lynn said the following on 03/30/2012 03:28 PM:
On 30/03/12 19:16, Anton Aylward wrote:
Carlos E. R. said the following on 03/30/2012 11:15 AM:
On 2012-03-30 14:35, Anton Aylward wrote:
Have you tried the reverse lookup? (Sorry this is complicated but its finding the IP address in a site independent manner)
# dig -s $( ip addr show to 0.0.0.0/0 scope global | \ awk '/[[:space:]]inet / { print gensub("/.*","","g",$2) }' )
That should give you the FQDN of your host. cer@Telcontar:~> dig -s $( ip addr show to 0.0.0.0/0 scope global | \ awk '/[[:space:]]inet / { print gensub("/.*","","g",$2) }' ) Invalid option: -s Sorry, my finger slipped. s is next to x ...
As the man page makes clear, reverse lookup is "-x".
I'm sure everyone is smart enough ...
Nope. Not working.
Right
I just added the reverse zone in Yast but there seems to be a conflict between it and the samba4 dlz stuff we're running.
Could you explain what the 'conflict' is, how it manifests and a little of what's going on behind the scenes? The point I'm making here is that you need a complete and working 'spanning set'. Just parts of it working aren't going to be enough.
dig -x $( ip addr show to 0.0.0.0/0 scope global | awk '/[[:space:]]inet / { print gensub("/.*","","g",$2) }' ) berized nfs ; <<>> DiG 9.8.1-P1 <<>> -x 192.168.1.3 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56925 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION: ;3.1.168.192.in-addr.arpa. IN PTR
;; AUTHORITY SECTION: 168.192.in-addr.arpa. 86400 IN SOA 168.192.in-addr.arpa. . 0 28800 7200 604800 86400
;; Query time: 24 msec ;; SERVER: 192.168.1.3#53(192.168.1.3) ;; WHEN: Fri Mar 30 21:19:19 2012 ;; MSG SIZE rcvd: 77
Right. This shows the reverse for 192.168.1.3 isn't working and I'd assume from that for the whole of your 192.168.1/24 subnet. This has nothing to do with the reverse lookup of 127.0.0.1, which you might like to try as well: :-) # dig -x 127.0.0.1 I suspect that this has more to do with your problems than anything else.
My workaround is to add the 127.0.1.1 as. I only need it for really fussy dns stuff like Kerberos with nfs where if you so much as breathe, bind just turns away.
I've known many applications where there is a security check - given an IP address, do a backward lookup to get the name, then do a forward lookup to get the IP address for that name. Is the address you started out with the same as the one you ended up with? If not, something is wrong. If this is the case with the "fussy dns stuff like kerberos" then the failed reverse lookup you reported is a source of your problems.
I'm glad to see the Samba4 guys working on a modern replacement for bind.
There are number of 'replacements' - that is there are a number of other pieces of code that implement the protocol of the DNS server. BIND may have problems but these are not it. I suspect that if you used one of the alternatives to BIND you might find the configuration easier. I'm biased; I've been using BIND since 1990 so I'm used to it, but as I say, there's interaction with nsswitch and DHCP to consider. You are updating your DNS from DHCP, aren't you? If not then there's a possible source of your problems! http://www.semicomplete.com/articles/dynamic-dns-with-dhcp/ See http://en.wikipedia.org/wiki/Comparison_of_DNS_server_software#Feature_matri... for how crippled some of the alternatives are! The best (?) of the bunch is probably http://cr.yp.to/djbdns.html I've not used it; I find Daniels code and commentary to be confusing. On the whole I recommend the Cricket Lui book from O'Reilly. -- How come wrong numbers are never busy? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org