1

I have the following problem:
if I ping a non existent domain name I get a reply from an IP address
# ping nosuchdomain.common PING nosuchdomain.common.myrealdomain.com (192.168.1.1) 56(84) bytes of data. 64 bytes from myrealdomain.com (192.168.1.1): icmp_req=1 ttl=59 time=0.184 ms

Anyway, what I would want to happen would be to have the resolver work like this
#ping nosuchdomain.common ping: unknown host nosuchdomain.common

My /etc/resolv.conf looks like this now:
# nameserver config nameserver 8.8.8.8

Any idea where I should look to make the resolver return "unknown host"?

Alex Flo
  • 1,761
  • 3
  • 18
  • 23
  • You have so obfuscated this question that it's hard to answer. It implies that you have embedded `192.168` addresses in your public DNS; that's possible, but unlikely, which makes me wonder which of the above data can be relied on. Please strongly consider de-obfuscating your question. – MadHatter Mar 27 '14 at 10:04
  • Sorry I didn't believe the real data was relevant, it is like this # ping sajnkjgabk.caomdas PING sajnkjgabk.caomdas.geek-tools.org (144.76.100.150) 56(84) bytes of data. 64 bytes from siteintel.net (144.76.100.150): icmp_req=1 ttl=59 time=0.410 ms – Alex Flo Mar 27 '14 at 10:09
  • OK, thanks. I'm not a debian user, but are you by any chance running `nscd`? – MadHatter Mar 27 '14 at 10:24
  • no, it isn't started. – Alex Flo Mar 27 '14 at 10:39
  • That disposes of that hypothesis. Just on another offchance, could you **edit into your question** the outputs of `grep hosts /etc/nsswitch.conf` and `grep caomdas /etc/hosts`? – MadHatter Mar 27 '14 at 10:48
  • @MadHatter `grep hosts /etc/nsswitch.conf hosts: files dns`. The other one does not return anything – Alex Flo Mar 27 '14 at 11:38

2 Answers2

1

Normaly you should end a Domain Name with a dot, if you don't do this your resolver try to attach a search Domain from you network config (for example from DHCP)

Your example with nosuchdomain.common should be written as nosuchdomain.common.

To find out the reason where is set the search domain, you can use a static IP and set a different DNS Server and than you should not get a search domain. You should check you /etc/network/interfaces config for a search-domain parameter:

#/etc/network/interfaces 
# The primary network interface
auto eth0
iface eth0 inet static
    address 192.168.1.100
    netmask 255.255.255.0
    gateway 192.168.1.1
    dns-nameservers 8.8.8.8
    dns-search myrealdomain.com
kockiren
  • 886
  • 3
  • 14
  • 37
  • well, I would like the resolver not to add the domain at the end. I knew that this was configurable from /etc/resolv.conf but there I have not such domain defined. – Alex Flo Mar 27 '14 at 10:41
  • Right, kockiren, but (s)he's posted his/her name server config and there's no domain search order listed. – MadHatter Mar 27 '14 at 10:47
  • Okay can you do a ls -lah |grep resolv of your /etc folder? What client you have? Do you use DHCP or static IP? Do you use a DNS rewrite on you DNS Server? – kockiren Mar 27 '14 at 10:47
  • It is possible to set multiple resolver conf so it can happened that you resolve.conf has not that config part but the other one use a search domain. – kockiren Mar 27 '14 at 10:49
  • `ls -lah |grep resolv drwxr-xr-x 3 root root 4.0K Nov 27 13:58 resolvconf -rw-r--r-- 1 root root 268 Mar 27 10:44 resolv.conf` – Alex Flo Mar 27 '14 at 11:28
  • As far as I can tell I use a statically defined IP address (defined in /etc/network/interfaces) and there is no dhcp-related process running. I am not aware of a DNS rewrite (not sure what that is) but I am also not aware what this could have to do with my resolver issue? – Alex Flo Mar 27 '14 at 11:35
  • @kockiren how can I check this multiple-resolver possibility? – Alex Flo Mar 27 '14 at 11:36
  • I use a pfsense firewall and I can rewrite every DNS request who run over the Gateway. There I can add a Domain to every request. What Gateway you use? What DNS Server you use? – kockiren Mar 27 '14 at 11:47
  • 1
    What are the contents of the files in `/etc/resolvconf/resolv.conf.d` (**please, please, paste these into your question - don't add them as comments**)? – MadHatter Mar 27 '14 at 12:48
  • @MadHatterthere is no such file/directory inside `/etc/resolvconf` – Alex Flo Mar 27 '14 at 12:56
  • @kockiren I see. I don't use a DNS on this server, I just connect to 8.8.8.8 to resolve the domain names. Also as firewall is a simple iptables so that's not an issue. – Alex Flo Mar 27 '14 at 13:00
  • And what is the Content of /etc/network/interfaces? – kockiren Mar 27 '14 at 13:11
  • @kockiren please see my solution to this. – Alex Flo Mar 27 '14 at 15:25
1

Thanks all for your suggestions, I accidentally found a solution to my problem and that is to explicitly add this line in /etc/resolv.conf
search .com
Once I did this it started working as expected.
I guess the resolver has a default search as the domain of what is defined in /etc/hostname to which it adds whatever domain it cannot resolve directly.
And as my DNS for this domain was configured with wildcard it explains why the made up domains were resolved to a certain IP.

Alex Flo
  • 1,761
  • 3
  • 18
  • 23