From Nuclear Physics Group Documentation Pages
Jump to navigationJump to search

Domain Name Servers are how clients are able to get automatic hostname-to-IP-address resolution. Since all servers and clients on our network must be set up with static IP addresses, the settings for DNS are very important for getting communication to function properly. Currently, einstein and roentgen are set up as DNS servers. A DNS server is setup with named see named

Server Configuration

The related RPMs installed on einstein are:

includes DNS server, named
utilities for querying DNS servers about host information
libraries used by the bind server and utils package
config files for a simple caching nameserver

Client Configuration

The important config files are /etc/host.conf, /etc/hosts, and /etc/resolv.conf. The information in these files can also be safely editied via the graphical system-config-network program.

Defines the oder in which the client will search for hostname resolution. This typically contains only order hosts,bind, which means to first check the "hosts" file, then try bind to a DNS server and get the answer there.
Contains a list of IP addresses and their associated hostnames. This typically constains info for localhost, einstein, and the machine's own hostname(s).
Contains the subnet to search and a list of DNS servers' IP addresses. For systems with connections to the farm network the search path should be farm.physics.unh.edu unh.edu, and unh.edu for systems only connected to the UNH network. The DNS server IPs included should be jalapeno and tomato. Workstations without a farm connection can also use one or more of UNH's DNS servers as a backup. These are,,, and

Long DNS packets and EDNS0

This is complicated stuff that can be causing trouble when behind a firewall. See DNS EDNS0 and Firewalls. Or MS Knowledge base [1]

Aaron's email

Why was I looking into this? Because Bill couldn't send mail to his lawyers @fr.com . It may have caused minor problems with other domains, but most of those "Name service error" entries in the mail log are for " fr.com". I think that this is the real problem that was behind the DNS problems back in July.

The evidence: $ dig -t mx @ fr.com +short +bufsize=4096 vs $ dig -t mx @ fr.com +short

The fix: I added the following lines to named.conf on einstein and roentgen:

server { edns no; };
server { edns no; };
server  { edns no; }; 
server { edns no; };

I also added the recommended fix to named.conf on tomato, since it's running bind 9.3: edns-udp-size 512;