Our application (RHEL 5/c++) uses the hostid as returned by gethostid for logging purposes. For some reason, the primary DNS server of the local network environment went offline. This resulted in massive problems in gethostid: The function call hangs for more than 60s, which lead to internal timeouts in our application. A call to hostid on the commandline also didn't return after several minutes. Once the DNS server was up again, the timeouts/problems both in the application and the hostid commandline tool disappeared.
My question is: How do I prevent gethostid from making DNS lookups? There`re some boundary conditions to the answer:
The file /etc/hostid must not exist.
Calling sethostid is not allowed.
Changing /etc/hosts is not possible.
I'm astonished this happens at all. As I understand gethostid it works like this:
Return the value of the last sethostid if it has been set manually.
Return hostid form /etc/hostid if the file exists.
Return the primary IP of the host if set.
Fail for other cases.
I don`t see the need for a DNS query.
To verify, that gethostid actually is dependend on a working DNS server, try this:
As root create/change your /etc/reslov.conf so it contains only invalid nameserver entries.
Call hostid on the commandline.
On my debian/squeeze installation this results in a hostid of 00000000 without any hangs. I assume the RedHat-version of hostid is different/older and results hangs.
I think preventing DNS lookups from gethostid is not really possible without breaking the system or violating one of the boundary conditions. On gnu.org I've found this comment on the sethostid function:
The proper way to establish the primary IP address of a system is to configure the IP address resolver to associate that IP address with the system's host name as returned by gethostname. For example, put a record for the system in /etc/hosts.
From this I conclude, that gethostid determines the IP like this:
Get the hostname from gethostname.
Determine the IP via gethostbyname (or a similar method).
Under the conditions, that the host name is not associated to an IP address in /etc/hosts and /etc/nsswitch.conf allows DNS lookups, a DNS lookup will be made by gethostid.
Related
Is there a good API alternative to res_ninit?
There are problems with this call because the res->_u.ext.nscount6 and res->nscount do not reflect correct numbers. Adding a IPv6 address to /etc/resolv.conf still results in the nscount increasing where you would have expected the nscount6 to increase.
An older glibc version seems to increase both nscount and nscount6 for a IPv6 address in /etc/resolv.conf.
I am currently parsing resolv.conf directly because i am unable to depend on the res_ninit call. But this is fine for Manual DNS.
When it comes to DHCP DNS, then i need an API to give me the result. There is no other way (that i can think of) to determine the DNS IP addresses over DHCP.
Tried posting in other places within the board but not of help so far. E.g.
Retrieve IPv4 and IPv6 nameservers programmatically
res_ninit and res_init only ever read name server information from /etc/resolv.conf. You can always get the same data name servers by parsing /etc/resolv.conf yourself and examining the nameserver lines. If there is no nameserver line, the default 127.0.0.1 will be used.
I don't think it is necessary to provide an API for that because the file format is so simple that is likely more difficult to use the API than to read the file instead.
Name server assignment over DHCP is implemented by rewriting /etc/resolv.conf if there is no local caching resolver running on the machine. The exact mechanism used for that is distribution-specific, e.g. Debian uses resolvconf if it is installed.
If a local caching resolver is running on the system (such as dnsmasq or Unbound), name servers over DHCP can be directly configured in that caching resolver. In this case, /etc/resolv.conf will keep pointing to the same name server, typically by listing nameserver 127.0.0.1 or no name server information at all (which is the default).
I noticed that one of Google's mail servers (alt4.aspmx.l.google.com) points to 74.125.200.26, but when I do a reverse DNS lookup on that IP I see that the hostname associated with it is sa-in-f26.1e100.net. My limited understanding of DNS is that when you have a situation like that, one hostname is an alias of the other, but that's not the case here.
My initial goal was making a Python program that given an IP address and a hostname, returns a boolean answer indicating whether the IP belongs to a mail server of that domain. The algorithm I implemented used dig to search all mail servers of a domain and then tried to match any of them to the hostname associated with the given IP (which I found using dig -x). My program fails with the case I mentioned before. What am I missing?
