Welcome to the Linux Foundation Forum!

Alternate DNS query

Battogtokh
Battogtokh Posts: 23
edited May 2017 in LFS211 Class Forum - Discontinued
Hi, 


I am trying to figure out this, but hours of googling couldn't help me to find out the answer. 


Currently I am doing my LABs in public library. The library network blocks my default DNS query to addresses such as 75.75.75.75 (Comcast DNS which works when I am at home). I added the DNS server address of the library to my VM as a secondary DNS address in /etc/network/interfaces file. But its still not working. When I place the library's DNS address on top of the DNS server names in /etc/network/interfaces or /etc/resolv.conf files, it works well. I added timeout:1 rotate and attempts:5 (with many different values) in /etc/resolv.conf file as well. It couldn't help. My test machines are stopping to resolve names whenever the library's DNS address is placed after the Comcast DNS server (which is blocked by the library's firewall). I am not sure what I am doing wrong. And wondering even if it worked like inserting manual entries in the /etc/resolv.conf file, how can we make it persistent in reboots like updating /etc/network/interfaces file. Is there any way to add DNS rotate or timeout options in the /etc/network/interfaces file and make them persistent over reboot, please?


 


Best regards,


Toogii 


 

Comments

  • lee42x
    lee42x Posts: 380
    edited May 2017

    There are several issues here, lets start with using the forwarder option in the Caching DNS.  Normally the DNS server does non-recursive queries to the various servers to look up a name or address. Some organizations regulate the traffic on the DNS ports and want all the requests to pass through a single server, a forwarder.  The forwarder will accept recursive requests from DNS servers, resolve the request and return the informatin to the requestor. All we have to do is add the forwarder to our /etc/bind/named.conf.options. Here is an example of an options line in the configuration file:


    options {
    	forwarders { 192.249.249.1; 192.249.249.3; };
    };

    In this case the forwarder's ipaddress would be the DNS server of the Library, most likely the same address passed out by DHCP.  That should get the lab DNS server running without altering the /etc/resolv.conf file. We can do the testing on our lab DNS server with the option @localhost in the dig command like:

    "dig  @localhost www.example.com"  

    To set options in the "interfaces" file options look like:

    dns-search  example.com 

    This is an example to set the DNS search list in the /etc/resolv.conf file by adding lines to the "interfaces" file. The "rotate" option will toggle through defined servers for load ballancing a great option but not really necessary for our lab exercise. 

    I hope this helps, keep me posted. 

  • Battogtokh
    Battogtokh Posts: 23
    edited June 2017

    Thank you very much for your kind support. Can you please advice in case we don't setting up our local DNS server and want to configure IP setting on the server?

    My LAB environment setup: I configured NAT network (I enabled "Port forwarding" for the network when I needed to access from my host computer like ssh) on my Virtual Box which help me to use fixed static address on my lab systems (there was an issue with bridged adapter whenever I switch between home and library networks). Everything works fine whenever I change my virtual machine's ip configuration to appropriate network DNS servers. I decided to update the IP configuration on the virtual machine to use Comcast DNS server as first (since it can be used from most of the locations) and library specific DNS server as a secondary server in /etc/network/interfaces file on Ubuntu. The addresses are updated to /etc/resolv.conf file. But it doesn't work at library because the library's DNS address is listed as the secondary DNS server. As per my understanding, my VM supposed to retry to the secondary DNS server when primary DNS server is not responding. I tried to update /etc/resolv.conf by adding some options as mentioned before. But nothing helps. I googled to understand which option I am missing. But still no luck. I wondered how to make it work and if it can be fixed in resolv.conf file, can it permanently fixed by adding some options in ip configuration file like /etc/network/interfaces? I am really want to know how linux expers configure their client computers' IP address config for DNS to be capable of failover like if one server was down retry with another. 

Categories

Upcoming Training