07-11-2001
Hi folks,
After searching the net for information I have finally found out that SunOS 4.1.4 has an issue with DNS (basically doesn't work without NIS or a patched resolver) The following is the thread that discusses the issue:
> Has anyone successfully gotten their statically linked FWTK-1.3 proxies
> working on a SunOS 4.1.4 platform *NOT* running NIS?
Yes, using BIND library or libresolv+.
> Our recent effort
> at building such a firewall makes me think the SunOS 4.1.4 resolver may
> be seriously broken (i.e., no DNS support), as compared to SunOS 4.1.3.
>
> After a fresh reload of the OS from CDROM, networking apps like ping and
> telnet can only resolve what's in the local /etc/hosts, despite having a
> properly configured /etc/resolv.conf pointing to an internal nameserver.
> Well, properly configured for SunOS 4.1.3, anyway; we don't have the Sun
> Release Notes for SunOS 4.1.4, and there's always a chance this is some
> sort of new Sun feature, I suppose (hint, hint...).
>
> An 'nslookup' from the firewall finds the internal nameserver without any
> problems. The internal nameserver forwards to the DNS on the firewall (a
> split DNS setup), which works; the firewall's DNS forwards to the external
> nameservers, which also works. Changing resolv.conf to point to the local
> nameserver (on the firewall) doesn't fix things.
>
> We snooped the inside net, and saw no DNS packets from the firewall to the
> inside nameserver when the resolver should have been sending to it; when a
> name was checked using nslookup from the firewall, we saw the traffic we'd
> expect. Starting up a ypbind on the firewall (for test purposes only) got
> us full resolvability (the NIS master goes to the internal DNS).
As far as I know, SunOS 4.1.3 had no more DNS support than 4.1.4. Either
your 4.1.3 was running NIS, either its shared libs had been rebuilt with a new
resolver. What you describe is exactly the same as with stock 4.1.3.
> Anyway, to solve our problems, we replaced the SunOS resolver and DNS with
> BIND 4.9.2, rebuilt the shared C library (but not libc.a), and rebuilt the
> proxies with dynamic links (static links still don't work, obviously).
Are you sure that you linked the proxies with your new libresolv.a ? They
should work statically linked as well.
> We now have both Sun and TIS apps on the firewall talking to the internal DNS
> nameserver.
Congratulations.
> Any comments/suggestions/opinions/facts would be welcome. Thanks,
I personally prefer to use libresolv+ rather than BIND library because it
allows to search hosts both in /etc/hosts and DNS. It's sometimes more
comfortable than relying entirely on DNS.
I thank all you for your help in trying to resolve the issue.
Don
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Is there a website to go to that gives you a set of instructions to set up DNS from start to finish? I need it for a Solaris 8 box on the Intel platform side. (3 Replies)
Discussion started by: Deuce
3 Replies
2. UNIX for Dummies Questions & Answers
I just bought a unix dedicated server from a company so that i can host websites on that server. I wanted to configure it but I have no clue :confused: as to where to start. If some one can just guide me to the right direction, i would greatly appreciate it.
megnote (1 Reply)
Discussion started by: megnote
1 Replies
3. UNIX for Dummies Questions & Answers
Hi,
I would like to create an internal webpage for my company that would only be viewable when connected to the VPN or internal network. I want a webpage like newsite.company.com. Is there a way to do this. We obviously already have www.company.com, but how would I go about creating the newsite.... (1 Reply)
Discussion started by: ejbrever
1 Replies
4. IP Networking
I would like to set up a DNS on my system, just to learn really, how difficult and what all is involved in the set up? How difficult? (6 Replies)
Discussion started by: jo calamine
6 Replies
5. Solaris
hey guys, how to add soalris box as a microsoft DNS Client ?
and how to register in the microsoft DNS ??
i managed to query from the DNS server after adding /etc/resolve.conf and editing /etc/nsswitch.conf
but i need to register the soalris server (dns Client) into Microsoft DNS automatically.... (3 Replies)
Discussion started by: mduweik
3 Replies
6. UNIX for Advanced & Expert Users
I'd like to get some opnions on choosing DNS server:
Windows DNS vs Linux BIND comparrsion:
1) managment, easy of use
2) Security
3) features
4) peformance
5) ??
I personally prefer Windows DNS server for management, it supports GUI and command line. But I am not sure about security... (2 Replies)
Discussion started by: honglus
2 Replies
7. Red Hat
Hi,
I have a question on how to point the DNS server-1's A-record to second DNS server, which is DNS server-2. So, the computer can access other domain which only listed in the DNS server-2. The scenario is as follow:
http://img689.imageshack.us/img689/6333/12234.png
How to configure this... (4 Replies)
Discussion started by: Paris Heng
4 Replies
8. Red Hat
I am trying to setup a CentOS 6.2 server that will be doing 3 things DHCP, DNS & Samba for a very small office (2 users). The idea being this will replace a very old Win2k server. The users are all windows based clients so only the server will be Linux based.
