Re: resolv.conf misbehaving
Hi, O.k guys, I think I sorted it out. I can do both forward and reverse lookups now. My life is normal again ... Pascal, you remind me of my maths teacher in high school ... very stern and to the point ... :) ... In the end I had to pay attention (again) to DHCP ... like many of you suggested ... It would appear as if DHCP is "stronger" than other users of resolv.conf and it has the last say as to what goes into resolv.conf ... by reading (a few times) the suggestions on this thread I finally did something right (don't even ask, cause I can't remember, was watching NASCAR while doing it ) ... Once again, thanks to all Have a nice day Danny On Feb 24 14, Pascal Hambourg : > To: debian-user@lists.debian.org > Date: Mon, 24 Feb 2014 22:46:23 +0100 > From: Pascal Hambourg > Subject: Re: resolv.conf misbehaving > User-Agent: Thunderbird 2.0.0.21 (Windows/20090302) > X-Loop: debian-user@lists.debian.org > > Danny a écrit : > > > >> Warning : this setup is wrong and may not work as you expect. All listed > >> nameservers should be equivalent. Multiple nameservers are only for > >> redundancy, not to provide multiple sources. > >> > >> If you query the first server for an information out of its scope, it > >> may reply negatively (status: NXDOMAIN or NOERROR, ANSWER: 0) and the > >> next server won't be queried. So in the end you won't get your answer. > > > > However, what would be the point of giving resolv.conf multiple nameserver > > options then > > I wrote it : redundancy. > > > if one cannot "force" (for lack of > > a better word) it, or even arbitrarily change the order in which servers > > can be > > queried? > > You can force or change the order of the nameservers. /etc/resolv.conf > even has an option "rotate" to do round-robin among the listed > nameservers. What you cannot do is expect the current resolver library to : > - ask a given nameserver for a given type of queries (e.g. "external > names"), and another nameserver for another given type of queries (e.g. > "internal names") ; > - ask the next nameserver if the previous nameserver replied that the > requested name does not exist or does not have a resource record for the > requested type (aka negative answer). > > > The setup I had (Debian 3.0) worked. Unfortunately smart devices and more > > wireless laptops demanded attention. So I upgraded (clean install) to Debian > > 7.0. All I want to do is for all wireless devices to get DHCP from Debian > > (not > > the router) and query Debian (not the router) for name resolution. Simple as > > that. > > Why then are you messing with the router's nameserver ? > > If you need to resolve both internal and external names, I suggest that > you query only the Debian nameserver and configure it to reply to > recursive queries, either by itself or by forwarding them to the > router's nameserver. > > > -- > To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org > Archive: http://lists.debian.org/530bbdaf.3090...@plouf.fr.eu.org -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140226063219.GC4113@fever.havannah.local
Re: resolv.conf misbehaving
On Feb 25, 2014, at 9:12 AM, Patrick Ouellette wrote: > > Sounds like what you really want is for your local nameserver to forward the > query if it doesn't have the answer. It might be helpful to look at the > forwarders option for named.conf. > > resolv.conf would just need your local name server then. > > Pat Pat's correct. That's the proper way to do what you want. If you like, you can have two forwarding server (for redundancy in case of failure of the primary server). A good way to do that is with the dnsmasq package. It provides both DNS (forwarding if you configure it) and DHCP. Configuration is remarkably easy -- it uses /etc/hosts and /etc/ethers as input. The ISC dhcp server is much more flexible, but (as a consequence) takes a lot of configuring. Dnsmasq is *way* easier. Rick -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/5356b738-16bb-4149-be81-f83eb79ed...@pobox.com
Re: resolv.conf misbehaving
Sounds like what you really want is for your local nameserver to forward the query if it doesn't have the answer. It might be helpful to look at the forwarders option for named.conf. resolv.conf would just need your local name server then. Pat -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140225171237.gb5...@flying-gecko.net
Re: resolv.conf misbehaving
