Unanswered Questions
2,254 questions with no upvoted or accepted answers
9
votes
2
answers
689
views
Cisco DNS doctoring or Hairpinning?
I've the following configuration: CISCO 881, IOS 15.2(4)M6. On WAN interface is configured the 86.34.156.48/29 subnet from our ISP. Behind the router is staying 2 webserver. NAT: 86.34.156.51 <> ...
8
votes
1
answer
2k
views
DNS and Active Directory configuration for a branch office
We've got a branch office with no on-site services at the moment, and we'd like to change that. The biggest goal is to setup some file servers but faster logins and DNS resolution will be welcome as ...
7
votes
0
answers
3k
views
Registrar nameservers vs. NS records for bare domain?
OK, I'm a bit new to DNS, but I'm having some trouble finding the answer to this. I have a domain registered at google domains. As with other registrars, you have access to their free DNS, and ...
6
votes
0
answers
2k
views
Caching, forwarding Bind 9.9.4 server works for weeks, suddenly SERVFAIL on all queries (rebooting fixes it)
I have bind 9.9.5 running on two servers (CentOS 6 and 7), for caching and forwarding DNS queries for a mail server. The servers run fine for weeks, then suddenly respond to all queries with SERVFAIL. ...
5
votes
1
answer
10k
views
Adding a new DNS server with systemd-resolved
To access other machines on my network by their name, I have to add the following two lines to my /etc/resolv.conf:
search foo.local
nameserver 192.168.X.Y
But any changes I make do not persist ...
5
votes
0
answers
3k
views
BIND: DNS failover and high availability with dynamic updates
I am trying to design a system with 2 servers that act as both DHCP and DNS servers with dynamic updates. I am using ISC DHCP and BIND9.
It looks like this.
Server1 - DHCP primary and DNS master. IP ...
5
votes
1
answer
36k
views
CentOS 7 Unable to Resolve Any Host Names
New to Linux and looking for friendly assistance.
My company is re-configuring our network DNS infrastructure to point our internal DNS servers at two new CentOS 7 / BIND 9 machines in our DMZ ...
5
votes
0
answers
3k
views
Understanding (and partially disabling?) DNSSEC for an internal domain
I am setting up a new DNS infrastructure for our internal HPC cluster environment. This involves providing a migration path from our existing DNS authorities and domains.
For sake of example, let's ...
5
votes
0
answers
4k
views
can't access sub-subdomain: DNS_PROBE_FINISHED_NXDOMAIN
I can't access to sub-subdomains.
For example http://electricien.synerciel.fr is working.
But, for sub-subdomains http://electricite-lemonnier.electricien.synerciel.fr/ returns ...
5
votes
0
answers
5k
views
Force Windows to use only TCP for DNS lookup
I have a broken (badly configured) VPN network that I cannot change. The remote gateway will route all UDP traffic for port 53 to a special DNS service. But I need to use a different DNS server also ...
5
votes
1
answer
1k
views
Mac OSX Server 10.6 DNS Issues
The server was upgraded from 10.5 from 10.6, during the upgrade the Reverse Zones were lost so I tried to recreate these but found that it's best to delete all zones, definitions and start again.
So ...
5
votes
1
answer
14k
views
curl and wget attempting an ipv6 connection
On my dedicated server (hosted by OVH), that is running a fresh install of Ubuntu 14.04, curl and wget take approximately 10 seconds to complete a simple request.
$ curl -v google.com
* Rebuilt URL ...
4
votes
1
answer
931
views
Internal DNS TTLs
Four-site company using Windows Domain and DNS servers. Minimum of one DC/DNS server per site. One site is HQ and hosts most companywide servers and services. DNS records for Windows servers are ...
4
votes
0
answers
282
views
Keeping DNSSEC KSKs offline with BIND9
I am looking to move the private part of the KSK for my domains off my main nameserver. I've tried this with a test domain and get errors like this:
dns_dnssec_keylistfromrdataset: error reading /etc/...
4
votes
0
answers
429
views
How to enable hostname resolution (dns) for lxd containers from the lxd host?
How to enable lxd hostname resolution from the lxd host?
After creating the below container:
>>> lxc launch ubuntu: container
Creating container
Starting container
>>> lxc list
+--...
4
votes
0
answers
5k
views
DNS IPv6 settings on Domain Controllers
Both in my lab testing and on real installation I saw that, after a dcpromo (done via "Server Manager" on Windows 2016), a loopback IPv6 address is automatically added on the interface DNS settings (...
4
votes
0
answers
2k
views
Getting to enforcing google safe search using CNAME with unbound and nsd?
