[Cialug] Cialug Digest, Vol 101, Issue 11
kristau
kristau at gmail.com
Sat Sep 21 19:23:59 CDT 2013
Pro Tip: For a small number of *NIX like systems (Mac, CentOS, Ubuntu,
etc.) it may be easier to set up cron jobs to synchronize your /etc/hosts
file from an "authoritative" system out to all the "client" systems using
rsync.
If, however, your goal is to learn DNS inside and out, then pick up the
O'Reilly DNS and BInd book (http://shop.oreilly.com/product/9780596100575.do)
and start digging!
On Sat, Sep 21, 2013 at 11:14 PM, L. V. Lammert <lvl at omnitec.net> wrote:
> On Sat, 21 Sep 2013, L. V. Lammert wrote:
>
> > On Sat, 21 Sep 2013, Moder John II Lee wrote:
> >
> > > Lee, thank you for your explanation. I think I am beginning to
> understand.
> > >
> > That's great! I deal with it all the time, and have to keep kicking
> myself
> > when I figure out a problem for which I should have KNOWN the answer.
> >
> > > I don't do a lot of server work, but the systems that I do work on all
> > > tend to function this way, so you are saying that they all have a split
> > > horizon DNS setup on them?
> > >
> > The main points to remember:
> >
> > * The hosts file overrides any DNS lookup, on ALL platforms.
> [Sorry, sent accidentally before finished.]
>
> * DNS queries will always to go the authoritative host of record;
> * Careful inspection of a dig will verify the authoritative servers.
> * Veriy configured servers with whois.
>
> If you DO need to run a local zone [offnet], either use host entries
> (works on all platforms), or a split horizon DNS server such as dnsmasq.
>
> > Does Microsoft do this natively,
> >
> The big difference with MS is that they do their OWN DNS, canned a
> "Domain", internally to the MS network. It can be a royal PAIN to predict
> what exactly will happen when you want a real DNS query in a MS network
> and happen to use a domain name that MS thinks their server owns.
>
> > need to "trick" OSX and Linux systems into doing this? I apologize for
> > the naive questions, but one of the reasons I am doing this is to
> > understand it better.
> >
> Clues above, ..
>
> > > So basically you are saying similar to what Ken did, is that I need
> > > to find a way to make OSXSLS1 the SOA for the local net, but I may
> > > need to use something like dnsmasq to trick it to doing so?
> > >
> Not quite; I would not recommend any 'tricks' - they can backfire at
> inopportune moments.
>
> The simles solution is to setu phost entries on your two internal
> machines, no 'real' domain name needed..
>
> > > I am still having a bit of a disconnect though-- On both boxes I get
> the same results--
> > >
> > > When I dig @10.0.1.2 A OSXSLS1.moderetnyre.net. I return the record's
> authority section pointing to OSXSLS1.moderetnyre.net.
> > >
> > > When I dig @10.0.1.2 A CentOS1.moderetnyre.net I return the SOA to
> godaddy.
> > >
> > > My confusion is that in the zone file on OSXSLS1 I have machine (A)
> > > records for both CentOS1, and OSXSLS1. Both record are formatted
> > > identically, outside their unique names/IPs.
> > >
> When you force a dig to the machine, it works the way you expect; the
> difference is that when you run a 'normal' (i.e. unforced) DNS query from
> a machine other than the OSX box, it gets forwarded to the real server.
>
> > > The DNS server on OSXSLS1 is set to accept recursive queries from
> localnets and 10.0.1.0/24.
> > >
> 'Accepting' and being authoritative are separate issues, however. My
> recommendation is to simplify your life and setup hos entries on both
> machine.
>
> Lee
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
--
Tired programmer
Coding late into the night
The core dump follows
More information about the Cialug
mailing list