Danny a écrit : > >> Warning : this setup is wrong and may not work as you expect. All listed >> nameservers should be equivalent. Multiple nameservers are only for >> redundancy, not to provide multiple sources. >> >> If you query the first server for an information out of its scope, it >> may reply negatively (status: NXDOMAIN or NOERROR, ANSWER: 0) and the >> next server won't be queried. So in the end you won't get your answer. > > However, what would be the point of giving resolv.conf multiple nameserver > options then I wrote it : redundancy. > if one cannot "force" (for lack of > a better word) it, or even arbitrarily change the order in which servers can > be > queried? You can force or change the order of the nameservers. /etc/resolv.conf even has an option "rotate" to do round-robin among the listed nameservers. What you cannot do is expect the current resolver library to : - ask a given nameserver for a given type of queries (e.g. "external names"), and another nameserver for another given type of queries (e.g. "internal names") ; - ask the next nameserver if the previous nameserver replied that the requested name does not exist or does not have a resource record for the requested type (aka negative answer). > The setup I had (Debian 3.0) worked. Unfortunately smart devices and more > wireless laptops demanded attention. So I upgraded (clean install) to Debian > 7.0. All I want to do is for all wireless devices to get DHCP from Debian (not > the router) and query Debian (not the router) for name resolution. Simple as > that. Why then are you messing with the router's nameserver ? If you need to resolve both internal and external names, I suggest that you query only the Debian nameserver and configure it to reply to recursive queries, either by itself or by forwarding them to the router's nameserver. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/530bbdaf.3090...@plouf.fr.eu.org
RE: resolv.conf misbehaving
Hi Danny,
> My apologies, I must have missed your reply
>
>> Warning : this setup is wrong and may not work as you expect. All
>> listed nameservers should be equivalent. Multiple nameservers are only
>> for redundancy, not to provide multiple sources.
>>
>> If you query the first server for an information out of its scope, it
>> may reply negatively (status: NXDOMAIN or NOERROR, ANSWER: 0) and the
>> next server won't be queried. So in the end you won't get your answer.
>
> However, what would be the point of giving resolv.conf multiple nameserver
> options then (if I understand you correctly), if one cannot "force" (for lack
> of a better word) it, or even arbitrarily change the order in which servers
> can
> be queried? So it would be absolutely pointless in even trying?
Multiple dns servers are for REDUNDANCY. So if one fails and is no longer
available you will automatically use the next one available.
> The setup I had (Debian 3.0) worked. Unfortunately smart devices and more
> wireless
> laptops demanded attention.So I upgraded (clean install) to Debian 7.0. All I
> want to
> do is for all wireless devices to get DHCP from Debian (not the router) and
> query
> Debian (not the router) for name resolution. Simple as that.
Ok, so
1: Make sure to either disable DHCP in the router or make sure the router
cannot answer those devices
2: Enable DHCP (isc-dhcp-server) on your linux machine
3: in the /etc/dhcp/dhcp.conf file have a line that points to the proper dns
server
Me, I have a linux box conneted to the LAN and the and the router on the same
NIC. Internally I use 172.16.17.0/24 and my router is on 192.168.178.1
In my /etc/dhcp/dhcpd.conf file I have:
#network definition
shared-network internal.xxx.xx. {
subnet 172.16.17.0 netmask 255.255.255.0 {
option routers 172.16.17.1;
option domain-name-servers 172.16.17.1, 194.109.104.104;
option ntp-servers 172.16.17.1;
range 172.16.17.20 172.16.17.39;
range dynamic-bootp 172.16.17.40 172.16.17.45;
default-lease-time 86400; # one day
max-lease-time 172800; # two days
}
subnet 192.168.178.0 netmask 255.255.255.0 {
}
}
This provides all information to the clients. If you want the router to handle
all the traffic directly and not via the linux machine then change the "option
routers ..." line. But...
If you want it all in one network range then change that part of the setup too.
For me, my linux box routes between several segments which my ISP router knows
nothing about, which is why it is the default route for my network. Also, it is
why I run my own dns server. Because there I CAN tell it where to look for the
proper information if it is not available on the default "internet" dns servers.
Bonno Bloksma
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/89d1798a7351d040b4e74e0a043c69d775194...@hglexch-01.tio.nl
Re: resolv.conf misbehaving
Hi, My apologies, I must have missed your reply > Warning : this setup is wrong and may not work as you expect. All listed > nameservers should be equivalent. Multiple nameservers are only for > redundancy, not to provide multiple sources. > > If you query the first server for an information out of its scope, it > may reply negatively (status: NXDOMAIN or NOERROR, ANSWER: 0) and the > next server won't be queried. So in the end you won't get your answer. However, what would be the point of giving resolv.conf multiple nameserver options then (if I understand you correctly), if one cannot "force" (for lack of a better word) it, or even arbitrarily change the order in which servers can be queried? So it would be absolutely pointless in even trying? I think I am missing something somewhere, previously (Debian 3.0 and even later) one could add multiple nameservers in resolv.conf and the list would be queried one at a time if an ANSWER SECTION could not be obtained from the previous one. I fail to understand then the reasoning for "limiting" resolv.conf (and everything associated with it). I am no expert (by a long way) when it comes to any sort of DNS, but you don't need to be a Doctor to know when someone is ill. The setup I had (Debian 3.0) worked. Unfortunately smart devices and more wireless laptops demanded attention. So I upgraded (clean install) to Debian 7.0. All I want to do is for all wireless devices to get DHCP from Debian (not the router) and query Debian (not the router) for name resolution. Simple as that. I appreciate your input. Thank You Danny -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140224132600.GA7788@fever.havannah.local
Re: resolv.conf misbehaving
Danny a écrit : > > "resolv.conf" now has both the router and Debian as nameservers automatically. > > e can now do "dig fever.havannah.local" and it resolves correctly. It queries > the Debian (10.0.0.5) server by default, which I want. > > However, if I do "dig -x 10.0.0.5" (the Debian server which is > fever.havannah.local) it fails to resolve simply because it queries the router > (10.0.0.2) instead of the Debian server which is 10.0.0.5. It is not even > making > attempts to query the Debian server. > > But if I force dig with "dig @10.0.0.5 -x 10.0.0.5" it resolves correctly. > > Is it because 10.0.0.2 (router) is pushed into resolv.conf first? > > Any pointers? My previous reply explains what's wrong. I warned you. This setup is fundamentally flawed. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/530a4ac5.8000...@plouf.fr.eu.org
Re: resolv.conf misbehaving
Hi Guys,
Looks like it was a combination of a few things.
First of all (according to man "resolvconf") I had to add "dns-" hooks to
/etc/network/interfaces.
DHCP was also a little problem (like some of you pointed out).
"resolv.conf" now has both the router and Debian as nameservers automatically.
e can now do "dig fever.havannah.local" and it resolves correctly. It queries
the Debian (10.0.0.5) server by default, which I want.
However, if I do "dig -x 10.0.0.5" (the Debian server which is
fever.havannah.local) it fails to resolve simply because it queries the router
(10.0.0.2) instead of the Debian server which is 10.0.0.5. It is not even making
attempts to query the Debian server.
But if I force dig with "dig @10.0.0.5 -x 10.0.0.5" it resolves correctly.
Is it because 10.0.0.2 (router) is pushed into resolv.conf first?
Any pointers?
fever.havannah.local= 10.0.0.5= Debian
router.havannah.local = 10.0.0.2= router
Here is my reverse lookup file (db.10.0.0):
#
;
; BIND reverse data file
;
$TTL604800
@ IN SOA fever.havannah.local. root.havannah.local. (
2014022314 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
IN NS fever.havannah.local.
2 IN PTR zombie.havannah.local.
5 IN PTR fever.havannah.local.
6 IN PTR shotgun.havannah.local.
#
Here is my forward lookup file (db.havannah.local)
#
;
; BIND data file for local loopback interface
;
$TTL604800
@ IN SOA fever.havannah.local. root.havannah.local (
2014022912 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS fever.havannah.local.
@ IN MX 10 fever.havannah.local.
zombie IN A 10.0.0.2
fever IN A 10.0.0.5
shotgun IN A 10.0.0.6
#
And here is my dhcpd.conf file
#
option subnet-mask 255.255.255.0;
#
# Sample configuration file for ISC dhcpd for Debian
#
#
# The ddns-updates-style parameter controls whether or not the server will
# attempt to do a DNS update when a lease is confirmed. We default to the
# behavior of the version 2 packages ('none', since DHCP v2 didn't
# have support for DDNS.)
ddns-update-style none;
# option definitions common to all supported networks...
option domain-name "havannah.local";
option domain-name-servers 10.0.0.5, 10.0.0.2;
default-lease-time 600;
max-lease-time 7200;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
#authoritative;
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;
