[Cialug] Cialug Digest, Vol 101, Issue 11

Sat Sep 21 17:56:45 CDT 2013

On Sat, 21 Sep 2013, Moder John II Lee wrote:

> Lee, thank you for your explanation.  I think I am beginning to understand.
>
That's great! I deal with it all the time, and have to keep kicking myself
when I figure out a problem for which I should have KNOWN the answer.

> I don't do a lot of server work, but the systems that I do work on all
> tend to function this way, so you are saying that they all have a split
> horizon DNS setup on them?
>
The main points to remember:

 * The hosts file overrides any DNS lookup, on ALL platforms.i

  Does Microsoft do this natively, where are
we
need to "trick" OSX and Linux systems into doing this?  I apologize for the naive questions, but one of the reasons I am doing this is to understand it better.
>
> So basically you are saying similar to what Ken did, is that I need to find a way to make OSXSLS1 the SOA for the local net, but I may need to use something like dnsmasq to trick it to doing so?
>
> I am still having a bit of a disconnect though--  On both boxes I get the same results--
>
> When I dig @10.0.1.2 A OSXSLS1.moderetnyre.net. I return the record's authority section pointing to OSXSLS1.moderetnyre.net.
>
> When I dig @10.0.1.2 A CentOS1.moderetnyre.net I return the SOA to godaddy.
>
> My confusion is that in the zone file on OSXSLS1 I have machine (A) records for both CentOS1, and OSXSLS1.  Both record are formatted identically, outside their unique names/IPs.
>
> The DNS server on OSXSLS1 is set to accept recursive queries from localnets and 10.0.1.0/24.
>
>
> John
>
>
> On Sep 21, 2013, at 8:05 AM, "L. V. Lammert" <lvl at omnitec.net> wrote:
>
> > On Fri, 20 Sep 2013, Moder John II Lee wrote:
> >
> >> What you are saying is without doing a "Split Horizon" DNS on the OSX
> >> box there is no way for me to ping a box on my local network by
> >> hostname?
> >>
> > Not quite; You are 'faking' a DNS entry for a local host, and that local
> > host is not defined in your configured DNS server.
> >
> > When you do a DNS lookup on the OSX box, you get the entry you had in the
> > hosts file -  a local hosts file will override a DNS lookup.
> >
> > When youi lookup the local host from another box, the request is rightly
> > forwarded to the configured DNS server and you get zilch.
> >
> > You need to either supply an 'override' at each machine that will use the
> > local hostname (in /etc/hosts), or configure a DNS server that knows the
> > difference between a local host and a 'real' host.
> >
> >> That just doesn't make sense to me.  The OSX box has an A record for
> >> the CENTOS1 box, why would godaddy need one for me to ping it on my
> >> local network?
> >>
> > Because the OSX box is not configured for normal DNS entries in the local
> > subnet (i.e. split horizon), so an inquiry from *another* machine gets
> > forwarded to the 'real' DNS server.
> >
> >> I understand if I want to reach the box from the outside that godaddy
> >> would need a record, but shouldn't my local DNS be resolved locally when
> >> is has the record, and only be forwarded when the record isn't there?
> >>
> > That works ON the OSX machine as there is an overide configured, but a
> > query from an external machine is treated as a 'real' DNS query and
> > forwarded to the 'real' DNS server.
> >
> > Hence, the reason for the split horizon system, where the DNS server is
> > configured with a different local zone. If you lookup dnsmasq, yoiu can
> > see some more information about how this works.
> >
> > 	Lee
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
>
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
>

==============================================
 Leland V. Lammert            lvl at omnitec.net
  Chief Scientist        Omnitec Corporation
 Network/Internet Consultants www.omnitec.net
==============================================