Re: [pfSense] Dynamic DNS and Route 53
Thanks for the reply. In the case of the domain below, that was manually set. The domain I wanted updated was checked in the AWS console directly, and still had the old value… I will try modify the php file and see if I can get it to show whats going on. Thanks. --Tiernan From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Moshe Katz Sent: Wednesday 11 March 2015 13:40 To: pfSense support and discussion Subject: Re: [pfSense] Dynamic DNS and Route 53 Just three things to add to what Brian said. For Windows hosts, run ipconfig /flushdns to clear the cache. (You can also use /displaydns to set what's in the cache, but you're going to have to ease through the entire thing so it's probably not worth it.) If you are using Google Chrome (on any platform), you will also need to clear its cache. Go to chrome://net-internals, click DNS, and click the clear button. Finally, the easiest way to see the raw request and response is probably by opening up the PHP file that runs DNS updates and adding a bunch of echo statements. I don't have a pfSense box in front of me at the moment to see which file it is, but I'm guessing it's not too hard to find. Just make sure to remove your changes when you are done. Moshe Sorry for top-posting. Sent from a mobile device. On Mar 11, 2015 8:48 AM, Brian Candler b.cand...@pobox.commailto:b.cand...@pobox.com wrote: On 11/03/2015 10:09, Tiernan OToole wrote: Any tips on checking this properly? How can i see what is being sent and received from the server? I don't know about that (tcpdump perhaps), but here's how to check what's published in the DNS: $ dig +trace @8.8.8.8http://8.8.8.8 tiernanotoolephotography.comhttp://tiernanotoolephotography.com. a ; DiG 9.8.3-P1 +trace @8.8.8.8http://8.8.8.8 tiernanotoolephotography.comhttp://tiernanotoolephotography.com. a ; (1 server found) ;; global options: +cmd .2466INNSl.root-servers.nethttp://l.root-servers.net. .2466INNSh.root-servers.nethttp://h.root-servers.net. .2466INNSk.root-servers.nethttp://k.root-servers.net. .2466INNSi.root-servers.nethttp://i.root-servers.net. .2466INNSg.root-servers.nethttp://g.root-servers.net. .2466INNSj.root-servers.nethttp://j.root-servers.net. .2466INNSd.root-servers.nethttp://d.root-servers.net. .2466INNSa.root-servers.nethttp://a.root-servers.net. .2466INNSf.root-servers.nethttp://f.root-servers.net. .2466INNSb.root-servers.nethttp://b.root-servers.net. .2466INNSm.root-servers.nethttp://m.root-servers.net. .2466INNSe.root-servers.nethttp://e.root-servers.net. .2466INNSc.root-servers.nethttp://c.root-servers.net. ;; Received 228 bytes from 8.8.8.8#53(8.8.8.8) in 51 ms com.172800INNS a.gtld-servers.nethttp://a.gtld-servers.net. com.172800INNS b.gtld-servers.nethttp://b.gtld-servers.net. com.172800INNS c.gtld-servers.nethttp://c.gtld-servers.net. com.172800INNS d.gtld-servers.nethttp://d.gtld-servers.net. com.172800INNS e.gtld-servers.nethttp://e.gtld-servers.net. com.172800INNS f.gtld-servers.nethttp://f.gtld-servers.net. com.172800INNS g.gtld-servers.nethttp://g.gtld-servers.net. com.172800INNS h.gtld-servers.nethttp://h.gtld-servers.net. com.172800INNS i.gtld-servers.nethttp://i.gtld-servers.net. com.172800INNS j.gtld-servers.nethttp://j.gtld-servers.net. com.172800INNS k.gtld-servers.nethttp://k.gtld-servers.net. com.172800INNS l.gtld-servers.nethttp://l.gtld-servers.net. com.172800INNS m.gtld-servers.nethttp://m.gtld-servers.net. ;; Received 506 bytes from 192.203.230.10#53(192.203.230.10) in 33 ms tiernanotoolephotography.comhttp://tiernanotoolephotography.com. 172800 IN NS