IDPA-implementeringen mislyktes med feilmeldingen «Reverse lookup failed» (Omvendt oppslag mislyktes)

Configuring appliance network. [Step 1 of 4]Configuring Appliance Configuration Manager network. [Step 1 of 4]Appliance Configuration Manager network configuration completed. [Step 2 of 4]Network settings validation started. [Step 2 of 4]Network settings validation failed. Appliance network configuration failed. Detaljert feilmelding: (Merk: x.x.x.11 er ACM public IP, og x.x.x.12 er ESXi public IP) Reverse lookup failed for x.x.x.11 with primary domain name server x.x.x.240. Reverse lookup failed for x.x.x.12 with primary domain name server x.x.x.240. 


– NVT-verktøykontroll bestått

– nslookup fungerer fint både for videresendt og omvendt DNS-oppslag

– Bruk av ACM dnsjava-verktøyet for å utføre DNS-oppslag mislyktes:

dpappliance-acm:~ # java -cp /usr/local/dataprotection/tomcat/webapps/dataprotection/WEB-INF/lib/vcedpa-externalutil-2.4.0.jar com.emc.vcedpa.network.IPResolveUtil x.x.x.240 x.x.x.11 Input : DNS[x.x.x.240], IP Address[x.x.x.11]. Hostname: x.x.x.11 Reverse lookup failed. Sammenligne med nslookup-resultatet av den samme DNS-spørringen, som var vellykket: dpappliance-acm:~ # nslookup x.x.x.11 Server: x.x.x.240 Address: x.x.x.240#53 11.x.x.x.in-addr.arpa name = dp4400-acm.sample.local. 

