1752625
Members
4554
Online
108788
Solutions
SOLVED
Hi Rich,
When you say:
____________________________________
I am doing queries on a server I know to have 5 aliases and it just returns the hostname I supply and its IP address.
____________________________________
How do you know there are 5 aliases for this IP address? Is it that the /etc/hosts file has 5 aliases for this IP address, or do you know for a fact that the DNS table you're using has all 5 aliases? I just want to be sure that the DNS tables you're using were built appropriately to contain all 5 aliases.
A couple of things to try, if nslookup is not returning what you want:
1) Try nsquery
# nsquery hosts ros-resolver dns
Using "dns" for the hosts policy.
Searching dns for ros-resolver
Hostname: rose-resolver
Aliases: ros-resolver
Address: XXX.XXX.XXX.XXX
Switch configuration: Terminates Search
This program allows you to override whatever search routine is specified in your /etc/nsswitch.conf file and use whichever name repositories you wish. As you can see from my above example, it returned the hostname, IP address and alias information.
2) If you are not absolutely certain that DNS contains all of the alias information, you can verify this by collecting a network trace of the DNS query and look at the answer packet in the trace.
For example:
================================ IP Header (outbound -- pid: 355033) =========
Source: hpatcux9.rose.hp.com(A) Dest: rose-resolver.americas.hp.net(A)
len: 74 ttl: 64 proto: 17 cksum: 0x19bc id: 0x6fe5
flags: DF tos: 0x0 hdrlen: 20 offset: 0x0 optlen: 0
-------------------------------- UDP Header ----------------------------------
sport: 63319 --> dport: domain data len: 46 chksum: 0xb149
-------------------------------- BIND Header ---------------------------------
flags: rd
opcode: QUERY rcode: NOERROR id: 0x36df
qdcount: 0x1 ancount: 0x0 nscount: 0x0 arcount: 0x0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ QUESTIONS ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
domain name: ros-resolver.americas.hp.net
type: A class: IN
================================ IP Header (inbound -- [ICS]) ================
Source: rose-resolver.americas.hp.net(A) Dest: hpatcux9.rose.hp.com(A)
len: 302 ttl: 62 proto: 17 cksum: 0x8abd id: 0x0
flags: DF tos: 0x0 hdrlen: 20 offset: 0x0 optlen: 0
-------------------------------- UDP Header ----------------------------------
sport: domain --> dport: 63319 data len: 274 chksum: 0x641
-------------------------------- BIND Header ---------------------------------
flags: qr aa rd ra
opcode: QUERY rcode: NOERROR id: 0x36df
qdcount: 0x1 ancount: 0x2 nscount: 0x5 arcount: 0x5
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ QUESTIONS ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
domain name: ros-resolver.americas.hp.net
type: A class: IN
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ANSWERS ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
domain name: ros-resolver.americas.hp.net
type: CNAME class: IN ttl: 28800 dlen: 16
domain name: rose-resolver.americas.hp.net
domain name: rose-resolver.americas.hp.net
type: A class: IN ttl: 7200 dlen: 4
internet address: 15.251.192.51
...
I've removed some of the information from the ANSWER packet for simplicity, but you can see at the top of the ANSWER packet is the primary hostname and the alias information.
If a network trace doesn't show this information then my guess is you don't have your DNS tables built correctly.
3) Use nslookup debug mode
# nslookup -d2 rose-resolver.americas.hp.net
------------
SendRequest(), len 44
HEADER:
opcode = QUERY, id = 13505, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
51.192.251.15.in-addr.arpa, type = PTR, class = IN
------------
------------
Got answer (296 bytes):
HEADER:
opcode = QUERY, id = 13505, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 2, authority records = 5, additional = 5
QUESTIONS:
51.192.251.15.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 51.192.251.15.in-addr.arpa
type = PTR, class = IN, dlen = 31
name = rose-resolver.americas.hp.net
ttl = 7200 (2H)
-> 51.192.251.15.in-addr.arpa
type = PTR, class = IN, dlen = 13
name = forwarders.americas.hp.net
ttl = 7200 (2H)
Again, I've striped out much of the reply packet for simplicity, but this should show you the same information as the network trace, and you can verify whether the DNS tables were populated with the aliases.
