix it. Do pi-holes answer to ipv6 requests? If so, how to configure in a way not to request to the wireless router but to the pinholes?

Bucking_Horn · July 10, 2023, 11:35am

That does not seem to be the case:

Your router is advertising its own IPv6 address as DNS server, allowing your IPv6-capable clients to by-pass Pi-hole.

You'd have to find a way to configure your router to advertise your Pi-hole host machine's IPv6 as DNS server or to stop advertising its own.

You'd have to consult your router's documentation sources on further details for its IPv6 configuration options.

If your router doesn't support configuring IPv6 DNS, you could consider disabling IPv6 altogether.

If your router doesn't support that either, your clients will always be able to bypass Pi-hole via IPv6.

guercheLE · July 10, 2023, 8:41pm

Registered pinholes as ipv6 dns servers and problem has gone.

::ffff:192.168.31.224
::ffff:192.168.31.42

guercheLE · July 10, 2023, 8:41pm

Thanks everybody for your help.

deHakkelaar · July 10, 2023, 11:27pm

Whats whit this "pinhole"?
You're not the first

https://discourse.pi-hole.net/search?q=pinhole