I've installed CentOS 6.2 with... (4 Replies)
Discussion started by: FireBIade
4 Replies
9. Red Hat
how do we update dns zone file entries without restarting named demon (5 Replies)
Discussion started by: abhay1983
5 Replies
10. Solaris
Hi,
We have built a new server (RHEL VM)and added that IP/hostname into dns zone configs file on DNS server (Solaris 10). Reloaded the configuration using
and added nameserver into resolv.conf on client. But when I am trying nslookup, its not getting resolved. The nameserver is not able to... (8 Replies)
Discussion started by: snchaudhari2
8 Replies
dns(n) dns dns(n)
NAME
dns - Tcl Domain Name Service Client
SYNOPSIS
package require Tcl 8.2
package require dns ?1.0.1?
::dns::resolve query ?options?
::dns::configure ?options?
::dns::name token
::dns::address token
::dns::cname token
::dns::status token
::dns::error token
::dns::reset token
::dns::wait token
::dns::cleanup token
DESCRIPTION
The dns package provides a Tcl only Domain Name Service client. You should refer to RFC 1034 and RFC 1035 for information about the DNS
protocol or read resolver(3) to find out how the C library resolves domain names. The intention of this package is to insulate Tcl scripts
from problems with using the system library resolver for slow name servers. It may or may not be of practical use. The package also
extends the package uri to support DNS URIs or the form dns:what.host.com or dns://my.nameserver/what.host.com. The dns::resolve command
can handle DNS URIs or simple domain names as a query.
Note: This package uses TCP to query DNS servers as the tcl core does not implement UDP networking. This means that this module will not
work if DNS over TCP is blocked by a firewall, or not accepted by the chosen nameserver.
COMMANDS
::dns::resolve query ?options?
Resolve a domain name using the DNS protocol. query is the domain name to be lookup up. This should be either a fully qualified
domain name or a DNS URI.
-nameserver hostname or -server hostname
Specify an alternative name server for this request.
-protocol tcp|udp
Specify the network protocol to use for this request. Can be one of tcp or udp. However only tcp is currently implemented in
the package.
-port portnum
Specify an alternative port.
-search domainlist
-timeout milliseconds
Override the default timeout.
-type TYPE
Specify the type of DNS record you are interested in. Valid values are A, NS, MD MF, CNAME, SOA, MB, MG, MR, NULL, WKS, PTR,
HINFO, MINFO, MX, TXT, AXFR, MAILB, MAILA and *. See RFC1035 for details about the return values.
-class CLASS
Specify the class of domain name. This is usually IN but may be one of IN for internet domain names, CS, CH, HS or * for any
class.
-recurse boolean
Set to false if you do not want the name server to recursively act upon your request. Normally set to true.
-command procname
Set a procedure to be called upon request completion. The procedure will be passed the token as its only argument.
::dns::configure ?options?
The ::dns::configure command is used to setup the dns package. The server to query, the protocol and domain search path are all set
via this command. If no arguments are provided then a list of all the current settings is returned. If only one argument then it
must the the name of an option and the value for that option is returned.
-nameserver hostname
Set the default name server to be used by all queries. The default is localhost.
-protocol tcp|udp
Set the default network protocol to be used. Defaults to tcp.
-port portnum
Set the default port to use on the name server. The default is 53.
-search domainlist
Set the domain search list. This is currently not used.
-timeout milliseconds
Set the default timeout value for DNS lookups. Defaults to 30 seconds.
::dns::name token
Returns a list of all domain names returned as an answer to your query.
::dns::address token
Returns a list of the address records that match your query.
::dns::cname token
Returns a list of canonical names (usually just one) matching your query.
::dns::status token
Returns the status flag. For a successfully completed query this will be ok. May be error or timeout or eof. See also ::dns::error
::dns::error token
Returns the error message provided for requests whose status is error. If there is no error message then an empty string is
returned.
::dns::reset token
Reset or cancel a DNS query.
::dns::wait token
Wait for a DNS query to complete and return the status upon completion.
::dns::cleanup token
Remove all state variables associated with the request.
EXAMPLES
% set tok [dns::resolve www.tcl.tk]
::dns::1
% dns::status $tok
ok
% dns::address $tok
199.175.6.239
% dns::name $tok
www.tcl.tk
Using DNS URIs as queries:
% set tok [dns::resolve "dns:tcl.tk;type=MX"]
% set tok [dns::resolve "dns://l.root-servers.net/www.tcl.tk"]
SEE ALSO
resolver(5)
AUTHORS
Pat Thoyts
KEYWORDS
DNS, resolver, domain name service
dns 1.0.1 dns(n)