Good luck,
Dave
When you say:
____________________________________
I am doing queries on a server I know to have 5 aliases and it just returns the hostname I supply and its IP address.
____________________________________
How do you know there are 5 aliases for this IP address? Is it that the /etc/hosts file has 5 aliases for this IP address, or do you know for a fact that the DNS table you're using has all 5 aliases? I just want to be sure that the DNS tables you're using were built appropriately to contain all 5 aliases.
A couple of things to try, if nslookup is not returning what you want:
1) Try nsquery
# nsquery hosts ros-resolver dns
Using "dns" for the hosts policy.
Searching dns for ros-resolver
Hostname: rose-resolver
Aliases: ros-resolver
Address: XXX.XXX.XXX.XXX
Switch configuration: Terminates Search
This program allows you to override whatever search routine is specified in your /etc/nsswitch.conf file and use whichever name repositories you wish. As you can see from my above example, it returned the hostname, IP address and alias information.
2) If you are not absolutely certain that DNS contains all of the alias information, you can verify this by collecting a network trace of the DNS query and look at the answer packet in the trace.
For example:
================================ IP Header (outbound -- pid: 355033) =========
Source: hpatcux9.rose.hp.com(A) Dest: rose-resolver.americas.hp.net(A)
len: 74 ttl: 64 proto: 17 cksum: 0x19bc id: 0x6fe5
flags: DF tos: 0x0 hdrlen: 20 offset: 0x0 optlen: 0
-------------------------------- UDP Header ----------------------------------
sport: 63319 --> dport: domain data len: 46 chksum: 0xb149
-------------------------------- BIND Header ---------------------------------
flags: rd
opcode: QUERY rcode: NOERROR id: 0x36df
qdcount: 0x1 ancount: 0x0 nscount: 0x0 arcount: 0x0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ QUESTIONS ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
domain name: ros-resolver.americas.hp.net
type: A class: IN
================================ IP Header (inbound -- [ICS]) ================
Source: rose-resolver.americas.hp.net(A) Dest: hpatcux9.rose.hp.com(A)
len: 302 ttl: 62 proto: 17 cksum: 0x8abd id: 0x0
flags: DF tos: 0x0 hdrlen: 20 offset: 0x0 optlen: 0
-------------------------------- UDP Header ----------------------------------
sport: domain --> dport: 63319 data len: 274 chksum: 0x641
-------------------------------- BIND Header ---------------------------------
flags: qr aa rd ra
opcode: QUERY rcode: NOERROR id: 0x36df
qdcount: 0x1 ancount: 0x2 nscount: 0x5 arcount: 0x5
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ QUESTIONS ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
domain name: ros-resolver.americas.hp.net
type: A class: IN
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ANSWERS ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
domain name: ros-resolver.americas.hp.net
type: CNAME class: IN ttl: 28800 dlen: 16
domain name: rose-resolver.americas.hp.net
domain name: rose-resolver.americas.hp.net
type: A class: IN ttl: 7200 dlen: 4
internet address: 15.251.192.51
...
I've removed some of the information from the ANSWER packet for simplicity, but you can see at the top of the ANSWER packet is the primary hostname and the alias information.
If a network trace doesn't show this information then my guess is you don't have your DNS tables built correctly.
3) Use nslookup debug mode
# nslookup -d2 rose-resolver.americas.hp.net
------------
SendRequest(), len 44
HEADER:
opcode = QUERY, id = 13505, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
51.192.251.15.in-addr.arpa, type = PTR, class = IN
------------
------------
Got answer (296 bytes):
HEADER:
opcode = QUERY, id = 13505, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 2, authority records = 5, additional = 5
QUESTIONS:
51.192.251.15.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 51.192.251.15.in-addr.arpa
type = PTR, class = IN, dlen = 31
name = rose-resolver.americas.hp.net
ttl = 7200 (2H)
-> 51.192.251.15.in-addr.arpa
type = PTR, class = IN, dlen = 13
name = forwarders.americas.hp.net
ttl = 7200 (2H)
Again, I've striped out much of the reply packet for simplicity, but this should show you the same information as the network trace, and you can verify whether the DNS tables were populated with the aliases.
Good luck,
Dave
I work for HPE
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