Test nr. 1: tcpdump-utdata viser et mislykket DNS-oppslag. DNS-server x.x.x.240 svarte ikke på «ANY»-spørring: =================================================================================== Fra ACM registrerer vi nettverkstrafikk fra følgende dnsjava DNS-spørring ved å kjøre: dpappliance-acm:~ # java -cp /usr/local/dataprotection/tomcat/webapps/dataprotection/WEB-INF/lib/vcedpa-externalutil-2.4.0.jar com.emc.vcedpa.network.IPResolveUtil x.x.x.240 x.x.x.11 Input : DNS[x.x.x.240], IP Address[x.x.x.11]. Hostname: x.x.x.11 Reverse lookup failed. dpappliance-acm:~ # nslookup x.x.x.11 Server: x.x.x.240 Address: x.x.x.240#53 11.x.x.x.in-addr.arpa name = dp4400-acm.sample.local. dpappliance-acm:~ # tcpdump -s 0 -i eth1 host x.x.x.240 -vvvv tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 262144 bytes 01:18:07.955334 IP (tos 0x0, ttl 64, id 49262, offset 0, flags [DF], proto UDP (17), length 69) dp4400-acm.sample.local.48611 > x.x.x.240.domain: [bad udp cksum 0x2056 -> 0x2be5!] 33132+ PTR? 11.x.x.x.IN-ADDR.ARPA. (41) 01:18:07.955914 IP (tos 0x0, ttl 64, id 49263, offset 0, flags [DF], proto UDP (17), length 71) dp4400-acm.sample.local.33633 > x.x.x.240.domain: [bad udp cksum 0x2058 -> 0xa78f!] 39491+ PTR? 240.10.10.10.in-addr.arpa. (43) 01:18:07.956517 IP (tos 0x0, ttl 49, id 65199, offset 0, flags [none], proto UDP (17), length 139) x.x.x.240.domain > dp4400-acm.sample.local.48611: [udp sum ok] 33132* q: PTR? 11.x.x.x.IN-ADDR.ARPA. 1/1/1 11.x.x.x.IN-ADDR.ARPA. [1h] PTR dp4400-acm.sample.local. ns: 10.IN-ADDR.ARPA. [1h] NS ns.10.IN-ADDR.ARPA. ar: ns.10.IN-ADDR.ARPA. [1h] A 127.0.0.1 (111) 01:18:07.956815 IP (tos 0x0, ttl 49, id 46189, offset 0, flags [none], proto UDP (17), length 115) x.x.x.240.domain > dp4400-acm.sample.local.33633: [udp sum ok] 39491 NXDomain* q: PTR? 240.10.10.10.in-addr.arpa. 0/1/0 ns: 10.in-addr.arpa. [30m] SOA ns.10.in-addr.arpa. mail.10.in-addr.arpa. 102 28800 3600 604800 1800 (87) 01:18:07.956966 IP (tos 0x0, ttl 64, id 49264, offset 0, flags [DF], proto UDP (17), length 69) dp4400-acm.sample.local.57840 > x.x.x.240.domain: [bad udp cksum 0x2056 -> 0x71f6!] 30381+ PTR? 11.x.x.x.in-addr.arpa. (41) 01:18:07.957783 IP (tos 0x0, ttl 49, id 14608, offset 0, flags [none], proto UDP (17), length 139) x.x.x.240.domain > dp4400-acm.sample.local.57840: [udp sum ok] 30381* q: PTR? 11.x.x.x.in-addr.arpa. 1/1/1 11.x.x.x.in-addr.arpa. [1h] PTR dp4400-acm.sample.local. ns: 10.in-addr.arpa. [1h] NS ns.10.in-addr.arpa. ar: ns.10.in-addr.arpa. [1h] A 127.0.0.1 (111) 01:18:07.959536 IP (tos 0x0, ttl 64, id 49265, offset 0, flags [DF], proto UDP (17), length 69) dp4400-acm.sample.local.60791 > x.x.x.240.domain: [bad udp cksum 0x2056 -> 0x4144!] 61612+ ANY? dp4400-acm.sample.local. (41)01:18:08.960896 IP (tos 0x0, ttl 64, id 49284, offset 0, flags [DF], proto UDP (17), length 69)dp4400-acm.sample.local.47615 > x.x.x.240.domain: [bad udp cksum 0x2056 -> 0x74bc!] 61612+ ANY? dp4400-acm.sample.local. (41) 01:18:10.963164 IP (tos 0x0, ttl 64, id 49516, offset 0, flags [DF], proto UDP (17), length 69)dp4400-acm.sample.local.50636 > x.x.x.240.domain: [bad udp cksum 0x2056 -> 0x68ef!] 61612+ ANY? dp4400-acm.sample.local. (41) 01:18:14.967449 IP (tos 0x0, ttl 64, id 49830, offset 0, flags [DF], proto UDP (17), length 69)dp4400-acm.sample.local.44092 > x.x.x.240.domain: [bad udp cksum 0x2056 -> 0x827f!] 61612+ ANY? dp4400-acm.sample.local. (41) ^C 10 packets captured 10 packets received by filter 0 packets dropped by kernel Test#2: tcpdump output viser et vellykket DNS-oppslag. En annen DNS-server x.x.x.101 responderte på ANY-spørringen: ====================================================================================== Fra ACM registrerer vi trafikk fra følgende kommandokjøring (x.x.x.101 er en test-DNS-server som partneren selv opprettet i en VM): dpappliance-acm:~ # java -cp /usr/local/dataprotection/tomcat/webapps/dataprotection/WEB-INF/lib/vcedpa-externalutil-2.4.0.jar com.emc.vcedpa.network.IPResolveUtil x.x.x.101 x.x.x.11 Input: DNS[x.x.x.101], IP Address[x.x.x.11]. Hostname: dp4400-acm.sample.local Reverse lookup successful.. Hostname: dp4400-acm.sample.local IP Address: x.x.x.11 Forward lookup successful. IP Address: x.x.x.11 dpappliance-acm:~ # tcpdump -s 0 -i eth1 host 10.15.1.101 -vvvv tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 262144 bytes 01:20:01.368557 IP (tos 0x0, ttl 64, id 4344, offset 0, flags [DF], proto UDP (17), length 69) dp4400-acm.sample.local.54907 > 10.15.1.101.domain: [bad udp cksum 0x16d0 -> 0xe01c!] 48674+ PTR? 11.x.x.x.IN-ADDR.ARPA. (41) 01:20:01.376214 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has dp4400-acm.sample.local tell 10.15.1.101, length 46 01:20:01.376222 ARP, Ethernet (len 6), IPv4 (len 4), Reply dp4400-acm.sample.local is-at 00:0c:29:93:b3:a0 (oui Unknown), length 28 01:20:01.376477 IP (tos 0x0, ttl 128, id 4475, offset 0, flags [none], proto UDP (17), length 106) 10.15.1.101.domain > dp4400-acm.sample.local.54907: [udp sum ok] 48674* q: PTR? 11.x.x.x.IN-ADDR.ARPA. 1/0/0 11.x.x.x.IN-ADDR.ARPA. [1h] PTR dp4400-acm.sample.local. (78) 01:20:01.378905 IP (tos 0x0, ttl 64, id 4346, offset 0, flags [DF], proto UDP (17), length 69) dp4400-acm.sample.local.55796 > 10.15.1.101.domain: [bad udp cksum 0x16d0 -> 0x948b!] 47726+ ANY? dp4400-acm.sample.local. (41) 01:20:01.379318 IP (tos 0x0, ttl 128, id 4476, offset 0, flags [DF], proto UDP (17), length 85) 10.15.1.101.domain > dp4400-acm.sample.local.55796: [udp sum ok] 47726* q: ANY? dp4400-acm.sample.local. 1/0/0 dp4400-acm.sample.local. [1h] A 10.15.1.11 (57) 01:20:06.393279 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.15.1.101 tell dp4400-acm.sample.local, length 28 01:20:06.394227 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.15.1.101 is-at 00:0c:29:6f:47:b6 (oui Unknown), length 46