Some one tell me what's going on please :)

DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
I have a client on the 192.168.5.0/24 network and a server on the 172.17.1.0/24 network..

if I run a ping from the Linux client to 172.17.1.11

I get
[email protected]:~$ ping 172.17.1.11
PING 172.17.1.11 (172.17.1.11) 56(84) bytes of data.
64 bytes from 172.17.1.11: icmp_seq=1 ttl=63 time=5.71 ms
64 bytes from 172.17.1.11: icmp_seq=2 ttl=63 time=0.668 ms
64 bytes from 172.17.1.11: icmp_seq=3 ttl=63 time=0.690 ms
however if I
[email protected]:~$ ping uk.test.com
PING uk.test.com (172.17.1.11) 56(84) bytes of data.
64 bytes from XXXX-78474-net-adsl-01.altohiway.com (172.17.1.11): icmp_seq=1 ttl=63 time=0.971 ms
64 bytes from XXXX-78474-net-adsl-01.altohiway.com (172.17.1.11): icmp_seq=2 ttl=63 time=0.675 ms
64 bytes from XXXX-78474-net-adsl-01.altohiway.com (172.17.1.11): icmp_seq=3 ttl=63 time=0.680 ms
64 bytes from XXXX-78474-net-adsl-01.altohiway.com (172.17.1.11): icmp_seq=4 ttl=63 time=0.692 ms
64 bytes from XXXX-78474-net-adsl-01.altohiway.com (172.17.1.11): icmp_seq=5 ttl=63 time=0.715 ms
64 bytes from XXXX-78474-net-adsl-01.altohiway.com (172.17.1.11): icmp_seq=6 ttl=63 time=0.656 ms

So it's is still seeing the Correct IP address, and both the domain name and the IP address will work when browsing the website.

But why does the second one see the domain name of the ISP's fire wall which is outside the network? There is even a policy on the fire wall to block internal IP address talking across the inside / outside boundry?

Any ideas ?

Aaron
  • If you can't explain it simply, you don't understand it well enough. Albert Einstein
  • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.

Comments

  • chmorinchmorin Member Posts: 1,446 ■■■■■□□□□□
    DevilWAH wrote: »
    I have a client on the 192.168.5.0/24 network and a server on the 172.17.1.0/24 network..

    if I run a ping from the Linux client to 172.17.1.11

    I get
    [email protected]:~$ ping 172.17.1.11
    PING 172.17.1.11 (172.17.1.11) 56(84) bytes of data.
    64 bytes from 172.17.1.11: icmp_seq=1 ttl=63 time=5.71 ms
    64 bytes from 172.17.1.11: icmp_seq=2 ttl=63 time=0.668 ms
    64 bytes from 172.17.1.11: icmp_seq=3 ttl=63 time=0.690 ms
    
    however if I
    [email protected]:~$ ping uk.test.com
    PING uk.test.com (172.17.1.11) 56(84) bytes of data.
    64 bytes from XXXX-78474-net-adsl-01.altohiway.com (172.17.1.11): icmp_seq=1 ttl=63 time=0.971 ms
    64 bytes from XXXX-78474-net-adsl-01.altohiway.com (172.17.1.11): icmp_seq=2 ttl=63 time=0.675 ms
    64 bytes from XXXX-78474-net-adsl-01.altohiway.com (172.17.1.11): icmp_seq=3 ttl=63 time=0.680 ms
    64 bytes from XXXX-78474-net-adsl-01.altohiway.com (172.17.1.11): icmp_seq=4 ttl=63 time=0.692 ms
    64 bytes from XXXX-78474-net-adsl-01.altohiway.com (172.17.1.11): icmp_seq=5 ttl=63 time=0.715 ms
    64 bytes from XXXX-78474-net-adsl-01.altohiway.com (172.17.1.11): icmp_seq=6 ttl=63 time=0.656 ms
    

    So it's is still seeing the Correct IP address, and both the domain name and the IP address will work when browsing the website.

    But why does the second one see the domain name of the ISP's fire wall which is outside the network? There is even a policy on the fire wall to block internal IP address talking across the inside / outside boundry?

    Any ideas ?

    Aaron

    Do you have an internal DNS? I don't know much about DNS, but it might have something to do with if you are pointing to a non-internal DNS and use the hostname.
    Currently Pursuing
    WGU (BS in IT Network Administration) - 52%| CCIE:Voice Written - 0% (0/200 Hours)
    mikej412 wrote:
    Cisco Networking isn't just a job, it's a Lifestyle.
  • APAAPA Member Posts: 959
    dodgy dns A record... by the looks of things.....

    Confirm it by looking up the A record....

    dig @(server) XXXX-78474-net-adsl-01.altohiway.com

    and the reverse lookup may not have been setup.... try this.... and see whether the reverse lookup comes up with the same name...but via PTR record...

    Linux = dig -x 172.17.1.11

    Seeing as the forward resolves to that address... I dare say you have some DNS records that may need cleaning up... or there could be a legitimate purpose someone has placed that record in the DNS zone.

    CCNA | CCNA:Security | CCNP | CCIP
    JNCIA:JUNOS | JNCIA:EX | JNCIS:ENT | JNCIS:SEC
    JNCIS:SP | JNCIP:SP
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    AHHH....

    yes, I am using a DNS forwarder to resolve the DNS requests for clients. (Router/Bridge Firewall Linux) and I assume this is messing up the records some what.

    But now it makes sence. It is resolving to an extranal DNS server and getting DNS packet re-writes so I can assume this is messing it up some where :)

    Now I know I have a look to see what can be done. However not to important to worry about.

    Cheers..
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    Solution was easy :) create an reverse zone on the internal DNS server for the 172.17.1.X network.

    then either leave out the address completely or add a recourd with the correct name.

    :) Cheers
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Sign In or Register to comment.