Small problem here, not sure what was causing it.
On my work machine I have a cable connection with a static IPv4 address.
Today I had a lot of “Server Not Found” errors when browsing new websites.
After pinging the websites for a while, they were magically found again.
I’ve observed this behavior in Firefox 47 and in wget.
Ubuntu MATE 16.04 LTS
I noticed in the terminal that wget attempted to connect using an IPv6 address, and was not falling back to an IPv4 address when that failed. I suspect Firefox was doing the same thing.
This is very weird.
I’m pretty sure my school’s network doesn’t even route IPv6.
Edit: I’ve now verified that our DNS server does not provide AAAA records (IPv6 records)
I have since set in my connections settings IPv6 to ignore (and rebooted - unrelated) and now everything appears to be running fine, but I don’t understand why there was no fallback to IPv4 lookup.
ouroumov@Bloc:~/Desktop$ wget https://ubuntu-mate.community/
--2016-07-26 08:52:56-- https://ubuntu-mate.community/
Resolving ubuntu-mate.community (ubuntu-mate.community)... 2400:cb00:2048:1::681c:1858, 2400:cb00:2048:1::681c:1958
Connecting to ubuntu-mate.community (ubuntu-mate.community)|2400:cb00:2048:1::681c:1858|:443... failed: Network is unreachable.
Connecting to ubuntu-mate.community (ubuntu-mate.community)|2400:cb00:2048:1::681c:1958|:443... failed: Network is unreachable.
ouroumov@Bloc:~/Desktop$ ping ubuntu-mate.community
PING ubuntu-mate.community (104.28.25.88) 56(84) bytes of data.
64 bytes from 104.28.25.88: icmp_seq=1 ttl=57 time=13.2 ms
64 bytes from 104.28.25.88: icmp_seq=2 ttl=57 time=13.2 ms
64 bytes from 104.28.25.88: icmp_seq=3 ttl=57 time=13.2 ms
64 bytes from 104.28.25.88: icmp_seq=4 ttl=57 time=13.3 ms
ouroumov@Bloc:~/Desktop$ dig ubuntu-mate.community
; <<>> DiG 9.10.3-P4-Ubuntu <<>> ubuntu-mate.community
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28258
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 3843
;; QUESTION SECTION:
;ubuntu-mate.community. IN A
;; ANSWER SECTION:
ubuntu-mate.community. 186 IN A 104.28.24.88
ubuntu-mate.community. 186 IN A 104.28.25.88
;; AUTHORITY SECTION:
ubuntu-mate.community. 19682 IN NS duke.ns.cloudflare.com.
ubuntu-mate.community. 19682 IN NS lisa.ns.cloudflare.com.
;; Query time: 0 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Tue Jul 26 08:54:25 CEST 2016
;; MSG SIZE rcvd: 137
ouroumov@Bloc:~/Desktop$ wget https://ubuntu-mate.community/
--2016-07-26 08:55:56-- https://ubuntu-mate.community/
Resolving ubuntu-mate.community (ubuntu-mate.community)... 2400:cb00:2048:1::681c:1858, 2400:cb00:2048:1::681c:1958
Connecting to ubuntu-mate.community (ubuntu-mate.community)|2400:cb00:2048:1::681c:1858|:443... failed: Network is unreachable.
Connecting to ubuntu-mate.community (ubuntu-mate.community)|2400:cb00:2048:1::681c:1958|:443... failed: Network is unreachable.
ouroumov@Bloc:~/Desktop$ wget https://ubuntu-mate.community/
--2016-07-26 08:57:56-- https://ubuntu-mate.community/
Resolving ubuntu-mate.community (ubuntu-mate.community)... 104.28.24.88, 104.28.25.88, 2400:cb00:2048:1::681c:1858, ...
Connecting to ubuntu-mate.community (ubuntu-mate.community)|104.28.24.88|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘index.html’
index.html [ <=> ] 84,32K --.-KB/s in 0,03s
2016-07-26 08:57:56 (2,43 MB/s) - ‘index.html’ saved [86342]
Note that I didn’t do anything between when it was failing and when it decided not to fail anymore.
I have Ipv6 set to “Ignore” in Network Connections.
I’m gonna follow @Blank’s advice and kill IPv6 in sysctl.conf it that continues.
@Dave_Barnes, to me it looks like one of those three options:
Some parts of the system are not hitting the DNS cache
DNS Cache is poisoned and PING is ignoring the DNS cache.
System is using IPv6 and refuses to fallback to IPv4 for some reason.
But the second option would be weird: why would the dig response from 127.0.1.1#53(127.0.1.1) be correct?
Sure looks like DNS problem upstream. You DNS server (127.0.1.1) is getting IPv6 data from some upstream DNS server that is either spoofing or misconfigured.
It could even be a bug in dnsmasq. IPv6 support was added to dnsmasq somewhat recently – it could be buggy. You might want to try disabling or removing the dnsmasq junk.
The setting for dnsmasq is in /etc/NetworkManager/NetworkManager.conf – you just put a # in front of the “dns=dnsmasq” line. I also remove the “resolvconf” package as it seems to interfere with DNS somehow. YMMV. Unix ran fine for decades without dnsmasq and resolvconf so I can’t see why it is needed now.
If disabling IPv6 does not solve the problem then I would definitely look at the network with wireshark to see what is going on.
Check the DNS servers you are pointing to. That info used to be in /etc/resolv.conf but now with dnsmasq and resolvconf it is buried somewhere else
I used to have similar problems here. I gave up with my ISP and just use Google (8.8.8.8 and 8.8.4.4) DNS servers.
So, update. The problem has now been worked around.
I changed two things:
Killed IPv6 in sysctl.conf
Added the school's DNS server in "Network" settings
[1] was not enough by itself to solve my problem, firefox still could not find servers, though wget could.
[2] I suspect this is what helped here.
Yes, I mean "Network" settings, not "Network Connections" settings.
I had never used "Network" settings before.
It was weirdly set too:
DNS Server had just one entry: 127.0.1.1, and not the school's DNS that are correctly set in "Network Connections" settings
Search Domains had my school's domain, which it took from "Network Connections" settings
I don't understand why one settings was mirrored there but not the other.
Next time I power-cycle, I will re-enable IPv6 and see if it breaks things again.
But no one else on the network is having host resolution issues, I'm the only one affected and we're all in the same LAN.
Maybe this is what the "Network" settings is using?
If resolvconf is managing the “Network Settings: DNS Servers” then I would expect it to revert back to 127.0.1.1 upon reboot. Normally, with resolvconf, the /etc/resolv.conf file is a link to /run/resolvconf/resolv.conf and contains only the entry for “server 127.0.1.1” and a warning not to modify.
I think you are seeing some of the same problems I saw with dnsmasq and resolvconf. That stuff was developed long after I retired so I don’t have a lot of good experience with them. The problems may go away when IPv4 is retired (if ever ).
Many years ago I wrote a bash script to do the steps I described above to remove dnsmasq and resolvconf for my Internet facing systems - routers/firewalls.