Secondary nameserver resolv.conf not queried

hansaplazt · 12-07-2010, 10:33 AM

I'm trying to query the second nameserver on a local network to resolve local domain names to IP's.

Code:

$ ping ids.mydomain.loc
ping: unknown host mydomain.loc

However, querying the name server directly works:

Code:

$ nslookup hostname 10.0.0.53
Server:         10.0.0.53
Address:        10.0.0.53#53

Name:   hostname.mydomain.loc
Address: 10.0.0.116

Here's /etc/resolv.conf

Code:

nameserver 123.123.123.123
nameserver 10.0.0.53
search ispdomain.com mydomain.loc

Analysing with 'dig' shows that only the first nameserver is queried. Why is this and how can I resolve it?
I'm using CentOS release 5.4.

Thanks

bathory · 12-07-2010, 11:26 AM

This is how the resolver works. It asks the 1st nameserver in /etc/resolv.conf and if it's not responding it asks the 2nd one.
In your case the 1st (I guess it's a public dns) knows nothing about your domain, so it answers with "host unknown" and the 2nd is never queried.
You can exchange the order (or remove the 1st one) to make it work

Regards

hansaplazt · 12-07-2010, 05:55 PM

Makes sense. Thanks.

Btw. Is there a (config) option to query the secondary dns when the first answers with "host unknown"?
The 10.0.0.53 ns is on a vpn and I don't want all name lookups broadcasting on the vpn. That link is slower than the isp's.

bathory · 12-08-2010, 12:25 AM

Hi,

I'm afraid there is no such option.
You can use the hosts file in every host of your network to bypass queries for your domain, but for a large network it's a pain to keep it updated.

Regards

hansaplazt · 12-08-2010, 03:41 AM

Hmmm

Twould be convenient to have such an option.

How about a local DNS slave? Is it possible that a slave defines its own forward servers?

bathory · 12-08-2010, 04:09 AM

It can be done.
You can setup a name server as a slave for one or more domains and forwarding for the rest.
But as I've already told you, you can put 10.0.0.53 first in /etc/resolv.conf. This way it can resolve your domain and query upstream name servers for the rest

hansaplazt · 12-08-2010, 04:41 AM

Quote:

Originally Posted by bathory

But as I've already told you, you can put 10.0.0.53 first in /etc/resolv.conf. This way it can resolve your domain and query upstream name servers for the rest

The problem with this set-up is that 10.0.0.53 queries the upstream name servers.
As I've told, 10.0.0.53 resides on a slow network link. Therefore (upstream name server) lookups are slow. I'd rather query upstream name servers via the ISP link which is much faster.