Difference between revisions of "DNS"
| (One intermediate revision by one other user not shown) | |||
| Line 1: | Line 1: | ||
| − | Domain Name Servers are how clients are able to get automatic hostname-to-IP-address resolution. Since all servers and clients on our network must be set up with static IP addresses, the settings for DNS are very important for getting communication to function properly. Currently, [[einstein]] and [[roentgen]] are set up as DNS servers. | + | Domain Name Servers are how clients are able to get automatic hostname-to-IP-address resolution. Since all servers and clients on our network must be set up with static IP addresses, the settings for DNS are very important for getting communication to function properly. Currently, [[einstein]] and [[roentgen]] are set up as DNS servers. A DNS server is setup with '''named''' see [[named]] |
==Server Configuration== | ==Server Configuration== | ||
The related RPMs installed on einstein are: | The related RPMs installed on einstein are: | ||
| Line 13: | Line 13: | ||
; /etc/host.conf : Defines the oder in which the client will search for hostname resolution. This typically contains only <code>order hosts,bind</code>, which means to first check the "hosts" file, then try bind to a DNS server and get the answer there. | ; /etc/host.conf : Defines the oder in which the client will search for hostname resolution. This typically contains only <code>order hosts,bind</code>, which means to first check the "hosts" file, then try bind to a DNS server and get the answer there. | ||
; /etc/hosts : Contains a list of IP addresses and their associated hostnames. This typically constains info for localhost, einstein, and the machine's own hostname(s). | ; /etc/hosts : Contains a list of IP addresses and their associated hostnames. This typically constains info for localhost, einstein, and the machine's own hostname(s). | ||
| − | ; /etc/resolv.conf : Contains the subnet to search and a list of DNS servers' IP addresses. | + | ; /etc/resolv.conf : Contains the subnet to search and a list of DNS servers' IP addresses. For systems with connections to the [[farm]] network the search path should be ''farm.physics.unh.edu unh.edu'', and ''unh.edu'' for systems only connected to the UNH network. The DNS server IPs included should be [[jalapeno]] and [[tomato]]. Workstations without a farm connection can also use one or more of UNH's DNS servers as a backup. These are 132.177.128.99, 132.177.102.2, 132.177.102.30, and 132.177.128.56. |
== Long DNS packets and EDNS0 == | == Long DNS packets and EDNS0 == | ||
Latest revision as of 19:55, 22 November 2011
Domain Name Servers are how clients are able to get automatic hostname-to-IP-address resolution. Since all servers and clients on our network must be set up with static IP addresses, the settings for DNS are very important for getting communication to function properly. Currently, einstein and roentgen are set up as DNS servers. A DNS server is setup with named see named
Server Configuration
The related RPMs installed on einstein are:
- bind.i386
- includes DNS server, named
- bind-utils.i386
- utilities for querying DNS servers about host information
- bind-libs.i386
- libraries used by the bind server and utils package
- caching-nameserver.i386
- config files for a simple caching nameserver
Client Configuration
The important config files are /etc/host.conf, /etc/hosts, and /etc/resolv.conf. The information in these files can also be safely editied via the graphical system-config-network program.
- /etc/host.conf
- Defines the oder in which the client will search for hostname resolution. This typically contains only
order hosts,bind, which means to first check the "hosts" file, then try bind to a DNS server and get the answer there. - /etc/hosts
- Contains a list of IP addresses and their associated hostnames. This typically constains info for localhost, einstein, and the machine's own hostname(s).
- /etc/resolv.conf
- Contains the subnet to search and a list of DNS servers' IP addresses. For systems with connections to the farm network the search path should be farm.physics.unh.edu unh.edu, and unh.edu for systems only connected to the UNH network. The DNS server IPs included should be jalapeno and tomato. Workstations without a farm connection can also use one or more of UNH's DNS servers as a backup. These are 132.177.128.99, 132.177.102.2, 132.177.102.30, and 132.177.128.56.
Long DNS packets and EDNS0
This is complicated stuff that can be causing trouble when behind a firewall. See DNS EDNS0 and Firewalls. Or MS Knowledge base [1]
Aaron's email
Why was I looking into this? Because Bill couldn't send mail to his lawyers @fr.com . It may have caused minor problems with other domains, but most of those "Name service error" entries in the mail log are for " fr.com". I think that this is the real problem that was behind the DNS problems back in July.
The evidence: $ dig -t mx @132.177.128.99 fr.com +short +bufsize=4096 vs $ dig -t mx @132.177.128.99 fr.com +short
The fix: I added the following lines to named.conf on einstein and roentgen:
server 132.177.128.99 { edns no; };
server 132.177.128.56 { edns no; };
server 132.177.102.2 { edns no; };
server 132.177.102.30 { edns no; };
I also added the recommended fix to named.conf on tomato, since it's running bind 9.3: edns-udp-size 512;
