Re[2]: dns question

Hello Don,

Monday, June 5, 2006, 8:45:37 PM, you wrote:

Ed Greshko wrote:
Don Russell wrote:

I added some information to my named configuration so sendmail could
resolve the reverse look up of the private LAN addresses.... or at least
get an error quickly instead of timing out

In order for this to work, I manually changed /etc/resolv.conf ,
deleting the exisiting nameserver statements, and adding nameserver
127.0.0.1

Works great.... UNTIL the network is restarted and the resolv.conf file
is rewritten.... then the nameserver statements are back to the
addresses from the ISP obtained via DHCP.

So, for an interesting experiment, I reconfigured the dhcp server in my
router (cisco) to not pass the ISP DNS addresses to my server, instead
use 127.0.0.1

Frankly, I wasn't expecting the server to be able to resolve any other
addresses.... but it does....

Why? Seems silly to be asking why something DOES work.... but I don't
understand how it can be resolving names like google.com, ibm.com etc
etc, when it was not told which dns servers to use, other than "ask
yourself"....

What am I missing? ;-)


In your named.conf do you have something like:

zone "." {
type hint;
file "named.root";
};

If so, you have told your DNS server what it needs to do.


Yes, I just looked at that... the file has a different name (named.ca),
but it seems to describe all the root servers....

I gather that means my FC5 box is now using the root servers directly to
resolve addresses instead of "lower", possibly caching, servers.

hmmm, that doesn't sound good... :-( But I'm pretty new to dns details....


IMO, it's a very GOOD thing. Esp. if your ISP is for crap. In that
case, if their DNS server aren't responding, you'll never even know
since your DNS server will resolve things properly.

The downside? Possibly slower resolves, since they are unlikely to be
as heavily cached as the ISP. Also, you have to make sure the DNS
server is configured right. If it isn't, then everything breaks.

But those downsides are pretty smallish IMO.

Different ball of wax if you're actually making that DNS server "auth"
for a DNS zone available on the net though. (You want
better/faster/more reliable connections for that.)

Cheers
-Greg

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Relevant Pages

  • Re: RWW Issue
    ... can resolve this issue: ... | I remote desktop into it. ... | desktop is enabled to allow remote connections. ... | DNS server failed the update request. ...
    (microsoft.public.windows.server.sbs)
  • Re: logonserver
    ... If you demote a DC the name is NOT removed in AD sites and services, this has to be done manual, so what you see is expected because it was still in the site. ... 'Meinolf Weber [MVP-DS Wrote: ... Have you configured a FORWARDER in ALL DNS server properties to your ... get problems when I try to resolve certain domains and as a result I ...
    (microsoft.public.windows.server.networking)
  • Re: Any way to trick DNS?
    ... > has a record called hostname.company.com that replicates to every DC ... > Can we force the DNS server in Site C to search a child domain first ... > and resolve it to 1.2.3.4? ... please direct all replies ONLY to the Microsoft public newsgroup ...
    (microsoft.public.windows.server.dns)
  • RE: Group Policies Events 1030 & 1058
    ... > Microsoft CSS Online Newsgroup Support ... > This newsgroup only focuses on SBS technical issues. ... >>> For I don't know what actions have you done to resolve the issue, ... The IP address for the Primary DNS server must be the internal IP ...
    (microsoft.public.windows.server.sbs)
  • Re: dns question
    ... resolve the reverse look up of the private LAN addresses.... ... addresses from the ISP obtained via DHCP. ... I wasn't expecting the server to be able to resolve any other ... you have told your DNS server what it needs to do. ...
    (Fedora)