DNS problems this morning - CORRECTION

lee lee at yun.yagibdah.de
Mon Nov 12 10:59:58 UTC 2012 

"Bob Goodwin - Zuni, Virginia, USA" <bobgoodwin at wildblue.net> writes:

> On 11/11/12 14:50, Reindl Harald wrote:
>> "PEERDNS=no" is your friend touch prevent touch resolv.conf
>> and NO it is NOT ok to have ANY unrelieable DNS in
>> resolv.conf becasue as explaiend you have no control which is
>> used for a request, there is no order, the diesgn is to
>> configure equal namservers and not some with different results
>>
>> [root at srv-rhsoft:~]$ cat /etc/sysconfig/network-scripts/ifcfg-eth1
>> DEVICE=eth1
>> ONBOOT=yes
>> BOOTPROTO=dhcp
>> IPV6INIT=no
>> NM_CONTROLLED=no
>> USERCTL=no
>> PEERDNS=no
>>
>    The instruction I had said to set it here and I did that earlier.
>
>        [root at box7 bobg]# cat /etc/sysconfig/network
>        NETWORKING=yes
>        HOSTNAME=box7
>        NTPSERVERARGS=iburst
>        PEERDNS=no
>
>    Now I have changed it here:
>
>            [bobg at box7 ~]$ cat /etc/sysconfig/network-scripts/ifcfg-em1
>            UUID="ef05f66e-b998-4218-9bdf-30228be529ce"
>            NM_CONTROLLED="yes"
>            BOOTPROTO="dhcp"
>            DEVICE="em1"
>            ONBOOT="yes"
>            HWADDR=00:21:9B:78:63:B1
>            TYPE=Ethernet
>            DEFROUTE=yes
>            PEERDNS=no
>            PEERROUTES=yes

As far as I could find out, PEERROUTES is obsolete.  It isn't even
mentioned in the documentation[1] anymore.  Setting PEERDNS=no /should/
prevent networkmanager from overwriting /etc/resolv.conf.


[1]: like /usr/share/doc/initscripts-9.37.1/sysconfig.txt

>            IPV4_FAILURE_FATAL=no
>            IPV6INIT=no
>            NAME="System em1-DHCP"
>
>        "and NO it is NOT ok to have ANY unrelieable DNS in
>        resolv.conf" I don't think I have any control over that. Viasat
> wont let me
>        choose a dns. If I do it is "blocked!" In the past I used
> opendns, [a paid subscription.]
>
>        Well that doesn't work, I can't send!
>
>            [bobg at box7 ~]$ cat /etc/resolv.conf
>            # Generated by NetworkManager
>
>
>            # No nameservers found; try putting DNS servers into your
>            # ifcfg files in /etc/sysconfig/network-scripts like so:
>            #
>            # DNS1=xxx.xxx.xxx.xxx
>            # DNS2=xxx.xxx.xxx.xxx
>            # DOMAIN=lab.foo.com bar.foo.com
>
>    **    Changed PEERDNS=no back to PEERDNS=yes
>
> ** and then I could send ...

This is only networkmanager overwriting your /etc/resolv.conf.  I have
had the problem until I disabled networkmanager.

It does *not* mean that you couldn't run your own name server.  It seems
to me that your name server is working ok --- at least the chaching
one.  So you only need to make sure that it is used with a resolv.conf
like this one:


,----
| # Generated by NetworkManager
| search your.domain.example.com
| nameserver 127.0.0.1
`----


If you're using a chaching name server, you might not want the "search"
option.  Fix your networkmanager setup or disable networkmanager so your
resolv.conf doesn't get overwritten, install bind, set it up and check
if it works.  Then turn off DHCP unless you really must have it and give
all the computers on your LAN their unique names and IPs.  Use only the
name servers you have set up yourself (which is probably only one) and
make all clients use those and no other ones.


-- 
Fedora 17

More information about the users mailing list