[CentOS] DNS in CentOS
Les Mikesell
lesmikesell at gmail.com
Fri Apr 4 05:47:22 UTC 2008
vincenzo romero wrote:
> thank you again, more clarification, if anyone can pls shed light ...
>
>> That happens anyway if the forwarder is not authoritative - that is, the
>> forwarder will act as a caching proxy.
>
> ok - so my lab.company.com is authoritative, so it should keep a copy
> of company.com's information then and be able to respond to queries
> even within the domain of company.com?
Yes, if a server is configured as primary or seconday for a zone it will
reply directly without asking anyone else.
>> It's not really polite to send private IP reverse lookups to the public
>> root servers, but I suppose millions of places do...
>
> i'm sorry, but how do i configure (or any pointer pls?) so that I do
> not point to the public root servers? i just followed templates;
> whereas, the company.com DNS, I was not the one who configured it.
Configure your servers as primary or secondary for the reverse zones of
all the private ranges you use (nn.nn.nn.IN-ADDR.ARPA).
> I think the issues I have encountered are less now....
> My questions.
>
> 1. From my lab.company.com DNS server - do I need to update my
> /etc/resolv.conf file so that it shows:
>
> search lab.company.com company.com
> nameserver 192.168.17.2
> nameserver 10.100.1.24
The 'search' applies to lookups from clients on that particular machine
where a bare host name is requested.
> 2. With the above /etc/resolv.conf I can ping forward and backwards
> hosts, except - reverse lookup to host within company.com's domain
> still shows the root servers .. :(
If you aren't primary/secondary, it walks down following referrals from
the root servers. For private ranges you won't get the right answer
because they aren't delegated.
> 3. Strangest and confusing, is performing nslookup FROM
> lab.company.com's DNS server :
>
> a. responds to nslookup company.com:
> nslookup 192.168.17.1
> Server: 127.0.0.1
> Address: 127.0.0.1#53
>
> 1.17.168.192.in-addr.arpa name = qatest1.lab.maxiscale.com.
>
> [root at myhost named]# nslookup maxiscale.com
> Server: 127.0.0.1
> Address: 127.0.0.1#53
> Non-authoritative answer:
> Name: company.com
> Address: 10.100.1.24
>
> BUT it can't find an answer for ITS OWN domain:
>
> nslookup lab.company.com
> Server: 127.0.0.1
> Address: 127.0.0.1#53
>
> *** Can't find lab.company.com: No answer
Usually the origin of the zone has A and NS records in the parent zone.
--
Les Mikesell
lesmikesell at gmail.com
More information about the CentOS
mailing list