Difference between revisions of "DNS"

From Nuclear Physics Group Documentation Pages
Jump to navigationJump to search
Line 1: Line 1:
Domain Name Servers are how clients are able to get automatic hostname-to-IP-address resolution.  Since all servers and clients on our network must be set up with static IP addresses, the settings for DNS are very important for getting communication to function properly. Currently, [[einstein]] and [[roentgen]] are set up as DNS servers.
+
Domain Name Servers are how clients are able to get automatic hostname-to-IP-address resolution.  Since all servers and clients on our network must be set up with static IP addresses, the settings for DNS are very important for getting communication to function properly. Currently, [[einstein]] and [[roentgen]] are set up as DNS servers. A DNS server is setup with '''named''' see [[named]]
 
==Server Configuration==
 
==Server Configuration==
 
The related RPMs installed on einstein are:
 
The related RPMs installed on einstein are:

Revision as of 21:00, 21 April 2009

Domain Name Servers are how clients are able to get automatic hostname-to-IP-address resolution. Since all servers and clients on our network must be set up with static IP addresses, the settings for DNS are very important for getting communication to function properly. Currently, einstein and roentgen are set up as DNS servers. A DNS server is setup with named see named

Server Configuration

The related RPMs installed on einstein are:

bind.i386
includes DNS server, named
bind-utils.i386
utilities for querying DNS servers about host information
bind-libs.i386
libraries used by the bind server and utils package
caching-nameserver.i386
config files for a simple caching nameserver

Client Configuration

The important config files are /etc/host.conf, /etc/hosts, and /etc/resolv.conf. The information in these files can also be safely editied via the graphical system-config-network program.

/etc/host.conf
Defines the oder in which the client will search for hostname resolution. This typically contains only order hosts,bind, which means to first check the "hosts" file, then try bind to a DNS server and get the answer there.
/etc/hosts
Contains a list of IP addresses and their associated hostnames. This typically constains info for localhost, einstein, and the machine's own hostname(s).
/etc/resolv.conf
Contains the subnet to search and a list of DNS servers' IP addresses. This typically contains "unh.edu farm.physics.unh.edu" along with einstein and roentgen's IP addresses.

Long DNS packets and EDNS0

This is complicated stuff that can be causing trouble when behind a firewall. See DNS EDNS0 and Firewalls. Or MS Knowledge base [1]


Aaron's email

Why was I looking into this? Because Bill couldn't send mail to his lawyers @fr.com . It may have caused minor problems with other domains, but most of those "Name service error" entries in the mail log are for " fr.com". I think that this is the real problem that was behind the DNS problems back in July.

The evidence: $ dig -t mx @132.177.128.99 fr.com +short +bufsize=4096 vs $ dig -t mx @132.177.128.99 fr.com +short

The fix: I added the following lines to named.conf on einstein and roentgen:

server 132.177.128.99 { edns no; };
server 132.177.128.56 { edns no; };
server 132.177.102.2  { edns no; }; 
server 132.177.102.30 { edns no; };

I also added the recommended fix to named.conf on tomato, since it's running bind 9.3: edns-udp-size 512;