Hi, I am in a large network that uses Active Directory DDNS and redhat can simply not resolve any other computernames in the network... well atleast thare is a large segment of them that can not be resolved. no workstations for example. I use the default setup and allow DHCP to configure everything. In windows it works fine, but in this version (I do not know about earlier versions) it does not work at all. I do nslookup to the same server using the same DNS server and get diferent results. eg. the DNS server (windows 2000) does not reply with the same anwer if you are redhat. WIN: Z:\tmp\scan>nslookup burner Server: dhcnic02.<removed>.com Address: 10.104.241.115
Name: burner.stores.<removed>.com Address: 10.89.17.84
REDHAT: Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. Server: 10.104.241.115 Address: 10.104.241.115#53
** server can't find burner: SERVFAIL What is going on????!!! RedHat cant talk DNS??
stephan schutter wrote:
Hi, I am in a large network that uses Active Directory DDNS and redhat can simply not resolve any other computernames in the network... well atleast thare is a large segment of them that can not be resolved. no workstations for example. I use the default setup and allow DHCP to configure everything. In windows it works fine, but in this version (I do not know about earlier versions) it does not work at all. I do nslookup to the same server using the same DNS server and get diferent results. eg. the DNS server (windows 2000) does not reply with the same anwer if you are redhat. WIN: Z:\tmp\scan>nslookup burner Server: dhcnic02.<removed>.com Address: 10.104.241.115
Name: burner.stores.<removed>.com Address: 10.89.17.84
REDHAT: Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. Server: 10.104.241.115 Address: 10.104.241.115#53
** server can't find burner: SERVFAIL What is going on????!!! RedHat cant talk DNS??
-- Rhl-beta-list mailing list Rhl-beta-list@redhat.com http://www.redhat.com/mailman/listinfo/rhl-beta-list
Are you specifying the fully qualified domain. Look at /etc/resolv.conf. What does it have for its domain? What does it have after search?
Dan
sorry for the paranoia... It would just be too easy for a social engineer with the details and the company name... if it helps you to know where I am... we can do this in private email...
as you can see they have the same name servers and the subnet is the same, and the search domain is the same... how can they get a diferent answer from the name server?
______ RESOLVE.CONF _________________
; generated by /sbin/dhclient-script search hq.<censored>.com nameserver 10.104.241.115 nameserver 10.114.215.20
the hq* comes from DHCP...
[root@thumper root]# ifconfig eth0 Link encap:Ethernet HWaddr 00:06:5B:2C:A6:61 inet addr:10.89.17.22 Bcast:10.89.17.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:342584 errors:0 dropped:0 overruns:1 frame:0 TX packets:127144 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:26721199 (25.4 Mb) TX bytes:57670951 (54.9 Mb) Interrupt:11 Base address:0xec80
_______ WinXP config _________________ C:\Documents and Settings\Administrator>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : clone-xor7cco2u Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection 2:
Connection-specific DNS Suffix . : hq.<censored>.com Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast Ethernet Controller (3C905C-TX Compatible) Physical Address. . . . . . . . . : 00-06-5B-E0-50-8C Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 10.89.17.91 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 10.89.17.1 10.89.17.2 DHCP Server . . . . . . . . . . . : 10.114.83.24 DNS Servers . . . . . . . . . . . : 10.104.241.115 10.114.215.20 Primary WINS Server . . . . . . . : 10.104.240.251 Secondary WINS Server . . . . . . : 10.114.48.250 Lease Obtained. . . . . . . . . . : Wednesday, August 27, 2003 9:04:44 AM Lease Expires . . . . . . . . . . : Monday, September 01, 2003 9:04:44 AM
Daniel J Walsh wrote:
stephan schutter wrote:
Hi, I am in a large network that uses Active Directory DDNS and redhat can simply not resolve any other computernames in the network... well atleast thare is a large segment of them that can not be resolved. no workstations for example. I use the default setup and allow DHCP to configure everything. In windows it works fine, but in this version (I do not know about earlier versions) it does not work at all. I do nslookup to the same server using the same DNS server and get diferent results. eg. the DNS server (windows 2000) does not reply with the same anwer if you are redhat. WIN: Z:\tmp\scan>nslookup burner Server: dhcnic02.<removed>.com Address: 10.104.241.115
Name: burner.stores.<removed>.com Address: 10.89.17.84
REDHAT: Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. Server: 10.104.241.115 Address: 10.104.241.115#53