I am trying to implement this using Unbound and Nsd: https://support.google.com/websearch/answer/186669?hl=en
To force SafeSearch for your network, you’ll need to update your DNS. configuration. ...
4
votes
0
answers
542
views
DHCP Server Listing Host as "BAD_ADDRESS" and not Registering DNS
Question
Why is DHCP showing "BAD_ADDR", why does it think there is a Conflict, and why can't the host register its DNS name?
Devices:
DHCP Server = Server 2012 on bare metal. Also running DNS.
...
4
votes
1
answer
9k
views
Unbound refuses requests from localhost even though `access-control: 127.0.0.1 allow_snoop`
This is my unbound.conf
server:
interface: 0.0.0.0
access-control: 10.0.0.0/8 allow_snoop
access-control: 127.0.0.1 allow_snoop
access-control: 192.168.0.0/16 allow_snoop
...
Reading the ...
4
votes
0
answers
897
views
Unable to Join domain, unable to resolve hostname
I'm having problems connecting a computer to the domain. I'll explain my setup (with hostnames). I have:
Hyper-V Guest 1 (Imperium) - DC / DNS Server (Server 2016 Essentials)
Hyper-V Guest 2 (Lima) ...
4
votes
0
answers
388
views
Bind notifies on DNS views
I have configured two Cent OS based DNS servers one for master and one for slave with internal and external views for a domain. The problem is that i get notifies and automatic zone updates when i ...
4
votes
1
answer
6k
views
request has invalid signature: TSIG rndc-test-key: tsig verify failure (BADKEY)
I am pretty much new to bind DNS and during nsupdate , i am getting BADKEY error.I have /root/named/chroot/etc/rndc.key as below :-
key "rndc-test-...
4
votes
0
answers
821
views
How do I set up openshift’s bind correctly
I have set up an instance of redhat’s Openshift origin and am sometimes having troubles resolving the individual apps’ domains from the outside.
I have two physical machines running, both with their ...
4
votes
0
answers
599
views
Does AWS Elastic Beanstalk Swap Environment Url swaps environments for git push?
I have read the docs for zero downtime on aws but cant seem to understand what happens in this scenario?
I have a environment running in production called 'red'
I duplicate the environment as 'blue'
...
4
votes
0
answers
4k
views
vmware DNS in host-only configuration
I want to connect a Linux VM running in VMWare on a Windows 7 laptop to an enterprise network using host-only configuration.
I was able to setup bidirectional routing between "host-only" VMWare ...
4
votes
2
answers
823
views
Windows Server 2008 R2 DNS - Syncronizing changes to TTL
I apologize if this has been asked. My searches have not been successful.
If I have 2 DNS servers in my Domain and add an A record to 1 server, that record is successfully propagated to the second ...
4
votes
1
answer
824
views
Zone transfer Windows Server DNS from NSD
I have a NSD server being primary server for a zone and want a Windows Server (2008 and 2012 RC) box to be secondary for that zone. Everything is configured and working EXCEPT:
When Windows receives ...
4
votes
0
answers
998
views
Ubuntu SOCKS proxy setup with two interfaces - how to pass DNS
I setup a SOCKSv5 server (Dante) on Ubuntu with two ethernet interfaces:
eth0 is connected to my WAN with a static routable IP
eth1 is connected to my LAN with a private IP
I have a client ...
4
votes
2
answers
912
views
DNS delegation on same server with DDNS and second slave server
I have two servers running BIND, the first is setup as the master of two zones and the second as a slave for those zones. The zones are example.com and ddns.example.com. I have DDNS running and ...
3
votes
0
answers
73
views
cURL intermittently failing to resolve domains, while dig always resolves successfully
We have two machines that periodically query various external resources using cURL. Beginning a couple of days ago, these requests have begun intermittently failing with Could not resolve host: www....
3
votes
2
answers
381
views
App Engine Adding custom domain verification failed despite main site ownership verified
I am trying to veryfy a subdomain to configure a server side GTM container.
The property is verified on the search console
However when I click refresh domain, I still get "Your domain hasn't ...
3
votes
0
answers
2k
views
dnsmasq: How to set alias domain / multiple DNS suffixes for local hostname resolution?
Is it possible to set multiple search domains via dnsmasq/DHCP? Due to some migration, I need multiple clients to be able to:
ping server.old-domain
ping server.new-domain
# both should work, .old-...
3
votes
0
answers
295
views
How to add/change NAPTR records to a specific ZoneScope in Windows DNS using PowersShell
I'm using DNS Policies in Windows DNS for split-horizon. I need to add NAPTR records which resolve differently based on the subnet of where the request came from. I've got almost all of it figured out,...
