Need help debugging either a network or a sendmail problem.
Ben Scott
dragonhawk at gmail.com
Sun Feb 19 21:51:02 EST 2006
On 2/19/06, Steven W. Orr <steveo at syslang.net> wrote:
> I made the change you suggested below to the hosts file.
[output from "hostname" commands cut]
Okay, all of those look good. Did any of those "hostname" commands
include a 30 second pause?
> [root at saturn etc]# host saturn.syslang.net
> saturn.syslang.net has address 207.172.210.41
This is part of your problem. You've got multiple namespaces going
on. That is to say, "saturn.syslang.net" is associated with a
different IP address depending on what side of the NAT you are on.
This is sometimes called "split brain DNS". Such configurations are
well-documented and entirely supportable. Some people recommend them.
I am not one of those people.
My preference is to have names be unique and unambiguous everywhere.
I usually accomplish this by using different domain names for
different addresses, and pointing /etc/resolv.conf appropriately.
For example, to use your situation: I would configure a private,
undelegated subdomain named something like "inside.syslang.net". The
"private, undelegated" part means that the public "syslang.net" domain
(hosted at ZoneEdit) would not have any information on the subdomain.
Anyone outside your private network (NAT) would not be aware of the
subdomain. "saturn.inside.syslang.net" would equate to 192.168.0.101,
and "saturn.syslang.net" would equate to 207.172.210.41.
Inside your private network, you would configure things such that
all the computers know about the private subdomain. That can be done
using /etc/hosts and friends, or by running a private DNS zone, or
both. Which to do depends largely on the size of the private network
and your specific needs.
To run a private DNS zone, you configure a nameserver to (1) provide
recursive DNS for the private network, and (2) claim authority for the
subdomain. Then you point all private network nodes at the
nameserver, and only that nameserver. Since that nameserver becomes
the only source of DNS information, all private network nodes will
always get the proper answers
How many nodes (computers, routers, etc.) are on your private network?
> [root at saturn etc]# host saturn
> Host saturn not found: 3(NXDOMAIN)
The above indicates your short hostname is not resolvable via DNS.
That may or may not cause problems.
In theory, if your /etc/hosts and /etc/nsswitch.conf files are
properly configured, your /etc/hosts entries will provide all the
needed info, and will override the DNS records that do not correspond
to your private LAN.
In practice, some things purposely ignore /etc/hosts no matter what
you do, and getting consistent and proper answers from DNS becomes a
requirement. In particular, while I'm not overly familar with the
Perl modules in question, "Net::Domain" implies we're talking DNS
exclusively, and not the nix gethostbyname(3) and gethostbyaddr(3)
library calls.
> [root at saturn etc]# host 192.168.0.101
> Host 101.0.168.192.in-addr.arpa not found: 3(NXDOMAIN)
The above indicates your private IP address is not resolvable via
DNS. See above about name resolution.
> One more thing: I get my resolv.conf from rcn via their dhcp server.
This is probably going to cause you pain no matter what. You are
trying to operate as part of your own domain (syslang.net), while
RCN's DHCP servers are doubtless telling your machine it is part of
"rcn.net" or something. I'd suggest telling your DHCP client *not* to
overwrite /etc/resolv.conf and configure resolv.conf manually. If
you're worried about DNS availability, configure your own local
caching resolver (optionally forwarding to RCN nameservers).
-- Ben
More information about the gnhlug-discuss
mailing list