> > I recognize this is a bit OT, but not sure where to turn...?
> >
> > I am trying to use DNS to load balance a couple spamd
> > servers. I am attempting to return more than one A record
> > for spam.mydomain.com, and I am getting a correct dig, but
> > just a test telnet is returning "Unknown host".
> >
> > What am I doing wrong?
>
> If it only lasts 5 minutes (or less) then your previous
> (before creating the records) would typically be cache
> by a modern Windows CLIENT. While DNS has long been
> cached at the server, Microsoft started caching at the
> client (by default) in Win2000.
This is all being done in linux, no Windoze involved, thank god. Anyway, the
problem has lasted much longer than 5 minutes. :)
> > Few more details:
> >
> > DNS hosted on a separate machine, say dns.mydomain.com.
>
> Separate machines? Do you mean different DNS servers or
> just separate from the SMTP/spamd machine?
Just that Bind is running on a different machine than is SMTP and spamc.
They are both on the same local network.
> If your spam.mydomain.com is not on the same machine as
> the mydomain.com zone then you would (likely) need to
> delegate (but that doesn't seem to be your issue.)
Not sure I follow, but just to clarify a bit, the spamd, SMTP(spamc) and DNS
machines are all separate machines but in the same local network. I don't
even think it matters how/if/what/why about the connection to the outside
Internet since I am just trying to resolve locally.
> > Our SMTP server is where the spamc calls out to spamd, and
> > that machine's /etc/resolve has the dns machine's hostname as
> > the first nameserver entry. From the SMTP machine, I do "dig
> > spam.mydomain.com" and I get my desired results:
>
> You cannot depend on "first DNS" setting on a client -- most
> DNS clients may try ANY of the one's listed -- Windows clients
> for instance certainly work this way.
OK, fair enough (although from my experience, dig always seems to take the
first one it finds that works). So I took all other entries out of
/etc/resolve.conf on the SMTP(spamc) machine, but still getting the same
results: dig works great, but telnet bails. Again, I am using telnet from a
linux command prompt on the SMTP box -- is there a telnet host cache for
linux??
> A DNS client typically expects EVERY DNS Server to return the
> SAME answers (although a resolver/OS could be constructed to
> "keep trying" this is not typical.)
>
> > ;; ANSWER SECTION:
> > spam.mydomain.com. 259200 IN A 10.10.10.105
> > spam.mydomain.com. 259200 IN A 10.10.10.106
> >
> > I was pretty excited when I got that far, but then the next
> > step - to try to manually connect to one of the spamd daemons
> > listening on those 10.
> > addresses - failed miserably:
> >
> > # telnet spam.mydomain.com 2009
> > telnet: spam.mydomain.com: Name or service not known
> > spam.mydomain.com: Unknown host
> > #
> >
> > (the port number above is what spamd is configured to listen on)
>
> Likely you have more than one DNS server listed on the "telnet
> client" and the client resolver is using the "wrong" one.
Linux telnet has this kind of thing? Where is it?? I thought that is what
/etc/resolve.conf is.
> You should generally point clients to ONE CONSISTENT (set of)
> DNS servers which return all the correct answers the client
> will ever need. If the DNS server (set) doesn't know the
> answer it must forward or recurse to find it.
Well, since the ultimate client will be spamc, what does spamc use?
Something other than /etc/resolve.conf?
Also, will my local IP addresses in my zone file get propagated to other DNS
servers? (If what you say about consistency is important, and I put more
than one nameserver in /etc/resolve.conf, I will want to make sure they
propagate to the other DNS servers).
Thanks, Herb.
> > Seems like the DNS server is not the problem, but FWIW, the
> > zone file for mydomain.com has these entries:
> >
> > spam A 10.10.10.105
> > spam A 10.10.10.106
>
> --
> Herb Martin
>
>
>
____________________________________________________
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs
