HPE Community
Operating System - HP-UX
1846551 Members
1716 Online
110256 Solutions
New Discussion

DNS Cache

 
SOLVED
Go to solution
Stéphane Gauthier
Advisor

‎05-08-2006 01:36 AM

‎05-08-2006 01:36 AM

DNS Cache

Hello all,

Our DNS server is a W2K3 box. We recently moved all the printers entries from HP-UX /etc/hosts file to our DNS server to keep it under one single place. When the W2K3 box failed to answer or reboot, if a user is printing from the HP-UX box, then UNIX can't make the printer name resolution and disable the printer. I have set a second DNS server in /etc/resolve.conf but seems like it never look to the second DNS server but disable the printer. My question is: Is there any kind of DNS cache I can set on the UNIX side and if yes, HOW? Any other suggestion?

Tks.
0 Kudos
Reply
11 REPLIES 11
Steven E. Protter
Exalted Contributor

‎05-08-2006 02:02 AM

‎05-08-2006 02:02 AM

Re: DNS Cache

Shalom,

/etc/nsswitch.conf

hosts dns,files

files becomes the failover.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Geoff Wild
Honored Contributor

‎05-08-2006 02:44 AM

‎05-08-2006 02:44 AM

Re: DNS Cache

As far as caching goes - you could set up the Unix server to be a cacheing only DNS server.

http://docs.hp.com/en/B2355-90775/ch02s06.html

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎05-08-2006 09:32 AM

‎05-08-2006 09:32 AM

Re: DNS Cache

If you are stuck with an unreliable DNS server, just change the nsswitch.conf file to:

hosts: files dns

What this does is to look in /etc/hosts first (which is a good idea because you control it). Put all your printer IP addresses (or other servers handling your print requests) as well as other important hostnames and IPs into this file and now the DNS server is only consulted for unimportant addresses.

Note that a DNS server is actually a major component in corporate security system so it may be located on the wrong machine.


Bill Hassell, sysadmin
0 Kudos
Reply
Stéphane Gauthier
Advisor

‎05-09-2006 03:23 AM

‎05-09-2006 03:23 AM

Re: DNS Cache

So what I can understand is that there is no DNS cache on HP-UX. If the DNS server fails, HP-UX does not have a cache to look in so it can resolve the DNS name.

Is this correct?

The thing is that we want to keep the /etc/hosts files empty as possible and use the DNS server because Windows and Unix uses these entries.
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎05-09-2006 05:40 AM

‎05-09-2006 05:40 AM

Solution

Re: DNS Cache

> So what I can understand is that there is no DNS cache on HP-UX. If the DNS server fails, HP-UX does not have a cache to look in so it can resolve the DNS name.

>Is this correct?

Correct. Either the DNS server works 100% of the time, or you fall back on /etc/hosts. The problem with failed DNS servers is that they cause VERY BIG delays (20 secs) to move to the second or 3rd server for EVERY request. That's the reason for putting the critical systems (and printers) into /etc/hosts. Once you have a dependable DNS system, you can reduce /etc/hosts.

Now you could try setting up a DNS caching server on your HP-UX box but it's primary purpose is for workload sharing.

> The thing is that we want to keep the /etc/hosts files empty as possible and use the DNS server because Windows and Unix uses these entries.

This only works if DNS is the most reliable and stable system in your network (no reboots, mirrored disks, redundant network cards, etc). Having all the addresses in one box is good but it is catastrophic to all systems when it fails.


Bill Hassell, sysadmin
Reply
Stéphane Gauthier
Advisor

‎05-09-2006 05:58 AM

‎05-09-2006 05:58 AM

Re: DNS Cache

Ok, so here is what I am thinking:

1. Is there a way to reduce that 20 seconds time so HP-UX looks on the secondary DNS as soon as it can't contact the first one?

2. Is there a configurable parameter in HP-UX to expand the time for PH-UX to disable a printer before it get disable?

3. Would BIND as secondary DNS be a good solution?

Tks
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎05-09-2006 06:19 AM

‎05-09-2006 06:19 AM

Re: DNS Cache

1) Yes - man resolv.conf & look at the "retry" (hint set it lower than the default 5) AND "retrans" (hint set it lower than the default 5000 milliseconds as well - now do you see the 20 seconds?)

2) Not sure

3) DNS is essentially BIND

HTH,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎05-09-2006 06:20 AM

‎05-09-2006 06:20 AM

Re: DNS Cache

Oops - sorry.
The default value of retry is 4

Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Christian Tremblay
Trusted Contributor

‎05-09-2006 06:33 AM

‎05-09-2006 06:33 AM

Re: DNS Cache

Yes, You could set up a secondary DNS on a UNIX server, then when the windoze box dies, it would resolve to this server.
Just add a line to /etc/resolv.conf

nameserver < IPaddress >
after the existing one.

I always set up a secondary DNS but I have never done it having the primary on a windoze box, when both are on UNIX the secondary will be updated automatically from the primary every X minutes
X is configurable.

I bet the reason why your DNS is on a windoze box is that the people maintaining it don't know how to edit a file using vi :-)
0 Kudos
Reply
Geoff Wild
Honored Contributor

‎05-09-2006 06:48 AM

‎05-09-2006 06:48 AM

Re: DNS Cache

Along what Jeff says:

On HP-UX, you can set the following in resolv.conf:


retrans 1000
retry 2

retrans

Retransmission timeout. It is interpreted during
the res_init() (see resolver(3N)) call. It has
higher precedence than setting it through the
set_resfeild() (see resolver(3N)) API and lower
precedence than setting it through the RES_RETRANS
(see resolver(3N)) environment variable. Whenever
an invalid value is specified for retrans, a
message is flagged in syslog. The default value
is 5000 milliseconds.

retry

Number of retries. This is interpreted during the
res_init() (see resolver(3N)) call. It has higher
precedence than setting it through the
set_resfeild() (see resolver(3N)) API and lower
precedence than setting it through the RES_RETRY
(see resolver(3N)) environment variable. Whenever
an invalid value is specified for retry, a message
is flagged in syslog. The default value is 4.


That will speed up any delays going from 1 nameserver to another - unfortunately, Windows does a better job - if it can't get to the first one, it goes to the second - if successful, it's next query will automatically go to the second. In unix, this is not the case - we will always try the nameservers in order based on resolv.conf.

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎05-09-2006 07:08 AM

‎05-09-2006 07:08 AM

Re: DNS Cache

Geoff, that HP document sucks (actually most of the documentation I have ever seen on DNS Caching sucks and most of it is totally inaccurate.) It does not resolve localhost - which means you will be resolving it at the local dns servers and it the extreme case at the internet root servers.

Stephane, have a look at this link
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=840826
and look for my responses.

live free or die
harry d brown jr
Live Free or Die
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.