Re: /etc/resolv.conf with 3 nameservers
On Apr 10, 2006, at 9:54 AM, [EMAIL PROTECTED] wrote: $ cat /etc/resolv.conf domain Sisis.de nameserver 10.0.1.201 nameserver xxx.xxx.xxx.xxx nameserver yyy.yyy.yyy.yyy But only the 1st one (10.0.1.201) is contacted to make the name lookup (I've checked this with trussing a 'ping whatever.domain.com') and if it does not know the addr, while the second one would know it, it does not resolve. Do I miss something? If your nameserver at 10.whatever is returning NXDOMAIN, the resolver has gotten an answer and never asks for a second opinion from other nameservers. Fix your 10.whatever nameserver... -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: /etc/resolv.conf with 3 nameservers
[EMAIL PROTECTED] wrote: El día Monday, April 10, 2006 a las 04:07:34PM +0100, Alex Zbyslaw escribió: There's nothing to stop you configuring that local nameserver to use your two "backups" for names that it cannot resolve. You could then leave the two backups in /etc/resolv.conf but if your local nameserver is authoritative for your local domain, then you probably want to know if it goes away, and those backups won't be able to look up names in your local domain. I'm making some assumptions about why you set things up this way in the first place, and I may be wrong, but there's too little info in your post to give definitive suggestions. The anderlying problem is that we are three companies, now connected through VPN tunnels. Each company runs it's own DNS server internaly and without publicating all its names to Internet. The three DNS are 10.0.1.201 (mine one), xxx.xxx.xxx.xxx and yyy.yyy.yyy.yyy. Any idea? Yes, in the future we will unify the whole zone, but this is not a short term option... Presumably all three ranges have distinct domain names E.g. company1.de company2.de company3.de I am no expert of DNS, but isn't all you need for each "company" to run nameservers which are slaves (secondaries) for the other 2 as well as master of their own? So the nameserver at company1 is master for company1.de and is a slave for company2.de and company3.de etc. Of course, you might want some redundancy in that scenario, with each company running DNS on another server as well, and that one being a slave for all 3 domains. If you don't know enough to do that, I strongly recommend getting the latest edition of O'Reilly "DNS and BIND"; and you should find BIND doc on your FreeBSD system starting in /usr/share/doc/bind9/arm/Bv9ARM.html. Best, --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: /etc/resolv.conf with 3 nameservers
El día Monday, April 10, 2006 a las 04:07:34PM +0100, Alex Zbyslaw escribió: > [EMAIL PROTECTED] wrote: > > >El día Monday, April 10, 2006 a las 10:44:52AM -0400, Ken Stevenson > >escribió: > > > > > > > >>I think the problem is that once your first server responds with a > >>"domain not found", that's considered an answer to your query. It > >>doesn't try another DNS server just to see if it gets a different > >>answer. If you were to disable the DNS server on 10.0.1.201, then it > >>would use xxx.xxx.xxx.xxx or yyy.yyy.yyy.yyy to resolve the query. > >> > >> > > > >Yes, you're right. It is said in (...) that the fall down only works > >on timeout. I did not read carefully enough, stupid as I am. :-( > > > > > There's nothing to stop you configuring that local nameserver to use > your two "backups" for names that it cannot resolve. > > You could then leave the two backups in /etc/resolv.conf but if your > local nameserver is authoritative for your local domain, then you > probably want to know if it goes away, and those backups won't be able > to look up names in your local domain. > > I'm making some assumptions about why you set things up this way in the > first place, and I may be wrong, but there's too little info in your > post to give definitive suggestions. The anderlying problem is that we are three companies, now connected through VPN tunnels. Each company runs it's own DNS server internaly and without publicating all its names to Internet. The three DNS are 10.0.1.201 (mine one), xxx.xxx.xxx.xxx and yyy.yyy.yyy.yyy. Any idea? Yes, in the future we will unify the whole zone, but this is not a short term option... matthias -- Matthias Apitz / Sisis Informationssysteme GmbH ein Tochterunternehmen der OCLC PICA B.V. Leiden (NL) D-82041 Oberhaching, Gruenwalder Weg 28g Fon: +49 89 / 61308-351, Fax: -399, Mobile +49 170 4527211 http://www.sisis.de/~guru/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: /etc/resolv.conf with 3 nameservers
[EMAIL PROTECTED] wrote: El día Monday, April 10, 2006 a las 10:44:52AM -0400, Ken Stevenson escribió: I think the problem is that once your first server responds with a "domain not found", that's considered an answer to your query. It doesn't try another DNS server just to see if it gets a different answer. If you were to disable the DNS server on 10.0.1.201, then it would use xxx.xxx.xxx.xxx or yyy.yyy.yyy.yyy to resolve the query. Yes, you're right. It is said in (...) that the fall down only works on timeout. I did not read carefully enough, stupid as I am. :-( There's nothing to stop you configuring that local nameserver to use your two "backups" for names that it cannot resolve. You could then leave the two backups in /etc/resolv.conf but if your local nameserver is authoritative for your local domain, then you probably want to know if it goes away, and those backups won't be able to look up names in your local domain. I'm making some assumptions about why you set things up this way in the first place, and I may be wrong, but there's too little info in your post to give definitive suggestions. --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: /etc/resolv.conf with 3 nameservers
El día Monday, April 10, 2006 a las 10:44:52AM -0400, Ken Stevenson escribió: > I think the problem is that once your first server responds with a > "domain not found", that's considered an answer to your query. It > doesn't try another DNS server just to see if it gets a different > answer. If you were to disable the DNS server on 10.0.1.201, then it > would use xxx.xxx.xxx.xxx or yyy.yyy.yyy.yyy to resolve the query. Yes, you're right. It is said in (...) that the fall down only works on timeout. I did not read carefully enough, stupid as I am. :-( matthias -- Matthias Apitz / Sisis Informationssysteme GmbH ein Tochterunternehmen der OCLC PICA B.V. Leiden (NL) D-82041 Oberhaching, Gruenwalder Weg 28g Fon: +49 89 / 61308-351, Fax: -399, Mobile +49 170 4527211 http://www.sisis.de/~guru/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: /etc/resolv.conf with 3 nameservers
[EMAIL PROTECTED] wrote: Hi, The man page of resolv.conf claims: The different configuration options are: nameserver Internet address (in dot notation) of a name server that the resolver should query. Up to MAXNS (currently 3) name servers may be listed, one per keyword I've three DNS server in my /etc/resolv.conf in 6.0-REL: $ cat /etc/resolv.conf domain Sisis.de nameserver 10.0.1.201 nameserver xxx.xxx.xxx.xxx nameserver yyy.yyy.yyy.yyy But only the 1st one (10.0.1.201) is contacted to make the name lookup (I've checked this with trussing a 'ping whatever.domain.com') and if it does not know the addr, while the second one would know it, it does not resolve. Do I miss something? Thx matthias I think the problem is that once your first server responds with a "domain not found", that's considered an answer to your query. It doesn't try another DNS server just to see if it gets a different answer. If you were to disable the DNS server on 10.0.1.201, then it would use xxx.xxx.xxx.xxx or yyy.yyy.yyy.yyy to resolve the query. -- Ken Stevenson Allen-Myland Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
/etc/resolv.conf with 3 nameservers
Hi, The man page of resolv.conf claims: The different configuration options are: nameserver Internet address (in dot notation) of a name server that the resolver should query. Up to MAXNS (currently 3) name servers may be listed, one per keyword I've three DNS server in my /etc/resolv.conf in 6.0-REL: $ cat /etc/resolv.conf domain Sisis.de nameserver 10.0.1.201 nameserver xxx.xxx.xxx.xxx nameserver yyy.yyy.yyy.yyy But only the 1st one (10.0.1.201) is contacted to make the name lookup (I've checked this with trussing a 'ping whatever.domain.com') and if it does not know the addr, while the second one would know it, it does not resolve. Do I miss something? Thx matthias -- Matthias Apitz / Sisis Informationssysteme GmbH ein Tochterunternehmen der OCLC PICA B.V. Leiden (NL) D-82041 Oberhaching, Gruenwalder Weg 28g Fon: +49 89 / 61308-351, Fax: -399, Mobile +49 170 4527211 http://www.sisis.de/~guru/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"