In some cases we notice that the SSH login does not work or is very slow when logging into Linux hosts. Often times these issues happen due to DNS issues where DNS lookup is failing or is taking longer time than expected. Below are some of the steps which can be executed to find if there is an issue with the DNS lookup in the environment.
1. Gather the DNS Servers list which is configured on the Linux Machines. The list can be obtained from /etc/resolv.conf file. Below is command to run.
You will see entries as follows in the file. In this example lets assume DNS server IP as 10.10.20.20 and DNS server name as testing.com.
2. Gather the IP address and hostname of the Linux machine which has issues by looking into /etc/hosts. lets assume hostname of the VM is testvm and IP is 10.10.10.10
3. Ping the DNS servers to see if they are reachable.
4. Run nslookup command as follows on the IP address and hostname of Linux Hosts which have issues. Below is command.
In a working DNS environment you should be seeing Name and Address of the Server to which you are doing nslookup.
You should NOT be seeing outputs from nslookup command which shows connection timedout, no servers count not be reached (or) IP address and hostname of Linux host being listed under "Non-authoritative answer". Below are sample outputs which shows these errors which are red flags.
Name: testvm.testing.com
Address: 10.10.10.10
5. Now run dig command with -x option on Linux VM hostname and IP address which has issues. Below is command.
Check if Query time in the output (highlighted below in sample output). In a working DNS environment querytime should be in milliseconds.
If there are issues with DNS the query time will be more or we will see connection timed out or no servers could be reached errors as follows:
6. Now run below nslookup with -debug option on the Linux Host which has DNS issues.
Above command will do nslookup and provide the output in question and answer section as follows in working DNS environment.
You should not be seeing the Linux host IP address and hostname in "Non-authoritative answer:" of above command. For example as shown in below output. This indicates that there is some issues with DNS configuration.
Above steps will help to check if there are DNS issues in the environment. Below are few additional commands which can be used as well for troubleshooting the DNS issues.
All Linux Operating Systems
https://www.cloudns.net/blog/10-most-used-nslookup-commands/
1. Gather the DNS Servers list which is configured on the Linux Machines. The list can be obtained from /etc/resolv.conf file. Below is command to run.
cat /etc/resolv.conf
You will see entries as follows in the file. In this example lets assume DNS server IP as 10.10.20.20 and DNS server name as testing.com.
search testing.com
nameserver 10.10.20.20
nameserver 10.10.20.20
2. Gather the IP address and hostname of the Linux machine which has issues by looking into /etc/hosts. lets assume hostname of the VM is testvm and IP is 10.10.10.10
3. Ping the DNS servers to see if they are reachable.
ping 10.10.20.20
If the DNS servers are not reachable thats where the issue is.4. Run nslookup command as follows on the IP address and hostname of Linux Hosts which have issues. Below is command.
nslookup <IP/Hostname>
In a working DNS environment you should be seeing Name and Address of the Server to which you are doing nslookup.
You should NOT be seeing outputs from nslookup command which shows connection timedout, no servers count not be reached (or) IP address and hostname of Linux host being listed under "Non-authoritative answer". Below are sample outputs which shows these errors which are red flags.
# nslookup testvm
Server: 10.10.20.20
Address: 10.10.20.20#53
Non-authoritative answer:Name: testvm.testing.com
Address: 10.10.10.10
# nslookup 10.10.10.10
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached
5. Now run dig command with -x option on Linux VM hostname and IP address which has issues. Below is command.
Check if Query time in the output (highlighted below in sample output). In a working DNS environment querytime should be in milliseconds.
If there are issues with DNS the query time will be more or we will see connection timed out or no servers could be reached errors as follows:
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-25.P1.el5_11.12 <<>> -x 10.10.10.10
;; global options: printcmd
;; connection timed out; no servers could be reached
;; global options: printcmd
;; connection timed out; no servers could be reached
6. Now run below nslookup with -debug option on the Linux Host which has DNS issues.
nslookup -debug 10.10.10.10
Above command will do nslookup and provide the output in question and answer section as follows in working DNS environment.
# nslookup -debug testvm
Server: 10.10.20.20
Address: 10.10.20.20#53
------------
QUESTIONS:
testvm., type = A, class = IN
ANSWERS:
-> testvm.testing.com
internet address = 10.10.10.10
ttl = 10800
Server: 10.10.20.20
Address: 10.10.20.20#53
------------
QUESTIONS:
testvm., type = A, class = IN
ANSWERS:
-> testvm.testing.com
internet address = 10.10.10.10
ttl = 10800
You should not be seeing the Linux host IP address and hostname in "Non-authoritative answer:" of above command. For example as shown in below output. This indicates that there is some issues with DNS configuration.
Non-authoritative answer:
Name: testvm.testing.com
Address: 10.10.10.10
Name: testvm.testing.com
Address: 10.10.10.10
Above steps will help to check if there are DNS issues in the environment. Below are few additional commands which can be used as well for troubleshooting the DNS issues.
nslookup -query=any <hostname/IP>
nslookup -query=ns <hostname/IP>
Products to which Article Applies
All Linux Operating Systems
Additional Reference
https://www.cloudns.net/blog/10-most-used-nslookup-commands/
tarun boyella
No comments:
Post a Comment