DNS problems on CentOS fresh install

I'm having some DNS issues on a new box I'm installing with CentOS 6.2.

I am able to look up names using nslookup, dig, or host. I am able to ping machines by name or by IP address. However, when I try other tools, such as ssh, wget, or yum, they are unable to resolve names. For example:

# wget http://www.google.com
--2012-03-08 14:48:06--  http://www.google.com/
Resolving www.google.com... failed: Name or service not known.
wget: unable to resolve host address `www.google.com'
# ssh www.google.com
ssh: Could not resolve hostname www.google.com: Name or service not known
# ping -c 1 www.google.com
PING www.l.google.com (74.125.113.106) 56(84) bytes of data.
64 bytes from vw-in-f106.1e100.net (74.125.113.106): icmp_seq=1 ttl=46 time=43.6 ms

--- www.l.google.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 59ms
rtt min/avg/max/mdev = 43.665/43.665/43.665/0.000 ms
# host www.google.com
www.google.com is an alias for www.l.google.com.
www.l.google.com has address 74.125.113.99
www.l.google.com has address 74.125.113.103
www.l.google.com has address 74.125.113.104
www.l.google.com has address 74.125.113.105
www.l.google.com has address 74.125.113.106
www.l.google.com has address 74.125.113.147

My /etc/nsswitch.conf file is the default, including this (standard) line:

hosts:      files dns

/etc/resolv.conf is as set up by DHCP:

; generated by /sbin/dhclient-script
nameserver 192.168.1.254

192.168.1.254 is a working DNS server (my DSL modem, working for years with other machines)

Anyone know why ping would work, but ssh/wget would fail?

Per NcA's suggestion, I tried changing /etc/resolv.conf to point to 8.8.8.8. Oddly enough, this does make it work. Obviously, my DSL modem is responding to DNS requests in some way that some parts of Linux's resolution system don't like. Looking at the tcpdump, I am unable to see what the difference is. Certainly, both servers are sending the same addresses.

Here's the output from tcpdump -nn -X with the server set to the DNS server on the DSL modem. It's clearly replying with the correct addresses, but ssh/wget don't seem happy with it for some reason:

15:53:52.133580 IP 192.168.1.254.53 > 192.168.1.2.54836: 33157 7/0/0 CNAME www.l.google.com., A 74.125.115.105, A 74.125.115.106, A 74.125.115.147, A 74.125.115.99, A 74.125.115.103, A 74.125.115.104 (148)
        0x0000:  4500 00b0 e33a 0000 ff11 53b1 c0a8 01fe  E....:....S.....
        0x0010:  c0a8 0102 0035 d634 009c 7528 8185 8180  .....5.4..u(....
        0x0020:  0001 0007 0000 0000 0377 7777 0667 6f6f  .........www.goo
        0x0030:  676c 6503 636f 6d00 0001 0001 c00c 0005  gle.com.........
        0x0040:  0001 0007 acd0 0008 0377 7777 016c c010  .........www.l..
        0x0050:  c02c 0001 0001 0000 0001 0004 4a7d 7369  .,..........J}si
        0x0060:  c02c 0001 0001 0000 0001 0004 4a7d 736a  .,..........J}sj
        0x0070:  c02c 0001 0001 0000 0001 0004 4a7d 7393  .,..........J}s.
        0x0080:  c02c 0001 0001 0000 0001 0004 4a7d 7363  .,..........J}sc
        0x0090:  c02c 0001 0001 0000 0001 0004 4a7d 7367  .,..........J}sg
        0x00a0:  c02c 0001 0001 0000 0001 0004 4a7d 7368  .,..........J}sh
15:53:52.135669 IP 192.168.1.254.53 > 192.168.1.2.54836: 65062- 0/0/0 (32)
        0x0000:  4500 003c e33b 0000 ff11 5424 c0a8 01fe  E..<.;....T$....
        0x0010:  c0a8 0102 0035 d634 0028 98f9 fe26 8000  .....5.4.(...&..
        0x0020:  0001 0000 0000 0000 0377 7777 0667 6f6f  .........www.goo
        0x0030:  676c 6503 636f 6d00 001c 0001            gle.com.....

I'm not enough of an expert to know if this is malformed in some way, but ping seems to do the right thing with it.

