set up clear OS Vm as a DHCP and DNS server
added dns entries from web interface
these entries are not resolved from dns server
[sh@nebb-04 sh]$ nslookup shfogsm.neb.io 192.168.XX.XX
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached
[sh@nebbiolo-04 sh]
added dns entries from web interface
these entries are not resolved from dns server
[sh@nebb-04 sh]$ nslookup shfogsm.neb.io 192.168.XX.XX
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached
[sh@nebbiolo-04 sh]
In ClearVM
Share this post:
Responses (8)
-
Accepted Answer
As you are in Gateway mode, you would not expect ClearOS to resolve DNS requests (or do DHCP) from its WAN interface and the firewall is closed to those requests. It will, however, respond the DNS and DHCP requests from its LAN. To respond to DNS requests from the WAN you will need to open the Incoming Firewall to tcp:53 and udp:53 for DNS. DHCP is udp:67, I believe. Normally you should not do this, but in your case, since your WAN is in a private address space, you are probably safe. -
Accepted Answer
-
Accepted Answer
-
Accepted Answer
Clear OS VM is set to Gateway Mode.
Issue now is,
From internal network,
2020/08/19 02:10:35 client: Connection error: dial tcp: lookup fogsm-vpr-eval.nebbiolo.io on 192.168.101.1:53: read udp 192.168.23.90:56016->192.168.101.1:53: i/o timeout (Attempt: 633)
[admin@host-FN-300-113b8a ~]$ ifconfig | grep inet
inet 10.10.10.1 netmask 255.255.255.0 broadcast 10.10.10.255
inet6 fe80::f8a7:6cff:fe2a:c9eb prefixlen 64 scopeid 0x20<link>
inet 20.20.20.1 netmask 255.255.255.0 broadcast 20.20.20.255
inet6 fe80::cced:36ff:fe2d:2604 prefixlen 64 scopeid 0x20<link>
inet 192.168.23.90 netmask 255.255.255.0 broadcast 192.168.23.255
I've no idea where this is coming from. Where are you seeing the message and where is the ifconfig from? What is the connection error and what is it testing? If the ifconfig is from a client, what are its DNS resolvers? Also are you munging your IP addresses (10.10.10.1 and 20.20.20.1)? Presumably this machine is connected to the same network as eth0, but isn't that your external ClearOS interface
S>>>> This message is from the client that was trying to connect a node on the internet.
192.168.23.90 -------> Internet [50.X.X.X]
Fixed this issue by setting correct nameservers. Thank you for the pointer.
[admin@host-FN-300-113b8a ~]$ sudo cat /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
search nebbiolotech.com
nameserver 192.168.23.10
nameserver 8.8.8.8
[admin@host-FN-300-113b8a ~]$
Question now is,
This VM also serves as DHCP server that gave this client its IP address.
what are the settings to populate the /etc/resolv.conf on client automatically. -
Accepted Answer
S wrote:
How to check if VM is in gateway mode. External connection is to a l3 distribution switch, goes to internet.
In ClearOS look at Network > Settings > IP settings, look at the Network Mode.
Is this ok?
[root@gateway ~]# cat /etc/resolv-peerdns.conf
# Please do not edit this file.
# See http://www.clearcenter.com/support/documentation/clearos_guides/dns_and_resolver
domain nebbiolotech.com
nameserver 8.8.8.8
Normally if you use 8.8.8.8 you would also use 8.8.4.4.
Issue now is,
From internal network,
2020/08/19 02:10:35 client: Connection error: dial tcp: lookup fogsm-vpr-eval.nebbiolo.io on 192.168.101.1:53: read udp 192.168.23.90:56016->192.168.101.1:53: i/o timeout (Attempt: 633)
[admin@host-FN-300-113b8a ~]$ ifconfig | grep inet
inet 10.10.10.1 netmask 255.255.255.0 broadcast 10.10.10.255
inet6 fe80::f8a7:6cff:fe2a:c9eb prefixlen 64 scopeid 0x20<link>
inet 20.20.20.1 netmask 255.255.255.0 broadcast 20.20.20.255
inet6 fe80::cced:36ff:fe2d:2604 prefixlen 64 scopeid 0x20<link>
inet 192.168.23.90 netmask 255.255.255.0 broadcast 192.168.23.255
I've no idea where this is coming from. Where are you seeing the message and where is the ifconfig from? What is the connection error and what is it testing? If the ifconfig is from a client, what are its DNS resolvers? Also are you munging your IP addresses (10.10.10.1 and 20.20.20.1)? Presumably this machine is connected to the same network as eth0, but isn't that your external ClearOS interface -
Accepted Answer
removed 127.0.0.1., now the lan connectivity is up.
How to check if VM is in gateway mode. External connection is to a l3 distribution switch, goes to internet.
Is this ok?
[root@gateway ~]# cat /etc/resolv-peerdns.conf
# Please do not edit this file.
# See http://www.clearcenter.com/support/documentation/clearos_guides/dns_and_resolver
domain nebbiolotech.com
nameserver 8.8.8.8
Issue now is,
From internal network,
2020/08/19 02:10:35 client: Connection error: dial tcp: lookup fogsm-vpr-eval.nebbiolo.io on 192.168.101.1:53: read udp 192.168.23.90:56016->192.168.101.1:53: i/o timeout (Attempt: 633)
[admin@host-FN-300-113b8a ~]$ ifconfig | grep inet
inet 10.10.10.1 netmask 255.255.255.0 broadcast 10.10.10.255
inet6 fe80::f8a7:6cff:fe2a:c9eb prefixlen 64 scopeid 0x20<link>
inet 20.20.20.1 netmask 255.255.255.0 broadcast 20.20.20.255
inet6 fe80::cced:36ff:fe2d:2604 prefixlen 64 scopeid 0x20<link>
inet 192.168.23.90 netmask 255.255.255.0 broadcast 192.168.23.255 -
Accepted Answer
-
Accepted Answer
[root@gateway ~]# cat /etc/resolv.conf
# Please do not edit this file.
# See http://www.clearcenter.com/support/documentation/clearos_guides/dns_and_resolver
domain nebbiolotech.com
nameserver 127.0.0.1
nameserver 8.8.8.8
[root@gateway ~]# ifconfig | grep '^\S' -A 1
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.23.10 netmask 255.255.255.0 broadcast 192.168.23.255
--
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.1 netmask 255.255.255.0 broadcast 192.168.100.255
--
eth2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.101.1 netmask 255.255.255.0 broadcast 192.168.101.255
--
eth3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.102.1 netmask 255.255.255.0 broadcast 192.168.102.255
--
eth4: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.22.1 netmask 255.255.255.0 broadcast 192.168.22.255
--
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »