Re: [pfSense] Dynamic DNS and Route 53

Wed, 11 Mar 2015 05:49:07 -0700 

On 11/03/2015 10:09, Tiernan OToole wrote:



Any tips on checking this properly? How can i see what is being sent 
and received from the server?




I don't know about that (tcpdump perhaps), but here's how to check 
what's published in the DNS:


$ dig +trace @8.8.8.8 tiernanotoolephotography.com. a

; <<>> DiG 9.8.3-P1 <<>> +trace @8.8.8.8 tiernanotoolephotography.com. a
; (1 server found)
;; global options: +cmd
.            2466    IN    NS    l.root-servers.net.
.            2466    IN    NS    h.root-servers.net.
.            2466    IN    NS    k.root-servers.net.
.            2466    IN    NS    i.root-servers.net.
.            2466    IN    NS    g.root-servers.net.
.            2466    IN    NS    j.root-servers.net.
.            2466    IN    NS    d.root-servers.net.
.            2466    IN    NS    a.root-servers.net.
.            2466    IN    NS    f.root-servers.net.
.            2466    IN    NS    b.root-servers.net.
.            2466    IN    NS    m.root-servers.net.
.            2466    IN    NS    e.root-servers.net.
.            2466    IN    NS    c.root-servers.net.
;; Received 228 bytes from 8.8.8.8#53(8.8.8.8) in 51 ms

com.            172800    IN    NS    a.gtld-servers.net.
com.            172800    IN    NS    b.gtld-servers.net.
com.            172800    IN    NS    c.gtld-servers.net.
com.            172800    IN    NS    d.gtld-servers.net.
com.            172800    IN    NS    e.gtld-servers.net.
com.            172800    IN    NS    f.gtld-servers.net.
com.            172800    IN    NS    g.gtld-servers.net.
com.            172800    IN    NS    h.gtld-servers.net.
com.            172800    IN    NS    i.gtld-servers.net.
com.            172800    IN    NS    j.gtld-servers.net.
com.            172800    IN    NS    k.gtld-servers.net.
com.            172800    IN    NS    l.gtld-servers.net.
com.            172800    IN    NS    m.gtld-servers.net.
;; Received 506 bytes from 192.203.230.10#53(192.203.230.10) in 33 ms

tiernanotoolephotography.com. 172800 IN    NS ns-99.awsdns-12.com.
tiernanotoolephotography.com. 172800 IN    NS ns-718.awsdns-25.net.
tiernanotoolephotography.com. 172800 IN    NS ns-1318.awsdns-36.org.
tiernanotoolephotography.com. 172800 IN    NS ns-1983.awsdns-55.co.uk.
;; Received 214 bytes from 192.31.80.30#53(192.31.80.30) in 119 ms

tiernanotoolephotography.com. 300 IN    A    79.97.100.91
tiernanotoolephotography.com. 172800 IN    NS ns-1318.awsdns-36.org.
tiernanotoolephotography.com. 172800 IN    NS ns-1983.awsdns-55.co.uk.
tiernanotoolephotography.com. 172800 IN    NS ns-718.awsdns-25.net.
tiernanotoolephotography.com. 172800 IN    NS ns-99.awsdns-12.com.
;; Received 198 bytes from 205.251.197.38#53(205.251.197.38) in 6 ms


So to eliminate any local DNS caching as an issue, you should ask one of 
the four servers which is authoritative for your domain for the answer.


$ dig +short +norec @ns-99.awsdns-12.com. tiernanotoolephotography.com. a
79.97.100.91


This seems to match what you were expecting, so it appears to have 
worked now.



If you have a client which is still resolving to the old address then 
flush its cache, and check there's no static "hosts" entry.


For OSX clients, you can flush their DNS cache like this:
sudo killall -HUP mDNSResponder


For Linux clients running nscd, even restarting nscd won't flush the 
cache. You need to do:

nscd --invalidate=hosts

For Windows clients, best to just reboot them :-)

Regards,

Brian.

_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold






















					Reply via email to