For comparison, here's the same thing when querying 8.8.8.8:

15:57:27.990270 IP 8.8.8.8.53 > 192.168.1.2.49028: 59114 7/0/0 CNAME www.l.google.com., A 74.125.113.105, A 74.125.113.103, A 74.125.113.106, A 74.125.113.147, A 74.125.113.104, A 74.125.113.99 (148)
        0x0000:  4500 00b0 5530 0000 2f11 6453 0808 0808  E...U0../.dS....
        0x0010:  c0a8 0102 0035 bf84 009c 39f8 e6ea 8180  .....5....9.....
        0x0020:  0001 0007 0000 0000 0377 7777 0667 6f6f  .........www.goo
        0x0030:  676c 6503 636f 6d00 0001 0001 c00c 0005  gle.com.........
        0x0040:  0001 0001 516a 0008 0377 7777 016c c010  ....Qj...www.l..
        0x0050:  c02c 0001 0001 0000 0116 0004 4a7d 7169  .,..........J}qi
        0x0060:  c02c 0001 0001 0000 0116 0004 4a7d 7167  .,..........J}qg
        0x0070:  c02c 0001 0001 0000 0116 0004 4a7d 716a  .,..........J}qj
        0x0080:  c02c 0001 0001 0000 0116 0004 4a7d 7193  .,..........J}q.
        0x0090:  c02c 0001 0001 0000 0116 0004 4a7d 7168  .,..........J}qh
        0x00a0:  c02c 0001 0001 0000 0116 0004 4a7d 7163  .,..........J}qc
15:57:28.018909 IP 8.8.8.8.53 > 192.168.1.2.49028: 31984 1/1/0 CNAME www.l.google.com. (102)
        0x0000:  4500 0082 7b1b 0000 2f11 3e96 0808 0808  E...{.../.>.....
        0x0010:  c0a8 0102 0035 bf84 006e c67e 7cf0 8180  .....5...n.~|...
        0x0020:  0001 0001 0001 0000 0377 7777 0667 6f6f  .........www.goo
        0x0030:  676c 6503 636f 6d00 001c 0001 c00c 0005  gle.com.........
        0x0040:  0001 0001 517f 0008 0377 7777 016c c010  ....Q....www.l..
        0x0050:  c030 0006 0001 0000 0258 0026 036e 7334  .0.......X.&.ns4
        0x0060:  c010 0964 6e73 2d61 646d 696e c010 0016  ...dns-admin....
        0x0070:  91f3 0000 0384 0000 0384 0000 0708 0000  ................
        0x0080:  003c                                     .<

I still don't know why the server's reply is adequate for ping but not for ssh/wget.

If anyone has ideas, I'd be happy to hear them. For now, though, I can either refer to an outside DNS server or set up my own server on the new box. It's a workaround that seems like it should be unnecessary, but will allow me to proceed.

Using this: https://www.centos.org/modules/newbb/viewtopic.php?topic_id=39343

I found a key command that helped me troubleshoot:

[root@localhost ~]# wget -6 URL -Failed

[root@localhost ~]# wget -4 URL -Worked

It's something to do with the default ipv6 stack that's causing problems with certain utils. Disable ipv6 to resolve.

I have the same problem but I fixed it.

You must add DNS in interface configuration file, /etc/sysconfig/network-scripts/ifcfg-eth0. Add the line

DNS1=xxx.xxx.xxx.xxx

And then you must restart network service.

# systemctl restart NetworkManager

Try to add order hosts,bind to /etc/host.conf.

Stop the firewall first. Always get that out of the way when troubleshooting network issues (whenever possible). If you drop the firewall and your issue goes away, problem solved, if not, at least it's out of the way for now.

1) iptables -L see if there are any DROP rules that could be affecting outgoing packets

2) Check to see if selinux is running and doing anything odd (/etc/selinux/config)

3) what is the output of the following: route -n

4) what does /etc/sysconfig/network-scripts/ifcfg-eth0 look like

5) can you ping your gateway without issue?

Hopefully one of these will provide the bit of information you need to diagnose the issue.

Based on the original post I added 8.8.8.8 to /etc/resolv.conf and /etc/sysconfig/network-scripts/ifcfg-eth0 Neither edit solved my problem.

I then edited /etc/nsswitch.conf:

Original

hosts:          files  mdns4_minimal [NOTFOUND=return] dns mdns4

Edited

hosts:          files  dns mdns4_minimal [NOTFOUND=return] mdns4

Now DNS works for yum and wget.