** server can't find burner: SERVFAIL What is going on????!!! RedHat cant talk DNS??
-- Rhl-beta-list mailing list Rhl-beta-list@redhat.com http://www.redhat.com/mailman/listinfo/rhl-beta-list
Are you specifying the fully qualified domain. Look at /etc/resolv.conf. What does it have for its domain? What does it have after search? Dan
-- Rhl-beta-list mailing list Rhl-beta-list@redhat.com http://www.redhat.com/mailman/listinfo/rhl-beta-list
Don't worry about the paronoia. Lets just call the domain censored.com
Not sure how Microsoft works. But your query was looking for burner.censored.com which does not exist.
Microsoft returned burner.stores.censored.com
In order to have this happen on Unix. You would need the search in resolv.conf to look like the following
search censored.com stores.censored.com
Dan
stephan schutter wrote:
sorry for the paranoia... It would just be too easy for a social engineer with the details and the company name... if it helps you to know where I am... we can do this in private email...
as you can see they have the same name servers and the subnet is the same, and the search domain is the same... how can they get a diferent answer from the name server?
______ RESOLVE.CONF _________________
; generated by /sbin/dhclient-script search hq.<censored>.com nameserver 10.104.241.115 nameserver 10.114.215.20
the hq* comes from DHCP...
[root@thumper root]# ifconfig eth0 Link encap:Ethernet HWaddr 00:06:5B:2C:A6:61 inet addr:10.89.17.22 Bcast:10.89.17.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:342584 errors:0 dropped:0 overruns:1 frame:0 TX packets:127144 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:26721199 (25.4 Mb) TX bytes:57670951 (54.9 Mb) Interrupt:11 Base address:0xec80
_______ WinXP config _________________ C:\Documents and Settings\Administrator>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : clone-xor7cco2u Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection 2:
Connection-specific DNS Suffix . : hq.<censored>.com Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast
Ethernet Controller (3C905C-TX Compatible) Physical Address. . . . . . . . . : 00-06-5B-E0-50-8C Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 10.89.17.91 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 10.89.17.1 10.89.17.2 DHCP Server . . . . . . . . . . . : 10.114.83.24 DNS Servers . . . . . . . . . . . : 10.104.241.115 10.114.215.20 Primary WINS Server . . . . . . . : 10.104.240.251 Secondary WINS Server . . . . . . : 10.114.48.250 Lease Obtained. . . . . . . . . . : Wednesday, August 27, 2003 9:04:44 AM Lease Expires . . . . . . . . . . : Monday, September 01, 2003 9:04:44 AM
Daniel J Walsh wrote:
stephan schutter wrote:
Hi, I am in a large network that uses Active Directory DDNS and redhat can simply not resolve any other computernames in the network... well atleast thare is a large segment of them that can not be resolved. no workstations for example. I use the default setup and allow DHCP to configure everything. In windows it works fine, but in this version (I do not know about earlier versions) it does not work at all. I do nslookup to the same server using the same DNS server and get diferent results. eg. the DNS server (windows 2000) does not reply with the same anwer if you are redhat. WIN: Z:\tmp\scan>nslookup burner Server: dhcnic02.<removed>.com Address: 10.104.241.115
Name: burner.stores.<removed>.com Address: 10.89.17.84
REDHAT: Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. Server: 10.104.241.115 Address: 10.104.241.115#53
** server can't find burner: SERVFAIL What is going on????!!! RedHat cant talk DNS??
-- Rhl-beta-list mailing list Rhl-beta-list@redhat.com http://www.redhat.com/mailman/listinfo/rhl-beta-list
Are you specifying the fully qualified domain. Look at /etc/resolv.conf. What does it have for its domain? What does it have after search? Dan
-- Rhl-beta-list mailing list Rhl-beta-list@redhat.com http://www.redhat.com/mailman/listinfo/rhl-beta-list
-- Rhl-beta-list mailing list Rhl-beta-list@redhat.com http://www.redhat.com/mailman/listinfo/rhl-beta-list
Thank you for all your responses.
That solves the resolution question. This implies that I did not pick up the complete scope from DHCP. This is Microsoft DHCP, using named spaces quite intensively, is it diferent from UNIX? I mean; if I am only picking up part of the DHCP info, then my DHCP client is not acting like the Microsoft one... what could be different?
Daniel J Walsh wrote:
Don't worry about the paronoia. Lets just call the domain censored.com
Not sure how Microsoft works. But your query was looking for burner.censored.com which does not exist.
Microsoft returned burner.stores.censored.com
In order to have this happen on Unix. You would need the search in resolv.conf to look like the following
search censored.com stores.censored.com
Dan
stephan schutter wrote:
sorry for the paranoia... It would just be too easy for a social engineer with the details and the company name... if it helps you to know where I am... we can do this in private email...
as you can see they have the same name servers and the subnet is the same, and the search domain is the same... how can they get a diferent answer from the name server?
______ RESOLVE.CONF _________________
; generated by /sbin/dhclient-script search hq.<censored>.com nameserver 10.104.241.115 nameserver 10.114.215.20
the hq* comes from DHCP...
[root@thumper root]# ifconfig eth0 Link encap:Ethernet HWaddr 00:06:5B:2C:A6:61 inet addr:10.89.17.22 Bcast:10.89.17.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:342584 errors:0 dropped:0 overruns:1 frame:0 TX packets:127144 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:26721199 (25.4 Mb) TX bytes:57670951 (54.9 Mb) Interrupt:11 Base address:0xec80
_______ WinXP config _________________ C:\Documents and Settings\Administrator>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : clone-xor7cco2u Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection 2:
Connection-specific DNS Suffix . : hq.<censored>.com Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast
Ethernet Controller (3C905C-TX Compatible) Physical Address. . . . . . . . . : 00-06-5B-E0-50-8C Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 10.89.17.91 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 10.89.17.1 10.89.17.2 DHCP Server . . . . . . . . . . . : 10.114.83.24 DNS Servers . . . . . . . . . . . : 10.104.241.115 10.114.215.20 Primary WINS Server . . . . . . . : 10.104.240.251 Secondary WINS Server . . . . . . : 10.114.48.250 Lease Obtained. . . . . . . . . . : Wednesday, August 27, 2003 9:04:44 AM Lease Expires . . . . . . . . . . : Monday, September 01, 2003 9:04:44 AM
Daniel J Walsh wrote:
stephan schutter wrote:
Hi, I am in a large network that uses Active Directory DDNS and redhat can simply not resolve any other computernames in the network... well atleast thare is a large segment of them that can not be resolved. no workstations for example. I use the default setup and allow DHCP to configure everything. In windows it works fine, but in this version (I do not know about earlier versions) it does not work at all. I do nslookup to the same server using the same DNS server and get diferent results. eg. the DNS server (windows 2000) does not reply with the same anwer if you are redhat. WIN: Z:\tmp\scan>nslookup burner Server: dhcnic02.<removed>.com Address: 10.104.241.115
Name: burner.stores.<removed>.com Address: 10.89.17.84
REDHAT: Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. Server: 10.104.241.115 Address: 10.104.241.115#53
** server can't find burner: SERVFAIL What is going on????!!! RedHat cant talk DNS??
-- Rhl-beta-list mailing list Rhl-beta-list@redhat.com http://www.redhat.com/mailman/listinfo/rhl-beta-list
Are you specifying the fully qualified domain. Look at /etc/resolv.conf. What does it have for its domain? What does it have after search? Dan
-- Rhl-beta-list mailing list Rhl-beta-list@redhat.com http://www.redhat.com/mailman/listinfo/rhl-beta-list
-- Rhl-beta-list mailing list Rhl-beta-list@redhat.com http://www.redhat.com/mailman/listinfo/rhl-beta-list
-- Rhl-beta-list mailing list Rhl-beta-list@redhat.com http://www.redhat.com/mailman/listinfo/rhl-beta-list
On Wed, 2003-08-27 at 12:19, stephan schutter wrote:
Thank you for all your responses.
That solves the resolution question. This implies that I did not pick up the complete scope from DHCP. This is Microsoft DHCP, using named spaces quite intensively, is it diferent from UNIX? I mean; if I am only picking up part of the DHCP info, then my DHCP client is not acting like the Microsoft one... what could be different?
in redhat-config-network, when you are editing an interface, under "DHCP settings" there is a checkbox for "automatically obtain DNS information from provider". Maybe that is what you want? Maybe the MS dhcp client does it by default? Sorry, I haven't been following this thread so maybe you've already covered this. Scott
Right, if I do this, the only domain it picks up is the local one (based on subnet):hq.xxxx.com instead of grabing all of the domain search order list (stores, hq, etc. xxxxx.com)
Scott Seagroves wrote:
On Wed, 2003-08-27 at 12:19, stephan schutter wrote:
Thank you for all your responses.
That solves the resolution question. This implies that I did not pick up the complete scope from DHCP. This is Microsoft DHCP, using named spaces quite intensively, is it diferent from UNIX? I mean; if I am only picking up part of the DHCP info, then my DHCP client is not acting like the Microsoft one... what could be different?
in redhat-config-network, when you are editing an interface, under "DHCP settings" there is a checkbox for "automatically obtain DNS information from provider". Maybe that is what you want? Maybe the MS dhcp client does it by default? Sorry, I haven't been following this thread so maybe you've already covered this. Scott
-- Rhl-beta-list mailing list Rhl-beta-list@redhat.com http://www.redhat.com/mailman/listinfo/rhl-beta-list
On Wed, 2003-08-27 at 12:19, stephan schutter wrote:
Thank you for all your responses.
That solves the resolution question. This implies that I did not pick up the complete scope from DHCP. This is Microsoft DHCP, using named spaces quite intensively, is it diferent from UNIX? I mean; if I am only picking up part of the DHCP info, then my DHCP client is not acting like the Microsoft one... what could be different?
IIRC, DHCP does not currently define a way to provide a search list. Microsoft may have 'extended' something to make it work....
<snip>
Ed Coleman wrote:
On Wed, 2003-08-27 at 12:19, stephan schutter wrote:
Thank you for all your responses.
That solves the resolution question. This implies that I did not pick up the complete scope from DHCP. This is Microsoft DHCP, using named spaces quite intensively, is it diferent from UNIX? I mean; if I am only picking up part of the DHCP info, then my DHCP client is not acting like the Microsoft one... what could be different?
IIRC, DHCP does not currently define a way to provide a search list. Microsoft may have 'extended' something to make it work....
<snip>
-- Rhl-beta-list mailing list Rhl-beta-list@redhat.com http://www.redhat.com/mailman/listinfo/rhl-beta-list
The latest DHCP does. It is on Rawhide and will be in the next beta for Cambridge. Basically you can add a SEARCH line to your ifcfgp-eth* file. So add you were using eth0 you would edit /etc/sysconfig/network-scripts/ifcfg-eth0 and add the following line.
SEARCH "border.censored.com censored.com"
Dan
stephan schutter wrote:
configure everything. In windows it works fine, but in this version (I do not know about earlier versions) it does not work at all. I do nslookup to the same server using the same DNS server and get diferent results. eg. the DNS server (windows 2000) does not reply with the same anwer if you are redhat.
Are you certain Windows is using DNS? It has a habit of also using the domain name services (typically Wins) to do its name resolution as well.
Does the netbios cache on the Windows machine contain the machine name, try: nbtstat -c
I'm sure there used to be a command like "nmblookup" or similar to do a NetBios lookup on Windows, but I can't find it any more.
I believe that Linux will fail to find it unless you specifically add the stores.<removed> domain to resolv.conf:
search hq.<censored>.com stores.<censored>.com nameserver 10.89.17.84
That way it will try looking for burner.hq.<xx>.com & burner.stores.hq.<xx>.com
Jon
I believe that Linux will fail to find it unless you specifically add the stores.<removed> domain to resolv.conf:
search hq.<censored>.com stores.<censored>.com nameserver 10.89.17.84
That way it will try looking for burner.hq.<xx>.com & burner.stores.hq.<xx>.com
Correct. Its done this way by modern systems for security. Prior to that "interesting" things happened when people registered domains like "edu.com"