[Cialug] Cialug Digest, Vol 101, Issue 11

Moder John II Lee jmoder at me.com
Sat Sep 21 08:41:07 CDT 2013 

Lee, thank you for your explanation.  I think I am beginning to understand.

I don't do a lot of server work, but the systems that I do work on all tend to function this way, so you are saying that they all have a split horizon DNS setup on them?  Does Microsoft do this natively, where are we need to "trick" OSX and Linux systems into doing this?  I apologize for the naive questions, but one of the reasons I am doing this is to understand it better.

So basically you are saying similar to what Ken did, is that I need to find a way to make OSXSLS1 the SOA for the local net, but I may need to use something like dnsmasq to trick it to doing so?

I am still having a bit of a disconnect though--  On both boxes I get the same results--

When I dig @10.0.1.2 A OSXSLS1.moderetnyre.net. I return the record's authority section pointing to OSXSLS1.moderetnyre.net.

When I dig @10.0.1.2 A CentOS1.moderetnyre.net I return the SOA to godaddy.  

My confusion is that in the zone file on OSXSLS1 I have machine (A) records for both CentOS1, and OSXSLS1.  Both record are formatted identically, outside their unique names/IPs.

The DNS server on OSXSLS1 is set to accept recursive queries from localnets and 10.0.1.0/24.


John


On Sep 21, 2013, at 8:05 AM, "L. V. Lammert" <lvl at omnitec.net> wrote:

> On Fri, 20 Sep 2013, Moder John II Lee wrote:
> 
>> What you are saying is without doing a "Split Horizon" DNS on the OSX
>> box there is no way for me to ping a box on my local network by
>> hostname?
>> 
> Not quite; You are 'faking' a DNS entry for a local host, and that local
> host is not defined in your configured DNS server.
> 
> When you do a DNS lookup on the OSX box, you get the entry you had in the
> hosts file -  a local hosts file will override a DNS lookup.
> 
> When youi lookup the local host from another box, the request is rightly
> forwarded to the configured DNS server and you get zilch.
> 
> You need to either supply an 'override' at each machine that will use the
> local hostname (in /etc/hosts), or configure a DNS server that knows the
> difference between a local host and a 'real' host.
> 
>> That just doesn't make sense to me.  The OSX box has an A record for
>> the CENTOS1 box, why would godaddy need one for me to ping it on my
>> local network?
>> 
> Because the OSX box is not configured for normal DNS entries in the local
> subnet (i.e. split horizon), so an inquiry from *another* machine gets
> forwarded to the 'real' DNS server.
> 
>> I understand if I want to reach the box from the outside that godaddy
>> would need a record, but shouldn't my local DNS be resolved locally when
>> is has the record, and only be forwarded when the record isn't there?
>> 
> That works ON the OSX machine as there is an overide configured, but a
> query from an external machine is treated as a 'real' DNS query and
> forwarded to the 'real' DNS server.
> 
> Hence, the reason for the split horizon system, where the DNS server is
> configured with a different local zone. If you lookup dnsmasq, yoiu can
> see some more information about how this works.
> 
> 	Lee
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug

More information about the Cialug mailing list