Re: A question about /etc/resolv.conf

Wang,MinJie · ‎07-24-2007

Hi all
I've configured two DNS server respectively on two HP-UX systems
Then I've configured a DNS client on the third system.
The following information is what I've written into "/etc/resolv.conf" on the third system
*******************************************
nameserver 192.168.20.211
nameserver 192.168.20.212
*******************************************
These two IPs belong to the first two DNS servers by the way.
Then I tried to "nslookup "
Now the problem comes:
If the first DNS server resolves the name successfully it works fine
But if the first server fails,it will never turn to the next DNS server and it just returns a failure answer !
Can you help
Thx

Torsten. · ‎07-24-2007

Check this:

more /etc/nsswitch.conf

Is it configured to try the next server?

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!

Wang,MinJie · ‎07-24-2007

Hey torsten
Can you tell me how to configure the /etc/nsswitch.conf?
Is that like "hosts files dns[NOTFOUNT=continue]"?
I've tried and it doesn't work.
It only queries the first DNS server appears in /etc/resolv.conf
Any idea?

Viswanadhan · ‎07-24-2007

Hi ,

Can u paste the failure message of 2nd DNS server.

Regards,
Viswanadhan.

Wang,MinJie · ‎07-24-2007

rx26-03>nslookup p10
Name Server: rx16-01.hp.com
Address: 192.168.20.211

Trying DNS
*** rx16-01.hp.com can't find p10: Non-existent domain

it seems like it doesn't query 192.168.20.212

RobinKing · ‎07-24-2007

Do you have a "search " entry in your resolv.conf?

In your case I'm guessing:

search hp.com
nameserver 192.168.20.211
nameserver 192.168.20.212

Wang,MinJie · ‎07-24-2007

Hey Robin
You're right
So what do you say

Viswanadhan · ‎07-24-2007

Hi,

Try like this - add "domain hp.com " in /etc/resolv.conf" file

domain hp.com
nameserver 192.168.20.211
nameserver 192.168.20.212

Regards,
Viswanadhan.

Wang,MinJie · ‎07-24-2007

Hi Vis
It still doesn't work
Any other idea?

Torsten. · ‎07-24-2007

maybe you need

domain something.hp.com

Check the settings on another machine and adjust "something".
Maybe it is already listed in your /etc/hosts file.

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!

RobinKing · ‎07-24-2007

Thanks for correcting me Viswanadhan.

It may be helpful if you post your entire /etc/resolv.conf, /etc/nswitch.conf and /etc/hosts files.

Wang,MinJie · ‎07-24-2007

Hi all
Thank you for your attention
My /etc/resolv.conf:
search hp.com
nameserver 192.168.20.211
nameserver 192.168.20.212

My /etc/nsswitch.conf:
passwd: files
group: files
hosts: files dns
ipnodes: files
services: files
networks: files
protocols: files
rpc: files
publickey: files
netgroup: files
automount: files
aliases: files

Though I think there's no business about /etc/hosts but if you insist so
My /etc/hosts:
192.168.20.213 rx26-03.juniper.com
127.0.0.1 localhost loopback

I hope these information will help you figure it out

RobinKing · ‎07-24-2007

Ok, replace the "search hp.com" I told you to put in and replace with "domain hp.com"

RobinKing · ‎07-24-2007

Ok, replace the "search hp.com" I told you to put in /etc/resolv.conf and replace with "domain hp.com"

Wang,MinJie · ‎07-24-2007

Hey Robin

I'm sorry to say It doesn't work

RobinKing · ‎07-24-2007

Sorry should have checked the entire reply. Look slike you nsswitch.conf is the problem.

Your hosts line needs to be something similar to

hosts: dns [unavail=return] files

Sorry I don't have access to a system at the moment so can't cut and paste an exmaple for you.

