cellio: (Default)
Monica ([personal profile] cellio) wrote2012-02-20 10:30 pm
  • Add Memory
  • Share This Entry
Entry tags:

weird DSL problem

We came home to no internet service tonight, but the failure mode is odd. We do have connectivity, but no DNS -- so that would be a well-understood problem, except that I can use ssh to get to my shell provide -- by name. I can also ping that host by name -- but I can't ping anything else by name. Does MacOS maintain some sort of cached state for ssh?

And when did browsers start rewriting IP addresses to domain names? I could visit my favorite web sites by IP address in principle, but when I type in an IP address the browser turns it into a domain name, tries to load that...and fails, because there's no DNS. WTF?

Verizon has been underwhelming so far, and I even mean compared to other Verizon experiences. At one point they said the line must be bad and they'd send a technician in a couple of days, then put us on hold for 10+ minutes. But how could it be a bad line if we have any connectivity at all? When the guy came back he said that there's an outage (previously he had said there wasn't), so with luck it'll come back on its own.

But if anybody reading this could tell me where to find some DNS servers that I'd be allowed to hit, I'd be grateful. I'm trying to find that on my own, but using the phone is slow going.

Threaded | Top-Level Comments Only

[identity profile] schulman.livejournal.com 2012-02-21 03:48 am (UTC)(link)
Google public DNS: 8.8.8.8 and 8.8.4.4

[identity profile] miz-hatbox.livejournal.com 2012-02-21 03:52 am (UTC)(link)
We had that happen with Frontier. We switched our DNS server manually and the problem went away...
cellio: (Default)

[personal profile] cellio 2012-02-21 04:08 am (UTC)(link)
Yay! Post by email worked. :-)

Thanks for the info! Should I have to reboot the machine for new settings to take effect? I wouldn't think so, but my desktop machine isn't reacting to either new DNS settings or my phone's hotspot (hey, my phone has a hotspot, cool). I'm typing this from a laptop via the phone hotspot (I booted the laptop after setting up the phone). On the one hand I could reboot the Mini and find out, but what if it costs me ssh?

[identity profile] schulman.livejournal.com 2012-02-21 04:46 am (UTC)(link)
I don't believe you should have to reboot. There are configuration instructions and some diagnostic help here: http://code.google.com/speed/public-dns/docs/using.html

There's also a phone number for help on that page, but I have no idea how helpful it actually is.

If DNS lookups are still not working for you, it may be something weird with your TCP stack, or maybe caching issues? Good luck!

[identity profile] rjmccall.livejournal.com 2012-02-21 07:07 am (UTC)(link)
When you connect to a host for the first time, ssh prompts you to verify the host's signature. In theory this is the opportunity to use a trusted source to verify that that is indeed the signature of the host you mean to connect to, but usually people just automatically accept that. Anyway, once you've done that, ssh basically turns the host name as you entered it into a record in ~/.ssh/known_hosts that includes the IP address and that signature; if the signature ever changes, it warns you that something weird's going on. In theory it could do the same sort of authentication for the IP address, but that would accomplish exactly nothing beyond (1) verifying that the DNS service has not been compromised (which is irrelevant, since that service is not otherwise a party to the connection) and (2) unnecessarily telling the DNS service that you might be ssh'ing somewhere, so it just doesn't bother.
cellio: (Default)

[personal profile] cellio 2012-02-21 01:52 pm (UTC)(link)
Thanks! Fortunately I didn't need the instructions to reconfigure first the router and then one individual machine when that failed. Unfortunately last night that didn't work -- weird. Fortunately this morning, after another router restart, things were back to working with the original settings. Now that it's working I haven't yet tried adding the Google servers back into the mix.

So hmm, maybe weird caching? That it took hours, rather than either minutes or days, to right itself puzzles me.
cellio: (Default)

[personal profile] cellio 2012-02-21 01:52 pm (UTC)(link)
That should have worked. Verizon has apparently found new and special ways to make my life interesting. Fortunately, it's working now.
cellio: (Default)

[personal profile] cellio 2012-02-21 01:54 pm (UTC)(link)
Thanks for the explanation! Now that you mention it I do remember the verification step, not least because my provider changed an IP address several months ago and warned us that that would trigger this again.

[identity profile] http://users.livejournal.com/merle_/ 2012-02-21 07:43 pm (UTC)(link)
..although the ssh known hosts shouldn't affect browsers because they have their own cache (or use the OS cache), both of which should respect the DNS timeout.

As for browsers rewriting IP addys into names, that's bizarre. I have not seen that, but I run Opera on an ancient OS.
cellio: (Default)

[personal profile] cellio 2012-02-22 02:31 am (UTC)(link)
Actually, I misspoke: this morning when things worked I did have the Google servers in the list, but the router doesn't report using them. Doesn't matter; I'm keeping them. Thanks again for the tip!
cellio: (Default)

[personal profile] cellio 2012-02-22 02:36 am (UTC)(link)
I saw this in both Firefox 10 and Safari whatever-MacOS-thinks-is-current. I'd type in an IP address, the browser would say "connecting to (domain name)", and then it would fail. I gave you an IP address for a reason! Bah.

Mind, this was more benign than it would have been mere months ago: the smartphone enabled me to connect the laptop to the 4G network, bypassing Verizon. I wouldn't try that for more than an hour or so (I think I saw the battery indicator moving...), but it made a difference, and between ssh and the phone I had plenty of ways to get to email.

(But, whine, all the browser tabs were on the desktop machine. Cue the violins. :-) )
geekosaur: orange tabby with head canted 90 degrees, giving impression of "maybe it'll make more sense if I look at it this way?" (Default)

[personal profile] geekosaur 2012-02-22 03:16 am (UTC)(link)
Browsers don't generally rewrite URLs. Many web servers do; there is a canonical server name which will be used in redirects and such, and generally these days a web server will pick one of foo.com or www.foo.com to be canonical and send a redirect to it if you use the other.

OS X does have a DNS cache; on Leopard and up it's controlled by dscacheutil. Also note that if you are changing DNS in your router, generally that information is sent to clients when they do DHCP renews so you would want to open System Preferences > Network and click the button to renew the DHCP lease. (Although I generally just change the DNS there; you can override what it gets from DHCP. It's hidden under the "Advanced..." button.)
cellio: (Default)

[personal profile] cellio 2012-02-22 04:44 am (UTC)(link)
Thanks for the browser/server info.

Oh! Renewing the DHCP lease! Yeah, that would have been a good idea. Thanks for the clue for next time. (I did try changing the DNS there; I've become well-acquainted with those advanced settings.)
Threaded | Top-Level Comments Only