LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-14-2015, 03:12 AM   #1
depam
Member
 
Registered: Sep 2005
Posts: 861

Rep: Reputation: 30
Identify which DNS server being used


I realized that when we try to telnet a domain which has multiple hosts on them (round robin), it always give me a specific IP. As opposed to using ping and nslookup. Does anyone know why is this case? Does it cache it somewhere?
 
Old 01-14-2015, 03:40 AM   #2
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,912

Rep: Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513
Actually, it returns the entire list - but the list itself is rotated.

telnet only uses the first entry.

As for ping, it doesn't do any different.

You can be using a cache only name server locally, which should provide whatever it has in its cache. If you are using bind then it will rotate as well, but it isn't mandatory that such a server has to, and I believe bind can be configured to turn off rotation (I haven't kept up with bind since I stopped being an admin)

As to which DNS server is being used, check the /etc/resolv.conf file at the time. If you are using DHCP, then the values shown may change... So check at the time you have a question.

One last thing - nslookup/dig/ whatever actually don't use the /etc/nsswitch.conf - they are designated to check DNS, so they don't use gethostbyname library function. They use the DNS library directly which is bypassing the nsswitch.conf file.

Last edited by jpollard; 01-14-2015 at 03:44 AM.
 
Old 01-14-2015, 05:04 PM   #3
depam
Member
 
Registered: Sep 2005
Posts: 861

Original Poster
Rep: Reputation: 30
Thanks for the response. I was wondering if there is a way to get that list that is showing that the IP we see is the first. Since nslookup and dig even oung gives us different IP each time.
 
Old 01-14-2015, 07:14 PM   #4
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,636

Rep: Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652
you really should be using ssh

telnet is INSECURE

all and every login credential is in plain text that EVERY one on the net could read
 
Old 01-14-2015, 08:21 PM   #5
depam
Member
 
Registered: Sep 2005
Posts: 861

Original Poster
Rep: Reputation: 30
Thanks. I understand that. I am just using the tool for the purpose of checking what server the client hits when it tries to resolve a round-robin'd server. Apparently, its connecting only to one host from the multiple servers specified on that specific domain. Just want to pin-down how these tools get only that specific IP.
 
Old 01-15-2015, 06:07 AM   #6
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,912

Rep: Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513Reputation: 1513
The intent with the list of IP numbers is that if the application fails with the first one, it then tries the second, followed by the third...

But most programmers have been lazy and not tested anything but the first.

The network is inherently failure prone - which is why the simple load balancing by rotating the numbers is done. At a minimum, each separate connection (from different systems that is) will get a different IP number as the first try. If it works, fine - the load has been spread.

If it fails, then the application should try the next.

It is just old history that only the first is tried - and that goes back to before DNS existed. Network connections were expensive (up to $50,000 US in the very earliest days) so there was at most only one network interface. Host names were distributed as single files to be put in the /etc/host file. That only worked until the list passed around 5,000 to 10,000 hosts. And could not be kept up with (network connection costs dropped tremendously by then as well).

DNS was a way to permit access to a distributed database of hosts. At which time a single server host would tend to get overloaded with connections, and servers needed to spread the load among multiple interfaces... and multiple hosts. DNS provided that... then to help the balancing with those applications that only tried the first, rotation was added. (This is a VERY rough history).

The original killer applications were mail, ftp, and, telnet. Though mail and ftp were the heavy hitters, all three historically only try the first IP number in a list... and only supported use of UDP for the DNS messasges. TCP is now supported - especially for those "host" names supporting clusters. I have seen as many 120 IP numbers for a givin host (no, it didn't work correctly for many applications... the reverse lookup would fail due to the list of IP numbers being longer than what would fit within a UDP packet - which was limited to about 35 to 40 IP numbers).

One problem pointed out to me with telent - you can't easily modify it to try multiple IP numbers due to the protocol design used in creating a telent connection. This is not related to TCP protocol - this is an application protocol used to maintain interactivity with the user, and the remote host, and is a bit overcomplex - but one of the first, if not THE first, ever created.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Claws email DNS error 451 Could not identify sender- DNS error 10060 sunny51 Linux - Newbie 2 08-13-2009 08:40 PM
how to configure another dns server to combine use with primary current dns server. hocheetiong Linux - Newbie 1 05-29-2008 06:57 PM
LXer: Find out DNS Server Version With DNS Server Fingerprinting Tool LXer Syndicated Linux News 0 12-21-2007 05:30 PM
LXer: Find out DNS Server Version With DNS Server Fingeprinting Tool LXer Syndicated Linux News 0 12-21-2007 04:50 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:34 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration