named and resolv.conf configuration

SUSE Linux Enterprise Server SLES Configure-Administer
1

Hello all,

Please forgive my ignorance here.

I have a SLES 11 SP3 host that I have configured the named server on. All seems well from other hosts. I am getting good answers on forward and reverse lookups for internal and external domains. However, from the named server, I am not able to resolve any internal records.

Here is my setup. (Names have been changed)

Domain: customer.domain.com ;This is a valid external domain but we are running it split. We are not resolving queries from outside, only internal queries.
Static address: 10.1.1.7
Secondary Address: 10.1.1.8 ;named bound here. Allows easy portability of the service in the future.
Search Suffix: customer.domain.com
Forwarders: 8.8.8.8 & 4.2.2.2

What I am seeing is that the forwarder and resolv.conf configuration is linked. If I change one, the other will also be changed. I have tracked this to be due to NETCONFIG. My NETCONFIG_DNS_POLICY is currently set to “auto” and the NETCONFIG_DNS_FORWARDER is set to “bind”

In the current state of affairs. If I have the forwarders configured as described, the server will attempt resolution using those public name servers. It will not query its own service.

I guess my question is what is the proper way to flip these switches for things to work properly?

I have found conflicting information that states you should use either 127.0.0.1 or the host IP (10.1.1.8) in this case. I have also found information that indicates that using the host IP will result in a loop. This makes sense because the forwarders would be set to the same address and queries would just go round and round.

I have also read that a named server will query itself by default. If that is the case, I would leave the resolv.conf empty?

What I am kind of expecting is to be able to configure the resolv.conf to use internal DNS services and forwarders to use public name servers for records it knows nothing about.

The internet is a great place however it has confused me at this point. Any help would be appreciated.

Thanks in advance
Wayne

2

My DNS server at home points to itself first with 127.0.0.1, then to the
8.8.8.8 and 8.8.4.4 servers next in /etc/resolv.conf and that seems to be
fine.


Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below…

3

Thanks for the reply. The server I am working with shows the same. However, the resolution fails from the console of the server.

You did give me an idea and it has led me to a realization.

My issue seems to stem from having named bound to a secondary IP address.

If I dig like this:
dig @10.1.1.8 host.customer.domain.com

I will receive a reply.

If I dig like this:
dig @127.0.0.1 host.customer.domain.com

It fails.

Wayne

4

I have resolved this issue. It was a stupid mistake on my part. (Go figure!) :slight_smile:

I just had to add 127.0.0.1 to the listen directive on the name server. I believe the default is { any; }. Since I had added a secondary address specifically for named to listen on I had modified to be the secondary address. However, I neglected to add the local loop back address.

To be perfectly honest, I guess I did not realize that was how the server performed local lookups. Now I know.

Thanks
Wayne

5

It looks as if I may have spoken too soon.

The dig command is the only way I can resolve on the server. If I use ping or host I am getting host not found responses. I guess I will keep digging for answers.

Thanks
Wayne

6

Tried restarting the ‘nscd’ service, or rebooting?


Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below…

7

Hi Wayne, hi ab,

just for the records, from my experience “nscd” caches will persist daemon restarts - use “nscd -i hosts” to flush (“invalidate”) the current “hosts” cache.

Regards,
Jens