Fucking w/ TinyDNS

Getting the serial number/change date for a domain on an authoritative server.

nameserver:/root # tinydns-get soa domain.com
6 domain.com:
193 bytes, 1+1+3+3 records, response, authoritative, noerror
query: 6 domain.com
answer: domain.com 60 SOA ns1.domain.com domain.com 2012043001 10800 3600 604800 3600
authority: domain.com 60 NS ns1.domain.com
authority: domain.com 60 NS ns2.domain.com
authority: domain.com 60 NS ns3.domain.com
<SNIP>

Hits: 133

Solaris 10 DNS Oops! WTF?! Oh Yeah!

When building Solaris 10 servers in bulk.. That is 1 or more at a time. I usually don’t enable any sort of name resolution until later.

That’s the problem. When later rolls around, I’ve forgotten that I hadn’t enabled anything.

This would be fine and dandy if nslookup or host would let me know that my /etc/nsswitch.conf is only looking at files. It ignores that and goes strictly with what is in /etc/resolv.conf seemingly. So if that’s broke or incorrect it will, at least, tell you that.

Anyway, the system I have come up with to quickly check if nsswitch.conf is setup for DNS is to ssh to a know hostname. If this fails, it usually means you need to copy nsswitch.dns over nsswitch.conf.

Another gotcha that gets me.

Hits: 20

Bind9: Master Only

Configuration for a master only DNS server.

1. WILL NOT answer queries
2. WILL NOT forward queries
3. WILL NOT perform recursion
4. WILL allow transfers from specified slaves

Zone and configuration files are backed up disk to disk via rsync.

Single point editing of our name space.

Single point of failure. If server is lost, updates to DNS cannot be made until another master is brought online.

options {
directory “/etc”;
pid-file “/var/run/named.pid”;
version “Windows 3.11”;
allow-query {“none”; };
allow-recursion {“none”; };
notify yes;
also-notify {
IPn.IPn.IPn.IPn;
};
allow-transfer {
IPn.IPn.IPn.IPn;
};
};

zone “my.hosts.net” {
type master;
file “/etc/my.hosts.net”;
};

Hits: 51