Check out the example files /etc/nsswitch.*

Ludovic Derlyn · ‎07-24-2007

hi

try

hosts: dns [notfound=continue unavail=return] files

regards

L-DERLYN

Ludovic Derlyn · ‎07-24-2007

hi

not found and unavail must be UPPER (NOTFOUND UNAVAIL)

Regards

L-DERLYN

Wang,MinJie · ‎07-24-2007

Hi all
Thank you for your help
But it still doesn't work and I've read some manual and found that maybe the two DNS server I specified in /etc/resolv.conf should be Master server and Slave server while the fact is that they both are stand alone servers

Is that the reason?
Thx in advance

Bill Hassell · ‎07-25-2007

> But it still doesn't work and I've read some manual and found that maybe the two DNS server I specified in /etc/resolv.conf should be Master server and Slave server while the fact is that they both are stand alone servers

No, there is no difference in use of DNS servers. The most important line is the hosts: line in nsswitch.conf:

hosts: files [NOTFOUND=continue UNAVAIL=continue] dns
ipnodes: files [NOTFOUND=return] dns

Note that ipnodes: is required for 11.23 and higher.

Now to verify that you truly have working DNS servers, test each one:

nslookup p10 192.168.20.211
nslookup p10 192.168.20.212

This forces a DNS lookup to a specific server. If that works, then perform a reverse lookup like this:

nslookup 12.34.56.78 192.168.20.211
nslookup 12.34.56.78 192.168.20.212

-- where 12.34.56.78 is the IP address for p10. All 4 nslookup queries must return the correct result.

Now check using nsquery so you can see the actual resolver behavior:

nsquery hosts p10

This command is the most important command in tracing the results.

And finally, the domain line is optional and used primarily help resolve names within your domain (ie, p10.mydomain.com). But I suspect that ytour 192.168.20 network is fairly small so your local machines (nslookup p10) don't need FQDN names like p10.mydomain.com. Just use the server lines and drop the domain line. (man resolv.conf)

Bill Hassell, sysadmin

Wang,MinJie · ‎07-25-2007

Hey Bill
I've modified the /etc/nsswitch.conf according to what you told me
Then I ran "#nslookup p10 192.168.20.211" and "#nslookup p10 192.168.20.212" and it succeeded on "212" (exactly is what I've configured)
then I ran "#nslookup 192.168.20.223 192.168.20.212" and it succeeded too.
At last I run "#nsquery hosts p10" and it output like this:
********************************************
#nsquery hosts p10

Using "files[NOTFOUND=continue UNAVAIL=continue] dns" for the hosts policy.

Searching /etc/hosts for p10
p10 was NOTFOUND

Switch configuration: Allows fallback

Searching dns for p10
The Name Service is currently to busy to respond

Switch configuration: Allows fallback

All name services have been searched
********************************************
So what can I do now?

Andrew C Fieldsend · ‎07-25-2007

You might like to try running nslookup in debug mode:

# nslookup
> set d2
> p10

This will tell you exactly what requests are being sent to the server, and what the responses are.

You can run this against both servers (use "server 192.168.20.212" to change servers), and see what the differences are.

Matti_Kurkela · ‎07-26-2007

This is normal DNS resolver behavior.

From the DNS viewpoint, "host does not exist" or "domain does not exist" is not exactly an error. It is a definite answer to the client's question, although a negative one.
Errors would be something like "the query is malformed", "access denied", or "the DNS server is not responding".

The standard resolver assumes that an answer from one DNS server is just as good as from any other. The second (and third, if configured) nameserver is used only if the first one does not answer to the queries.

If you need to get the DNS information about some domains from one DNS server and all other DNS information from another server, you'll need to install a local DNS server in forward-only mode (i.e. not acting as a server, but more like a DNS cache and a smarter, more configurable resolver).

With it, you can usually define rules like "find information about 192.168.x.x, some.domain.example and another.example from one set of DNS servers, and everything else from another set of name servers". With just a standard resolv.conf file, this is not possible.

HP offers BIND 9 as a free download:
http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=BIND

The situations like this seem to happen for one of two reasons:
1.) a DNS delegation for some domain is missing from the DNS server of the parent domain, or
2.) someone wants to keep some DNS information "secret" or for "internal use only", but later someone who is not "internal" has a legitimate need for that information.

MK

MK

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: A question about /etc/resolv.conf

A question about /etc/resolv.conf