Thursday, October 8, 2009

Squid Error: Reply from unexpected source: # 53, Expected 58.x.x.x # 53

We got problem in our Proxy Server (Squid), we were unable to access internet, The first problem was so pathetic as we were able to ping our local servers that are in LAN but were not able to ping our DNS, after checking our cable and basic network configuration, we got the solution and now we can ping our DNS also, but again PROBLEM start here as we are now able to ping our DNS properly but when we try nslookup so it results in error shown as a subject of this blog. To find out what is the reason behind this error we had to pass from some basic steps to find it exists, let’s look at those steps?

1. First check that our request are reaching to the destination or not, if not so where the packets are dropped, use the following command

# mtr your-dns-ipaddress
# traceroute your-dns-ipaddress

2. Check /etc/resolve.conf, for proper DNS entry, the entry should be like

# vi /etc/resolve.conf
nameserver 58.x.x.x

# service network restart

The entry in my case was correct, so we try ping again and it was working but with nslookup the same result (error) was produced.

3. Now issue the following command to check for the proper / correct gateway:

# netstat –r
# route –n

The gateway was also perfectly right but still we were not able to do nslookup. Then we made a change in the /etc/resolve.conf file (change our DNS address to another, so it starts working but that was not a good solution as we are directed to use the original one)

After googling and help from my teacher (Nayyar Ahmad) we were at the opinion that TWO Reasons can subsist in this case:

1. Firewall between our machine and DNS and it is blocking port 53 as we can ping. We have communication channel between both just port#53 has problem.
2. DNS services are not running. As we can ping the machine but services are not running, we can check the services from following command

# service named status


It was so simple, when we consult the system administrator of head office so they were not allowing our traffic when he added our dns address so everything was working normal.

I hope this will be informative for you!

Cheers :)


nayyares said...

it means our prediction was right about this issue, btw, why the hell your head office is afraid of DNS traffic from Peshawar...any fear against terror attack :)



Yes sir we were right :) and regarding had office so we have forward the case now waitig for the correct action :)

Khush Dil Khan said...

thanks God the issue was resolved yesterday and now its working properly. BUT I am afraid of stopping the services access from peshawar again because of todays terrorist act here in peshawar.