Actualité Internet et DNS

Articles récents

Can DNS respond to a query different depending on which network the client is on?

As an example, I have a DNS server that is on 10.0.1.10 . I have two networks: 10.0.1.1/24 , 10.0.2.1/24, and clients on each network. I have a client (foo.bar.com) which has interfaces on each of these networks: 10.0.1.5 and 10.0.2.5. My DNS server is accessible from all clients on all of my networks.

Is there a term, feature, hack, etc, that would allow this DNS server to respond to queries and give out network specific information? For instance, can a client on 10.0.1.1/24 network ask for foo.bar.com and get a response for 10.0.1.5, and a client on 10.0.2.1/24 ask the same query and get a response for 10.0.2.5? I want clients on each network to always get to foo.bar.com using the interface that foo.bar.com has on that respective network. I am hoping that host-files on clients isn’t the only approach for this…pleease not host files.

submitted by nebbbben
[link] [4 comments]

Powered by WPeMatico

DNS failing for Domain

Hey r/DNS I’m a new sysadmin for a small business and I’ve encountered what I believe to be a strange DNS issue.

Individual clients are unable to correctly resolve host names for servers inside our domain. This issue is intermittent and will only affect a single machine at a time, and I am unable to find any common link between affected machines. It has affected machines in different physical locations, different OS’s (win 7 and 8) and various levels of patching (fresh image to fully patched version of windows). It has affected at some point 70% of the machines on our network, often affecting the same machine multiple times. Frequency is approximately 1 per day across a total of 100 connected machines.

On an affected machine we can still able to ping the IP address directly and NSLOOKUP will correctly return the address. On an individual machine level I can release and renew IP address which resolves the issue. Flushing DNS does not. Affected machines never have issues resolving host names outside of our domain. As I understand NSLOOKUP will bypass the windows DNS client which makes me think the local DNS has been poisoned somehow, but I do not understand what causes this and how to permanently resolve?

Any help or direction you guys could point me in would be much appreciated!

submitted by PStyleZ
[link] [comment]

Powered by WPeMatico

Locally Hosted DNS server?

I’m attempting to create my own server, the goal was to make mini version of a professional platform (minus all the security enhancements) all i have left to do is host my own DNS but I’m having trouble finding any free DNS program that works. I tried Bind but that required an account and subscription which i don’t want to bother with. Like i mentioned, this was meant to be a self-sustaining server with no need for domain hosting services. MaraDNS/Deadwood seemed promising but there were run-time errors and unfortunately couldn’t get it running. The first attempt at making an accessible site was made with PolarWebSrv but I had some problems with it, but it had the most potential for all-in-one hosting. Anyone else know of a way to host your own DNS server?

submitted by whatever_isnt_taken
[link] [4 comments]

Powered by WPeMatico

DMARC records

I’ve been working on optimizing the outgoing mail from my virtual server. This server has several virtual domains which send and receive mail as well. I’ve been using the mail-tester.com service to check configurations, and I seem to be able to get 9 or 10 out of 10 on all my sites. However, there’s a warning that comes up about the DMARC record. The mail-tester advice is:

You do not have a DMARC record A DMARC policy allows a sender to indicate that their emails are protected by SPF and/or DKIM, and give instruction if neither of those authentication methods passes. Please be sure you have a DKIM and SPF set before using DMARC. You do not have a DMARC record, please add the following one to your domain _dmarc.lists.example.net

v=DMARC1; p=none

and my bind entry is:

_dmarc.lists.example.net. IN TXT « v=DMARC1;p=none »

Finally, a dmarcian.com inspection does show a record matching what I put in bind. Does this look correct, or is there some nuance that I’m missing and mail-tester.com isn’t explaining in a way that I see? Thanks!

Edit: To remove the obvious noob mistake question…no my bind entry does not actually say example.net, it’s the actual name of the server used in the Errors-To, Sender, and Return-Path headers in the emails.

submitted by TheRealBeakerboy
[link] [comment]

Powered by WPeMatico