3 Replies Latest reply on Jan 2, 2014 5:02 AM by bornheim

    DNS vs. DHCP

    bornheim

      Hi,

       

      I'm evaluating cluster configuration. The second node has its external interface located in a test network with a dialup router acting as DHCP server.

       

      My DNS configuration:

      [x] Enable conditional forwarding

      Default resolvers: 8.8.8.8,8.8.4.4

      Conditional Forwarder list:

      1.) internal.domain: 10.1.2.3,10.4.5.6

      2.) 10.in-addr.arpa: 10.1.2.3,10.4.5.6

       

      Authentication is done with LDAP against ldap://ad1.internal.domain

       

      Normally this works great (in environments with static IP adresses). Now the external interface with DHCP enters the game. I found authentication to be not working. Using tcpdump I found that MWG ist trying to resolve ad1.internal.domain against 8.8.8.8, which fails for obvious reasons.

       

      I think I found the reason for this.

       

      A standard /etc/resolv.conf looks like this:

      ------------------------------------------

      ### BEGIN AUTOGENERATED CONFIG

      nameserver      127.0.0.1

      ### END AUTOGENERATED CONFIG

      ------------------------------------------

      Conditional forwarding then is configured in /var/named/chroot/etc/named.conf.mwg.

      ------------------------------------------

      view "default" IN {

              max-cache-ttl 604800;

              max-ncache-ttl 10800;

       

              zone  "." IN  {

                      type forward;

                      forwarders {8.8.8.8;8.8.4.4;};

                      forward only;

              };

      zone  "internal.domain" IN  {

              type forward;

              forwarders {10.1.2.3;10.4.5.6;};

              forward only;

      };

      zone  "10.in-addr.arpa" IN  {

              type forward;

              forwarders {10.1.2.3;10.4.5.6;};

              forward only;

      };

      };

      ------------------------------------------


      In a DHCP environment /etc/resolv.conf changes to this:

       

      -------------------------------------------

      ### BEGIN AUTOGENERATED CONFIG

      nameserver 8.8.8.8

      nameserver 8.8.4.4

      nameserver <IP address of my dialup router>

      ### END AUTOGENERATED CONFIG

      -------------------------------------------

       

      Workaround obviously is to configure a static address. Not instantly, but a reboot did the trick.

       

      This workaround might be impossible for others. May I consider this a bug? If yes: do you expect me to open a case?

       

      Kind regards,

      Robert