Centos takes very long time to resolve local network nearby servers - linux

i have few Centos 5.1 servers, recently they took very long time to communicate eachother, it looks like for every request it checks local server in public dns, is there is anyway to give option in /etc/resolve.conf to disable dns for some IP address ?

Add the server names and their IP addresses to the file /etc/hosts, e.g.
10.0.0.100 server1 server1-alias
10.0.0.101 server2
and then make sure that you list the keyword files before the keyword dns for the hosts entry in /etc/nsswitch.conf, i.e. that file should have a line that looks something like this:
hosts: files dns
After that, any attempts to resolve hostnames or IP addresses will first consult the /etc/hosts file, and only if that is unsuccessful go on to do a DNS lookup.

Related

Bash: pinging servers and writing the IP to a file

I currently have to find the IP-Adresses of a lot of servers.
I have written a bash script on linux that creates all the server names.
When I write it like this, I get all servernames, even if there no longer have an IP.
host $f$n$d >> IPs.txt
Is there a way to only write the servers into the file, that still have an IP, together with the servername.
Kind regards Elias
I think the local DNS resolver caches the IP addresses, so you will get the corresponding IPs even in the scenario you described.
I suggest you to start the script with a full local DNS flush, depending on your distribution and DNS client: Here are son techinques to flush it.

getting hostname of remote computers on the local network not setup in /etc/hosts

I have a new learning, I was trying to get hostname using python's socket.
so from my macbook I ran the below code:
socket.gethostbyaddr("192.168.1.111")
and I get the ('rock64', [], ['192.168.1.111']) then I tried IP address of a computer that is not on the network anymore but used to be:
socket.gethostbyaddr("192.168.1.189")
and it returned: ('mint', [], ['192.168.1.189']) then I realised its coming from the /etc/hosts file.
now in that host file I also have this entry:
/etc/hosts
172.217.25.3 google.com.hk
but if I try to get host from ip of wan address i get different results than expected!
socket.gethostbyaddr("172.217.25.3")
that returns ('hkg07s24-in-f3.1e100.net', ['3.25.217.172.in-addr.arpa'], ['172.217.25.3'])
so I am not wondering where in the later case of WAN ip address I am getting the hostname and why in case of local computer IP's I am getting hostname from the configured /etc/hosts file ?
How can we get hostname of host computers on the local network without socket.gethostbyaddr having to look into /etc/hosts file or by other means ?
This is opinion based answer to the question "how to build registry of network devices on your local network?"
The best way to build registry of devices on your local network is to setup ntopng on your gateway. It uses DPI (Deep Packet Inspection) Technics to collect information about hosts.
NTOPNG has nice user interface and displays host names (when possible).
You can assign aliases for specific hosts which do not leak host names via any protocol.
For some reasons ntopng developers did not include alias into json response for request http://YOUR-SERVER:3000/lua/host_get_json.lua?ifid=2&host=IP-OF-DEVICE .
You can add it manually by adding lines require "mac_utils" and hj["alias"]=getDeviceName(hj["mac_address"]) into file /usr/share/ntopng/scripts/lua/host_get_json.lua
You can use REST API to interrogate ntopng and use provided information for building any script you need.

Is it possible to detect HOSTS file resolution vs DNS resolution

For diagnostic purposes I would like to be able to find out if a customer has a hostname failure because of a HOSTS file entry. Is it possible to detect that a DNS query was resolved by HOSTS or DNS?
(Of course I'm curious about multiple OSes: Windows, HPUX, AIX, Linux, Mac)
I suspect it may be possible if I could bypass the hostname resolution sequencing configuration of the machine. Of course reading the HOSTS file directly is an option but if there's an in memory problem (i.e. virus, or just changed to remove the misconfiguration but not taken effect yet) then it wouldn't be helpful.
On Windows, if you are looking up server1 you can compare the IP address printed in the output of ping server1 with the output of the nslookup server1 command.
This URL states that on Windows, nslookup does not use the hosts file:
https://serverfault.com/questions/95036/what-can-cause-a-dns-lookup-to-ignore-a-hosts-file-entry
Both ping server1 and nslookup server1 print the IP address they associate with server1, but ping will use the hosts file (on my system) and nslookup does not.

Troubles accessing the VirtualHost on a local net

Hi I have a Huawei ADSL modem with a dynamic IP. I set up a dynamic dns with freedns and I can easily access my Virtual host on apache from outside my private network, from internet.
So trying to access it from a local network I get a modems login page.
I have the rule in my modems NAT to connect port 80 to my server but it seems it doesnt work from internal net.
My server hosting the virtual host is 192.168.0.1 , the modem has the 192.168.0.254 address.
I tried to put my external domain name into the /etc/hosts file, but if I do that then asterisk server gets confused.
What could be the cause of the problem ? And what would be the best solution to this problem ?
Should I set up a caching DNS on the private side of the net ?
Hugger is half right... Its because your router is blocking loopbacks. The easiest way around this is to edit the hosts file (See the Wiki page) on the computer that is behind the network to see the local IP of the computer as the virtual host your going for. For example if your server is on 192.168.0.1 and the virtual hostname is www.imrad.com then insert
192.168.0.1 www.imrad.com
into your hosts file. If your computer leaves the local network (like a laptop you take to work) and joins a network not behind your router you need to comment out the line in the hosts file.
well actually to access that you must find the local ip address of the server by going into command line/prompt and typing ipconfig /all then you will find ipv4 address. Take note of that.
Go to another computer and your that ip and it will show.
The reason that was happening is because the router/modem knows you are in its network so it will think you ar trying to go top the login page of it. That happens to me too.

Windows hosts file and IIS binding question

I'm building a few SharePoint sites, and I want to make use of zones so I may set security different in the various zones.
My workstation has a local SharePoint, and I use it for development.
My workstation has a static IP, and is connected to the internet.
When I make a SharePoint site, I want to add a host header, for instance, devbox.com.
I do not own this name, nor do I want to.
I then add an entry in my hosts file, but when I surf to http://devbox.com:8080, it does not resolve.
Do I need to register the name I want to use, or should this work, i.e., have my hosts file resolve names/IPs first?
It should work. You will need to make sure your website has the right mappings, though. For example, if you want your site to respond to http://devbox.com:8080, you'll need to either set up your website to respond to all IP addresses and port 8080, or to respond to the devbox.com host header and port 8080.
BTW, to test whether your HOSTS file is set up correcly, open up a command line and PING devbox.com. You should see the address resolved to your local machine's IP address. If not, you've done something wrong in how you've set up your HOSTS file... please post the line in the HOSTS file that you're using.
BTW, per my comment below, you should probably use 127.0.0.1 (aka localhost) in your HOSTS file line, rather than your external IP. This will remove the IP address as a potential point of failure (e.g. in case a firewall blocks the traffic)

Resources