ns-99.awsdns-12.comhttp://ns-99.awsdns-12.com. tiernanotoolephotography.comhttp://tiernanotoolephotography.com. 172800 IN NS ns-718.awsdns-25.nethttp://ns-718.awsdns-25.net. tiernanotoolephotography.comhttp://tiernanotoolephotography.com. 172800 IN NS ns-1318.awsdns-36.orghttp://ns-1318.awsdns-36.org. tiernanotoolephotography.comhttp://tiernanotoolephotography.com. 172800 IN NS ns-1983.awsdns-55.co.ukhttp://ns-1983.awsdns-55.co.uk. ;; Received 214 bytes from 192.31.80.30#53(192.31.80.30) in 119 ms tiernanotoolephotography.comhttp://tiernanotoolephotography.com. 300 INA 79.97.100.91 tiernanotoolephotography.comhttp://tiernanotoolephotography.com. 172800 IN NS ns-1318.awsdns-36.orghttp://ns-1318.awsdns-36.org. tiernanotoolephotography.comhttp
Re: [pfSense] Dynamic DNS and Route 53
Just three things to add to what Brian said. For Windows hosts, run ipconfig /flushdns to clear the cache. (You can also use /displaydns to set what's in the cache, but you're going to have to ease through the entire thing so it's probably not worth it.) If you are using Google Chrome (on any platform), you will also need to clear its cache. Go to chrome://net-internals, click DNS, and click the clear button. Finally, the easiest way to see the raw request and response is probably by opening up the PHP file that runs DNS updates and adding a bunch of echo statements. I don't have a pfSense box in front of me at the moment to see which file it is, but I'm guessing it's not too hard to find. Just make sure to remove your changes when you are done. Moshe Sorry for top-posting. Sent from a mobile device. On Mar 11, 2015 8:48 AM, Brian Candler b.cand...@pobox.com wrote: On 11/03/2015 10:09, Tiernan OToole wrote: Any tips on checking this properly? How can i see what is being sent and received from the server? I don't know about that (tcpdump perhaps), but here's how to check what's published in the DNS: $ dig +trace @8.8.8.8 tiernanotoolephotography.com. a ; DiG 9.8.3-P1 +trace @8.8.8.8 tiernanotoolephotography.com. a ; (1 server found) ;; global options: +cmd .2466INNSl.root-servers.net. .2466INNSh.root-servers.net. .2466INNSk.root-servers.net. .2466INNSi.root-servers.net. .2466INNSg.root-servers.net. .2466INNSj.root-servers.net. .2466INNSd.root-servers.net. .2466INNSa.root-servers.net. .2466INNSf.root-servers.net. .2466INNSb.root-servers.net. .2466INNSm.root-servers.net. .2466INNSe.root-servers.net. .2466INNSc.root-servers.net. ;; Received 228 bytes from 8.8.8.8#53(8.8.8.8) in 51 ms com.172800INNSa.gtld-servers.net. com.172800INNSb.gtld-servers.net. com.172800INNSc.gtld-servers.net. com.172800INNSd.gtld-servers.net. com.172800INNSe.gtld-servers.net. com.172800INNSf.gtld-servers.net. com.172800INNSg.gtld-servers.net. com.172800INNSh.gtld-servers.net. com.172800INNSi.gtld-servers.net. com.172800INNSj.gtld-servers.net. com.172800INNSk.gtld-servers.net. com.172800INNSl.gtld-servers.net. com.172800INNSm.gtld-servers.net. ;; Received 506 bytes from 192.203.230.10#53(192.203.230.10) in 33 ms tiernanotoolephotography.com. 172800 INNS ns-99.awsdns-12.com. tiernanotoolephotography.com. 172800 INNS ns-718.awsdns-25.net. tiernanotoolephotography.com. 172800 INNS ns-1318.awsdns-36.org. tiernanotoolephotography.com. 172800 INNS ns-1983.awsdns-55.co.uk. ;; Received 214 bytes from 192.31.80.30#53(192.31.80.30) in 119 ms tiernanotoolephotography.com. 300 INA79.97.100.91 tiernanotoolephotography.com. 172800 INNS ns-1318.awsdns-36.org. tiernanotoolephotography.com. 172800 INNS ns-1983.awsdns-55.co.uk. tiernanotoolephotography.com. 172800 INNS ns-718.awsdns-25.net. tiernanotoolephotography.com. 172800 INNS ns-99.awsdns-12.com. ;; Received 198 bytes from 