# No service will be given on this subnet, but declaring it helps the
# DHCP server to understand the network topology.
# fever
subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.101 10.0.0.200;
option routers 10.0.0.5 , 10.0.0.2;
option domain-name-servers 10.0.0.5 , 10.0.0.2;
}
#
Thanks guys for helping
Danny
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20140223184721.GA4825@fever.havannah.local
Re: resolv.conf misbehaving
Hello, Danny a écrit : > > However, I have noticed that my resolv.conf gets overwritten by something > after > every reboot. The Debian server resolves all local (internal) addresses and > the > ADSL router resolves all external addresses. > > Normally my resolv.conf looked like this > > nameserver 10.0.0.2 (ADSL router) > nameserver 10.0.0.5 (Debian server to resolve local addresses) Warning : this setup is wrong and may not work as you expect. All listed nameservers should be equivalent. Multiple nameservers are only for redundancy, not to provide multiple sources. If you query the first server for an information out of its scope, it may reply negatively (status: NXDOMAIN or NOERROR, ANSWER: 0) and the next server won't be queried. So in the end you won't get your answer. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5309d94d.9000...@plouf.fr.eu.org
Re: resolv.conf misbehaving
2014-02-20 16:17 GMT+01:00 Danny : > Hi guys, > > The past weekend I upgraded from Debian v3.0 to the latest Debian stable > (7.0 or > something) ... (wish I never did) ... > > However, I have noticed that my resolv.conf gets overwritten by something > after > every reboot. The Debian server resolves all local (internal) addresses > and the > ADSL router resolves all external addresses. > > Normally my resolv.conf looked like this > > nameserver 10.0.0.2 (ADSL router) > nameserver 10.0.0.5 (Debian server to resolve local addresses) > > Now it get's overwritten with : > > nameserver 10.0.0.2 > > I need to reslove both local and external addresses. At the moment I have > to > manually add the 10.0.0.5 into the resolv.conf file after rebooting. > > Any help or pointers? If you are in a hurry, a quick and really dirty trick is to write your custom resolv.conf and add the immutable attribute to it using chattr :-) You probably want to get rid of those many programs which write continuosly resolv.conf and use /etc/network/interfaces dns-nameservers r/
Re: resolv.conf misbehaving
On 02/20/2014 11:28 AM, Patrick Ouellette wrote: > Welcome to the (un)helpful world of "let me do that for you because it is > easier" aka networkmanager and/or resolvconf. > > You will need to either update your /etc/network/interfaces entry for the > server or edit /etc/resolvconf/resolv.conf.d/base > > Pat I have debian Jessie, and no resolvconf package installed. I have /etc/resolvconf/ but only 1 file under that, update-libc.d my /etc/resolv.conf says: # Generated by NetworkManager -- Paul Cartwright Registered Linux User #367800 and new counter #561587 -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/53064c9f.5030...@gmail.com
Re: resolv.conf misbehaving
On 20/02/14 15:17, Danny wrote:
Hi guys,
The past weekend I upgraded from Debian v3.0 to the latest Debian stable (7.0 or
something) ... (wish I never did) ...
However, I have noticed that my resolv.conf gets overwritten by something after
every reboot. The Debian server resolves all local (internal) addresses and the
ADSL router resolves all external addresses.
Normally my resolv.conf looked like this
nameserver 10.0.0.2 (ADSL router)
nameserver 10.0.0.5 (Debian server to resolve local addresses)
Now it get's overwritten with :
nameserver 10.0.0.2
Its is probably dbclient doing it. I had the same problem
Take a look at man dbclient.conf, and especially the prepend statement.
I initially had the prepend at a global level but it wasn't working.
Instead I followed the example in the man page and placed inside an
interface "eth0" {
...
prepend domain-name-servers 10.0.0.5
}
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/5306496a.6090...@chandlerfamily.org.uk
Re: resolv.conf misbehaving
On Thu, Feb 20, 2014 at 05:17:22PM +0200, Danny wrote: > > Hi guys, > > The past weekend I upgraded from Debian v3.0 to the latest Debian stable (7.0 > or > something) ... (wish I never did) ... > > However, I have noticed that my resolv.conf gets overwritten by something > after > every reboot. The Debian server resolves all local (internal) addresses and > the > ADSL router resolves all external addresses. > > Normally my resolv.conf looked like this > > nameserver 10.0.0.2 (ADSL router) > nameserver 10.0.0.5 (Debian server to resolve local addresses) > > Now it get's overwritten with : > > nameserver 10.0.0.2 > > I need to reslove both local and external addresses. At the moment I have to > manually add the 10.0.0.5 into the resolv.conf file after rebooting. > > Any help or pointers? > > Welcome to the (un)helpful world of "let me do that for you because it is easier" aka networkmanager and/or resolvconf. You will need to either update your /etc/network/interfaces entry for the server or edit /etc/resolvconf/resolv.conf.d/base Pat -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140220162806.ga5...@flying-gecko.net
Re: resolv.conf misbehaving
On 20/02/2014 10:17, Danny wrote: > Hi guys, > > The past weekend I upgraded from Debian v3.0 to the latest Debian stable (7.0 > or > something) ... (wish I never did) ... > > However, I have noticed that my resolv.conf gets overwritten by something > after > every reboot. The Debian server resolves all local (internal) addresses and > the > ADSL router resolves all external addresses. > > Normally my resolv.conf looked like this > > nameserver 10.0.0.2 (ADSL router) > nameserver 10.0.0.5 (Debian server to resolve local addresses) > > Now it get's overwritten with : > > nameserver 10.0.0.2 > > I need to reslove both local and external addresses. At the moment I have to > manually add the 10.0.0.5 into the resolv.conf file after rebooting. > > Any help or pointers? > > Thank You > > Danny > > If you're using DHCP and the router is the DHCP server, then you will (by default) only get the nameserver(s) that the DHCP server pushes (i.e. the router). If you're allowed to reconfig your router (depends on the ISP), then tell it to push out your DNS server instead of the router (and work with that DNS server for everything then). This is (almost) what I did at home, except that I turned off DHCP on the router, and have DNS/DHCP running from an internal server (it pushes itself, and then Open DNS). If you're not allowed to reconfig the router, then you should be able to add the additional nameserver via /etc/network/interfaces (even if you're still using DHCP addresses), so that the resolveconf package can properly generate the resolv.conf file on startup. Though, I admit -Dan -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5306342b.7060...@djph.net
Re: resolv.conf misbehaving
On Thu, Feb 20, 2014 at 05:17:22PM +0200, Danny wrote: > Hi guys, > > The past weekend I upgraded from Debian v3.0 to the latest Debian stable (7.0 > or > something) ... (wish I never did) ... The correct way to upgrade is, unfortunately, 3.0->4.0->5.0->6.0->7.0->7.4. If you went from 3.0 straight to 7.0 and this is the worst of your problems, you're lucky. > > However, I have noticed that my resolv.conf gets overwritten by something > after > every reboot. The Debian server resolves all local (internal) addresses and > the > ADSL router resolves all external addresses. > > Normally my resolv.conf looked like this > > nameserver 10.0.0.2 (ADSL router) > nameserver 10.0.0.5 (Debian server to resolve local addresses) > > Now it get's overwritten with : > > nameserver 10.0.0.2 > > I need to reslove both local and external addresses. At the moment I have to > manually add the 10.0.0.5 into the resolv.conf file after rebooting. > > Any help or pointers? If the file /etc/resolv.conf is a symlink, then it's possible that the package "resolvconf" is updating it. In that case, you can add "dns-nameservers 10.0.0.2 10.0.0.5" to your interface stanza in /etc/network/interfaces. signature.asc Description: Digital signature
Re: resolv.conf misbehaving
Danny wrote: > However, I have noticed that my resolv.conf gets overwritten by something > after > every reboot. apt-get purge resolvconf Grüße, S° -- Sigmentation fault. Core dumped. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/0af7uvlih...@mids.svenhartge.de
resolv.conf misbehaving
Hi guys, The past weekend I upgraded from Debian v3.0 to the latest Debian stable (7.0 or something) ... (wish I never did) ... However, I have noticed that my resolv.conf gets overwritten by something after every reboot. The Debian server resolves all local (internal) addresses and the ADSL router resolves all external addresses. Normally my resolv.conf looked like this nameserver 10.0.0.2 (ADSL router) nameserver 10.0.0.5 (Debian server to resolve local addresses) Now it get's overwritten with : nameserver 10.0.0.2 I need to reslove both local and external addresses. At the moment I have to manually add the 10.0.0.5 into the resolv.conf file after rebooting. Any help or pointers? Thank You Danny -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140220151722.GB10812@fever.havannah.local