3
votes
0
answers
745
views
Supporting IPv6-only clients in connecting to IPv4-only hosts
I have a service that aggregates third-party content, but ultimately end-users connect directly to the third parties they're interested in. The problem I'm facing is that many users are connecting ...
3
votes
0
answers
2k
views
DNSSEC for private internal sub zones of an external domain
Consider the following scenario:
example.com is hosted on CloudFlare and it's signed by CloudFlare DNSSEC. Everything works as expected for example.com.
Inside the company we have some internal ...
3
votes
0
answers
9k
views
Server can't find domain: SERVFAIL
I have VPS and CentOS7 installed on it. Also I have httpd Apache2, nginx, named and iptables services working there. First, when I just bought this server, I had hostname maindomain1.com and made my ...
3
votes
0
answers
614
views
Windows 2016 DNS server returns SERVFAIL for non-existing domain
I have two DNS resolvers in /etc/resolv.conf file. The top one is Windows DNS server, and the bottom one is my wi-fi router. Please see below.
nameserver 192.168.1.126
nameserver 192.168.1.1
In ...
3
votes
0
answers
43
views
How should private network services be exposed to users using DNS over HTTPS?
As DNS over HTTPS becomes more widely deployed, I am starting to hear reports that users are failing to access services from internal networks when DNS over HTTPS is turned on.
Fair enough, DNS over ...
3
votes
0
answers
398
views
Why does Apache need such a long time for initial connection?
I am running apache 2.4.18 on ubuntu. Serving about 500.000 PI per month. No big deal without peaks. Somehow it started now to take a long time for the initial connection, after restarting apache it ...
3
votes
0
answers
440
views
Different nslookup answers on different clients in local network with local DNS
Situation:
I have a few clients in a local network.
I have a server named amp003 with IP address 192.168.4.13
I have two DNS servers (each one on relative DC server).
On client 1 I did following:
...
3
votes
2
answers
4k
views
Is it possible to have name-resolution from Fortigate and local DNS server?
Can you advise on moving to a hybrid DNS?
Currently, all our LAN machines receive their IP address from our Fortigate 60D (each machine is either allocated an IP address from the Fortigate DHCP, or ...
3
votes
0
answers
4k
views
Dnsmasq unable to resolve local host
I'm unable to get my local DNS server to work and totally stumped. Here's what I have done so far to make it work...
Dnsmasq configured on Ubuntu 18.04 ( Static IP: 192.168.1.100)
/etc/resolv.conf
...
3
votes
1
answer
431
views
Is it possible to change sendmail behavior on "Host unknown" errors?
Sendmail 8.14.4
I had DNS issues resulting in a DNS server thinking that a hostname wasn't available (when in fact, it was available).
That resulted in the following delivery log entry in sendmail:
...
3
votes
0
answers
3k
views
Mailgun emails are rejected everywhere but on Gmail
My problem and Mailgun logs
I've "setup and verified" (see context) my sending domain with Mailgun, so I could use it to deliver my contact/order forms via Mailgun API: https://github.com/...
3
votes
2
answers
2k
views
Windows server ignoring DNS resolution on private interface
I have a Windows 2012 server with two interfaces - public internet facing, and private.
The private interface uses our internal DNS servers. This interface has no gateway. Static IP - not DHCP.
I ...
3
votes
1
answer
955
views
Search option in resolv.conf getting overwritten by prepend statement in dhclient.conf
I have setup a DNS server for my department which is running FreeBSD 10.2. It is currently connected to the campus internet and receiving its address via dhcp, so /etc/resolv.conf looks like this:
#...
3
votes
1
answer
1k
views
Error using dnssec-signzone in chroot'd bind 9.8 when a zone file includes other files
Using bind 9.8.2 on RHEL 6.5, running chroot'd.
I have a zone file that includes other files (it's a zone with a large number of servers in different datacenters, and there's one included file per ...
3
votes
0
answers
797
views
How to disable IPv4 use on OSX (Or disable Happy Eyeballs)
I have a OSX El Capitain (10.11.2) host that has only IPv6 connectivity. The network uses NAT64 and DNS64 to provide access to legacy IPv4 hosts on the internet. The problem is that when looking up a ...
3
votes
2
answers
1k
views
Why is sendmail calling dns_getcanonname for domains of non-recipients in the To: header?
We've noticed an occasional repeatable problem in our sendmail config. The scenario is we receive a message from the internet with one of our users in the To: list, and one of the other users in the ...
3
votes
0
answers
5k
views
DNS Failure From Cisco AnyConnect SSL VPN Subnet
We have three Windows Domain Controllers (2012 R2 and 2008 R2 mix), all DNS servers. Split-zone DNS scenario.
DNS resolution is working for all internal subnets except over User VPN. All network ...