Sorry for my bad english. Thanks!
Many services can run on one server/ipaddress, and many hostnames can resolve to one IP address. In the other direction, one ip address will most often resolve to only one hostname (if it has PTR record at all), and the name will very often be something generic like ip-xx-yy-zz-qq.networkcarrier.net (so unrelated to any of the services that are legitimately running on that server).
Depending on the purpose of your check, perhaps you can just test if the hostname A record points to the required IP address (because your initial requirement is flawed: ip addresses do not belong to domains, they belong to network providers).
(Still, for some purposes, most notably as anti spam measure, there is a use case for checking if ip address resolves to some particular hostname.)
I want to get host name from ip. I know a few command who does the work like host, nslookup and dig but they are not completely reliable. In many of the cases they fail to give the host name. So, is there any command who can always give me the host name.
For ex: If I check "host stackoverflow.com" then it gives me a list of five different ip addresses. But when I check "host ip_address (each of the five different ip addresses)" than it's not able to find the host name.
DNS has a forward and reverse zones and what are you going to get by requesting a domain name for an IP-address depends on reverse DNS-zone configuration of that domain name, that's not an application malfunction or something - it's just asking DNS-servers. So no, there's no such command that you're looking for.
If you are not getting IP to hostname resolution, this means that the reverse lookup is either not allowed or not configured properly at the dns server (you are pointing to). In other words, PTR record does not exist, or you are not allowed access to it.
All the dns commands use the same or similar methods and underlying system calls to get the name; they search for the PTR record.
Without going into too much detail. If this is something you really want to do, you can look at other options like looking at the reconnaissance tools in Kali.
I'm looking for a way of getting our DNS server to do a reverse look-up in order to resolve placeholder values differently according to the requesting machine's IP address.
Variables
A placeholder value called SYSWEB to be resolved by DNS
Websites: www.website.dev.net and www.website.uat.net
Machines: Machine1 and Machine2
Conditions
If Machine1 attempts to connect to SYSWEB, the DNS server will
resolve it to www.website.dev.net
If Machine2 attempts to connect to SYSWEB, the DNS server will
resolve it to www.website.uat.net
I've already tried to do this with BIND DNS, following the implementation laid out here, but I have not made any progress worth noting....
The main problem I'm having is that I cannot allow the DNS to resolve an IP address from the placeholder value, it needs to be a domain name.
Surely someone out there has successfully done what I'm failing to do
You need to have two separate zone files and route access to the correct zone file based on views. This is usually called split-horizon DNS and there are plenty of examples on the net, e.g.
http://www.zytrax.com/books/dns/ch6/#split-view
http://www.knowplace.org/pages/howtos/split_view_with_bind_9_howto.php
So, I'm on day 3...
I am running an Ubuntu.64-based distribution on a VirtualBox. I have the need to access both external ISP DNS servers, as well as "internal" DNS servers through an OpenVPN connection. At times I need to query the external DNS(#host example.com) through the eth0 interface; sometimes I need to query the VPN "internal" DNS (#host internal.local) through the tap0 interface.
My question is: how do I configure my system to query the correct nameserver-- the ISP DNS or the VPN DNS (for attempting zone transfers, for example)?
I've tried editing resolv.conf to include both external and internal nameservers/domains, with no luck (obviously). I've also tried mitigating the situation with dnsmasq. That got me close (I think).
I realize I can use dig to set the [#server] based on individual queries, but I would appreciate a systemic resolution.
Any help would be appreciated.
I've used the PowerDNS recursor for exactly this situation before; it is in the package pdns-recursor, if you wish to try it. You'll want to set your /etc/resolv.conf to query only 127.0.0.1 should you choose to try this approach.
The forward-zones directive lets you specify which servers to contact for which zones:
forward-zones= ds9a.nl=213.244.168.210, powerdns.com=127.0.0.1
It does look a little strange, since it is one configuration setting that takes multiple values, but you do get to specify exactly which servers are going to provide answers for which domains.