Reverse DNS

DNS is solid. What about HostNames?

Forums: 

I'm fishing for advice from someone who's played with ActiveDirectory and Xsan before. For both our public and private (metadata) networks, all A and PTR records are rock solid for all Xsan controllers and clients. We're looking to implement ActiveDirectory on our workstations (finally), but our campus has very stringent workstation naming conventions that don't match how the workstations are already named. They recommend using the following commands on each workstation before binding to AD:

scutil --set ComputerName
scutil --set HostName
scutil --set LocalHostName

I've been searching, but I can't find anything from Apple or any other source that will tell me if this will affect Xsan in any way. My understanding is that as long as DNS on the metadata network is correct, it shouldn't matter what the computer thinks its own name is or what happens on the public network, right?

Example. Say we have an Xsan client with the following name and public/private network FQDNs (assume proper A and PTR records to match):

  • ComputerName/HostName/LocalHostName = lab-555-01
  • Public FQDN = lab-555-01.dept.school.edu
  • Private FQDN = lab-555-01.san

If I have to change the client's name to fit the new schema, but I leave its public and private DNS records as they were:

  • ComputerName/HostName/LocalHostName = DEPTWK-L555-01
  • Public FQDN = lab-555-01.dept.school.edu
  • Private FQDN = lab-555-01.san

Would Xsan still be happy? Can this be done on-the-fly? Or will I have to update the DNS to match the ComputerName?

I'm more than happy to try this on one or two clients and see how it goes, but for permissions to work correct, I'll have to do it on one of the servers as well. I guess that'll bring its own headaches, too...

Thanks for any input you can offer.

Pete

aaron's picture

Best Practice: Reverse DNS Zones

The general rule with Xsan, since version 1.1 or so, is this: DNS isn't necessary, but if you have some you had better make sure it is perfect. A few of us are beginning to suspect that DNS is, in fact, required, although in a very obscure way. It will take me several paragraphs to explain why, but let me get to the bottom line first:

Your DNS servers should include a zone for reverse lookups of your metadata (private) IP range. Ask your DNS administrator to create a reverse zone for this range, with SOA and NS records. PTR records aren't needed.

Read more to find out why.

Subscribe to RSS - Reverse DNS