205.251.197.38#53(205.251.197.38) in 6 ms So to eliminate any local DNS caching as an issue, you should ask one of the four servers which is authoritative for your domain for the answer. $ dig +short +norec @ns-99.awsdns-12.com. tiernanotoolephotography.com. a 79.97.100.91 This seems to match what you were expecting, so it appears to have worked now. If you have a client which is still resolving to the old address then flush its cache, and check there's no static hosts entry. For OSX clients, you can flush their DNS cache like this: sudo killall -HUP mDNSResponder For Linux clients running nscd, even restarting nscd won't flush the cache. You need to do: nscd --invalidate=hosts For Windows clients, best to just reboot them :-) Regards, Brian. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Dynamic DNS and Route 53
On 11/03/2015 10:09, Tiernan OToole wrote: Any tips on checking this properly? How can i see what is being sent and received from the server? I don't know about that (tcpdump perhaps), but here's how to check what's published in the DNS: $ dig +trace @8.8.8.8 tiernanotoolephotography.com. a ; DiG 9.8.3-P1 +trace @8.8.8.8 tiernanotoolephotography.com. a ; (1 server found) ;; global options: +cmd .2466INNSl.root-servers.net. .2466INNSh.root-servers.net. .2466INNSk.root-servers.net. .2466INNSi.root-servers.net. .2466INNSg.root-servers.net. .2466INNSj.root-servers.net. .2466INNSd.root-servers.net. .2466INNSa.root-servers.net. .2466INNSf.root-servers.net. .2466INNSb.root-servers.net. .2466INNSm.root-servers.net. .2466INNSe.root-servers.net. .2466INNSc.root-servers.net. ;; Received 228 bytes from 8.8.8.8#53(8.8.8.8) in 51 ms com.172800INNSa.gtld-servers.net. com.172800INNSb.gtld-servers.net. com.172800INNSc.gtld-servers.net. com.172800INNSd.gtld-servers.net. com.172800INNSe.gtld-servers.net. com.172800INNSf.gtld-servers.net. com.172800INNSg.gtld-servers.net. com.172800INNSh.gtld-servers.net. com.172800INNSi.gtld-servers.net. com.172800INNSj.gtld-servers.net. com.172800INNSk.gtld-servers.net. com.172800INNSl.gtld-servers.net. com.172800INNSm.gtld-servers.net. ;; Received 506 bytes from 192.203.230.10#53(192.203.230.10) in 33 ms tiernanotoolephotography.com. 172800 INNS ns-99.awsdns-12.com. tiernanotoolephotography.com. 172800 INNS ns-718.awsdns-25.net. tiernanotoolephotography.com. 172800 INNS ns-1318.awsdns-36.org. tiernanotoolephotography.com. 172800 INNS ns-1983.awsdns-55.co.uk. ;; Received 214 bytes from 192.31.80.30#53(192.31.80.30) in 119 ms tiernanotoolephotography.com. 300 INA79.97.100.91 tiernanotoolephotography.com. 172800 INNS ns-1318.awsdns-36.org. tiernanotoolephotography.com. 172800 INNS ns-1983.awsdns-55.co.uk. tiernanotoolephotography.com. 172800 INNS ns-718.awsdns-25.net. tiernanotoolephotography.com. 172800 INNS ns-99.awsdns-12.com. ;; Received 198 bytes from 205.251.197.38#53(205.251.197.38) in 6 ms So to eliminate any local DNS caching as an issue, you should ask one of the four servers which is authoritative for your domain for the answer. $ dig +short +norec @ns-99.awsdns-12.com. tiernanotoolephotography.com. a 79.97.100.91 This seems to match what you were expecting, so it appears to have worked now. If you have a client which is still resolving to the old address then flush its cache, and check there's no static hosts entry. For OSX clients, you can flush their DNS cache like this: sudo killall -HUP mDNSResponder For Linux clients running nscd, even restarting nscd won't flush the cache. You need to do: nscd --invalidate=hosts For Windows clients, best to just reboot them :-) Regards, Brian. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold