Difference between revisions of "DNS"
Line 1: | Line 1: | ||
− | Domain Name Servers are how clients are able to get automatic hostname-to-IP-address resolution. Since all servers and clients on our network must be set up with static IP addresses, the settings for DNS are very important for getting communication to function properly. Currently, [[einstein]] and [[roentgen]] are set up as DNS servers. | + | Domain Name Servers are how clients are able to get automatic hostname-to-IP-address resolution. Since all servers and clients on our network must be set up with static IP addresses, the settings for DNS are very important for getting communication to function properly. Currently, [[einstein]] and [[roentgen]] are set up as DNS servers. A DNS server is setup with '''named''' see [[named]] |
==Server Configuration== | ==Server Configuration== | ||
The related RPMs installed on einstein are: | The related RPMs installed on einstein are: |
Revision as of 21:00, 21 April 2009
Domain Name Servers are how clients are able to get automatic hostname-to-IP-address resolution. Since all servers and clients on our network must be set up with static IP addresses, the settings for DNS are very important for getting communication to function properly. Currently, einstein and roentgen are set up as DNS servers. A DNS server is setup with named see named
Server Configuration
The related RPMs installed on einstein are:
- bind.i386
- includes DNS server, named
- bind-utils.i386
- utilities for querying DNS servers about host information
- bind-libs.i386
- libraries used by the bind server and utils package
- caching-nameserver.i386
- config files for a simple caching nameserver
Client Configuration
The important config files are /etc/host.conf, /etc/hosts, and /etc/resolv.conf. The information in these files can also be safely editied via the graphical system-config-network program.
- /etc/host.conf
- Defines the oder in which the client will search for hostname resolution. This typically contains only
order hosts,bind
, which means to first check the "hosts" file, then try bind to a DNS server and get the answer there. - /etc/hosts
- Contains a list of IP addresses and their associated hostnames. This typically constains info for localhost, einstein, and the machine's own hostname(s).
- /etc/resolv.conf
- Contains the subnet to search and a list of DNS servers' IP addresses. This typically contains "unh.edu farm.physics.unh.edu" along with einstein and roentgen's IP addresses.
Long DNS packets and EDNS0
This is complicated stuff that can be causing trouble when behind a firewall. See DNS EDNS0 and Firewalls. Or MS Knowledge base [1]
Aaron's email
Why was I looking into this? Because Bill couldn't send mail to his lawyers @fr.com . It may have caused minor problems with other domains, but most of those "Name service error" entries in the mail log are for " fr.com". I think that this is the real problem that was behind the DNS problems back in July.
The evidence: $ dig -t mx @132.177.128.99 fr.com +short +bufsize=4096 vs $ dig -t mx @132.177.128.99 fr.com +short
The fix: I added the following lines to named.conf on einstein and roentgen:
server 132.177.128.99 { edns no; }; server 132.177.128.56 { edns no; }; server 132.177.102.2 { edns no; }; server 132.177.102.30 { edns no; };
I also added the recommended fix to named.conf on tomato, since it's running bind 9.3: edns-udp-size 512;