Linux can ping the IP address, but cannot ping the Domain Name

Linux can ping the IP address, but cannot ping the Domain Name

I encountered a problem today. I can ping the IP address and cannot ping the domain name. I thought it was a problem with the DNS resolution server. I have been searching for a long time. The problem is not here.

[root@www postfix]# cat /etc/resolv.confnameserver 202.96.209.133options attempts:1 timeout:1 rotate#nameserver 10.202.72.117nameserver 10.202.72.118nameserver 114.114.114.114nameserver 8.8.8.8[root@www postfix]# 

After reading the route table, the problem is not on the routing gateway.

[root@www postfix]# netstat -rnKernel IP routing tableDestination     Gateway         Genmask         Flags   MSS Window  irtt Iface115.28.80.0     0.0.0.0         255.255.252.0   U         0 0          0 eth110.163.176.0    0.0.0.0         255.255.240.0   U         0 0          0 eth0169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth0169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth1192.168.0.0     10.163.191.247  255.255.0.0     UG        0 0          0 eth0172.16.0.0      10.163.191.247  255.240.0.0     UG        0 0          0 eth010.0.0.0        10.163.191.247  255.0.0.0       UG        0 0          0 eth00.0.0.0         115.28.83.247   0.0.0.0         UG        0 0          0 eth1[root@www postfix]# [root@www postfix]# [root@www postfix]# [root@www postfix]# [root@www postfix]# routeKernel IP routing tableDestination     Gateway         Genmask         Flags Metric Ref    Use Iface115.28.80.0     *               255.255.252.0   U     0      0        0 eth110.163.176.0    *               255.255.240.0   U     0      0        0 eth0link-local      *               255.255.0.0     U     1002   0        0 eth0link-local      *               255.255.0.0     U     1003   0        0 eth1192.168.0.0     10.163.191.247  255.255.0.0     UG    0      0        0 eth0172.16.0.0      10.163.191.247  255.240.0.0     UG    0      0        0 eth010.0.0.0        10.163.191.247  255.0.0.0       UG    0      0        0 eth0default         115.28.83.247   0.0.0.0         UG    0      0        0 eth1

Then let's take a look:

[root@www postfix]# grep hosts /etc/nsswitch.conf#hosts:     db files nisplus nis dns#hosts:      files dnshosts:      dns files

I changed it to dns first. After files is tested, it still doesn't work.

Finally, I found that it was the reason for the firewall. I enabled the firewall, which caused the ping domain name to fail.

Port 53 is used for domain name resolution. You need to configure the following settings in the firewall.

iptables -A INPUT -p udp --sport 53 -j ACCEPTiptables -A OUTPUT -p udp --dport 53 -j ACCEPTiptables -A INPUT -p udp --dport 53 -j ACCEPTiptables -A OUTPUT -p udp --sport 53 -j ACCEPT