I use two DNS servers a public one (8.8.8.8)
and a local one (192.168.1.20)
In ubuntu, If I wrote both DNSs 192.168.1.20, 8.8.8.8
it will always query the first and until the first is down and then it will start querying the second.
And of course I have to make the local point again to 8.8.8.8
Like this i have almost no problems, I can resolve local addresses and also public ones
but when I'm out of the office that's were all the problems start.
Having the local DNS first makes ubuntu checks for it every single time it needs to resolve.
So I end up switching switching the priority of the DNS every (8.8.8.8, 192.168.1.20) time I change my location.
This is not the case if I was using windows. It somehow sends to both DNSs at once or something of that sort.
Is there a way to avoid changing the DNS for every location?
Ubuntu also must query each server in /etc/resolv.conf if there is no answer from the first server.
Give an output of 'dig google.com' please
You wrote 'until the first is down'...
The system of course will connect other servers ONLY if has no respond from the first one!!
The servers are listed in preferable order
Not an answer but a possible work around.
Are you able to use different network interfaces for each network?
If so you can specify different "dns-nameservers" in the "/etc/network/interfaces" file.
Related
I currently have to find the IP-Adresses of a lot of servers.
I have written a bash script on linux that creates all the server names.
When I write it like this, I get all servernames, even if there no longer have an IP.
host $f$n$d >> IPs.txt
Is there a way to only write the servers into the file, that still have an IP, together with the servername.
Kind regards Elias
I think the local DNS resolver caches the IP addresses, so you will get the corresponding IPs even in the scenario you described.
I suggest you to start the script with a full local DNS flush, depending on your distribution and DNS client: Here are son techinques to flush it.
I am writing to you because I have a conception problem for my DNS infrastructure.DNS. My infrastructure is composed of a DNS machine (recursive or forwarding) and another authoritatve that has say views according to the source of the client (we can assimilate it to Bind even if it is not the case). This Auhoritative machine should not be queried directly but must go through the other. To summarize here is the infrastructure:
> Client Location 1 Client Location 2 Client Location 3
> \ | /
> DNS Recursive ou Forwarding
> |
> DNS Authoratitve with 3 « views ».
I thought of different solutions to solve these problems :
Create different ports on the DNS Recursive (or Forwading), each port containing a DNS that would correspond to a view that would query the Authoritative DNS (and thus recognize the origin). But I find this solution rather ugly and that will quickly increase if the number of views increases.
Use the DNS extension : EDNS to forward the client network (but that seems pretty complicated).
I wanted to know if you have other solutions and if not what would be the best.
Thank you in advance !
The first solution does not seem really workable as there is nearly no way to change from the default DNS port in various end clients OS. You would instead need separate recursive nameservers on separate IP addresses and each client configured with the specific nameserver it needs to use.
The second solution can work, it is ECS the "EDNS Client Subnet" feature, described in RFC7871 and supported in various nameservers. See for example in Bind: https://www.isc.org/wp-content/uploads/2017/04/ecs.pages.pdf
Now are you really sure you need this setup or that this is the only way to achieve your goals? It is difficult to propose other ideas as you describe from the get go your solution but not really your problem initially nor your constraints.
For example, it may be solved in some cases by just configuring each client with a different domain search list. client1 would have client1.example.com as suffix, client2 would have client2.example.com and so on. Now, with only one standard recursive nameserver and one authoritative one for example.com without any kind of extension or complicated setup, when client1 attempts to resolve www it will (may) get a different reply than client2 also attempting to resolve www as the final two fully qualified domain name would be indeed different (www.client1.example.com vs www.client2.example.com), because of the different search lists. This of course depends a lot on what kind of applications are running on each client.
The use of simpler nameservers such as dnsmasq may also help, but again your space problem is not defined enough to be sure what to suggest.
I want to get host name from ip. I know a few command who does the work like host, nslookup and dig but they are not completely reliable. In many of the cases they fail to give the host name. So, is there any command who can always give me the host name.
For ex: If I check "host stackoverflow.com" then it gives me a list of five different ip addresses. But when I check "host ip_address (each of the five different ip addresses)" than it's not able to find the host name.
DNS has a forward and reverse zones and what are you going to get by requesting a domain name for an IP-address depends on reverse DNS-zone configuration of that domain name, that's not an application malfunction or something - it's just asking DNS-servers. So no, there's no such command that you're looking for.
If you are not getting IP to hostname resolution, this means that the reverse lookup is either not allowed or not configured properly at the dns server (you are pointing to). In other words, PTR record does not exist, or you are not allowed access to it.
All the dns commands use the same or similar methods and underlying system calls to get the name; they search for the PTR record.
Without going into too much detail. If this is something you really want to do, you can look at other options like looking at the reconnaissance tools in Kali.
So, I'm on day 3...
I am running an Ubuntu.64-based distribution on a VirtualBox. I have the need to access both external ISP DNS servers, as well as "internal" DNS servers through an OpenVPN connection. At times I need to query the external DNS(#host example.com) through the eth0 interface; sometimes I need to query the VPN "internal" DNS (#host internal.local) through the tap0 interface.
My question is: how do I configure my system to query the correct nameserver-- the ISP DNS or the VPN DNS (for attempting zone transfers, for example)?
I've tried editing resolv.conf to include both external and internal nameservers/domains, with no luck (obviously). I've also tried mitigating the situation with dnsmasq. That got me close (I think).
I realize I can use dig to set the [#server] based on individual queries, but I would appreciate a systemic resolution.
Any help would be appreciated.
I've used the PowerDNS recursor for exactly this situation before; it is in the package pdns-recursor, if you wish to try it. You'll want to set your /etc/resolv.conf to query only 127.0.0.1 should you choose to try this approach.
The forward-zones directive lets you specify which servers to contact for which zones:
forward-zones= ds9a.nl=213.244.168.210, powerdns.com=127.0.0.1
It does look a little strange, since it is one configuration setting that takes multiple values, but you do get to specify exactly which servers are going to provide answers for which domains.
I have java based application hosted on my local tomcat server.As per my understanding whenever I type http://us.states.com/myApplication. There is a order browser will try to resolve the DNS name us.states.com. I.e
First it will look for us.states.com in hosts file
Secondly it will look for us.states.com on local DNS server (if it is there)
Last it will look for us.states.com on web (with appending of www in front of us.states.com)
Is that correct?
The first two are correct, the third is not. If it appends www-or not is normally a redirect issue. Hence, DNS name resolving will only be against either local host file or against one or more DNS servers.
One and two are correct. First the hosts file is checked, then your DNS server. There is no 3.
Also, step 2 is not necessarily a DNS server local to your network. It can be specified on your machine (separately from DHCP) or it can be specified by the network. Usually the DNS server is on a machine owned by your ISP, unless you explicitly use a different one. For example I sometimes use Google's public DNS servers (8.8.8.8 / 8.8.4.4) or Level3's (4.2.2.1 through 4.2.2.7 or so).