Using hosts.conf file instead of DNS...

BlackF1re's picture

Hi all.

I have an Xsan with the following settings:

Metadata controllers: Mac Os X Server 10.5.6, xsan 2.11
Apple Clients: 2x Powermac G5 10.4.11, xsan 1.4.2, 1x Mac Pro 10.5.6, xsan 2.11
Stornext Clients: 1x windows xp 32, 1x windows vista business 64, 1x linux red hat

I have serious problems with settings DNS in a place where there are already two of them. Setting my DNS on the public network caused me a lot of troubles like:
- Xsan Admin opened after 2 min i clicked on the icon, random failed authentication, random failed mount of the xsan volumes, and so on.

So, to do a workaround, can i use the hosts.conf file inside the /etc dir on clients and metadata controllers.

i've read to put the hosts.conf priority over DNS i have to edit the resolv.conf file putting this string:

order hosts, bind

is this a bad idea?

ACSA's picture

No, I've done it a couple of times when getting a DNS for the private network was more or less a political suicide... :P

But keep in mind that hosts are more maintenance intensive....

Greetings

Arnold

aaron's picture

Personally, I'd rather get DNS correct than use /etc/hosts. It is too easy to forget about those obscure files.

Besides, if you fix DNS on your network, who knows what else will begin to work?

Aaron Freimark
CEO, GroundControl

JesusAli's picture

I don't have time to index them right now, but there are a couple VERY useful threads on this forum, and articles with screen shots detailing how DNS should be set up.

An important note, you only need to setup DNS for the Metadata Controllers. They need forward and reverse lookup entries. That's all.

That's all we did in my place, and it's been working perfectly.

Each client needs to know where the MDC is. That's all. That's why you have the entries.

The clients don't need to know where other clients are. So you don't need those entries.

BlackF1re's picture

aaron wrote:
Personally, I'd rather get DNS correct than use /etc/hosts. It is too easy to forget about those obscure files.

Besides, if you fix DNS on your network, who knows what else will begin to work?/quote

The problem is the DNS is correct, with the master zone configured properly, and everything is perfect (like a lot of other San i have configured in the past), but for some obscure reasons, this time, when i press that "save" and "start DNS" buttons, weird things start to happening like i said before

That's why this time i have to try with hosts.conf and resolv.conf

Personal Website: http://gabriele-zanon.branded.me
Twitter: @GabrieleZanon83
Linkedin: https://it.linkedin.com/in/neverimpossible

JesusAli's picture

Quote:
I have serious problems with settings DNS in a place where there are already two of them./quote
[b]So are you trying to setup DNS on a 3rd machine (in addition to the 2 other DNS's you mention)?
/b
At my location, we have one outside DNS server which is provided by our backbone internet provider.
Then we have one internal DNS machine on an Apple Xserve which is bound (BIND?) to the outside server.

So when a user in our building types in a website name, it queries our internal DNS, and says, do you know where this is? And the Xserve says, no, this is an outside address, here, I'll pass along your request to the outside DNS address...

So, when we setup the Xsan at my location, we made the entries for our MDC's directly on the internal DNS, in Apple Server Admin.

At this time, and in the same interface, we also made a zone for the Private Network and put in entries for the private network for the MDCs.

[b]Is it possible that adding a 3rd machine listing DNS entries is what is causing your problems?/b

aaron's picture

The problem is the DNS is correct, with the master zone configured properly, and everything is perfect

Here's a worksheet to prove you are right. When I bold a character, substitute the result of that previous step.

  1. DNS Server A IP address: ________________
  2. DNS Server B IP address: ________________
  3. MDC-A Public IP address: ________________
  4. MDC-A Private IP address: ________________
  5. MDC-B Public IP address: ________________
  6. MDC-B Private IP address: ________________

 

  1. Contents of DNS in MDC-A's Public Interface in Network Pref Pane: ______________________ (should match A & B with nothing more)
  2. Contents of DNS in MDC-B's Public Interface in Network Pref Pane: ______________________ (should match A & B with nothing more)
  3. Result of dig +short @A -x C: ______________________
  4. Result of dig +short @A -x D: ______________________
  5. Result of dig +short @A -x E: ______________________
  6. Result of dig +short @A -x F: ______________________
  7. Result of dig +short @B -x C: ______________________ (should match 3)
  8. Result of dig +short @B -x D ______________________ (should match 4)
  9. Result of dig +short @B -x E: ______________________ (should match 5)
  10. Result of dig +short @B -x F: ______________________ (should match 6)
  11. Result of dig +short @A 3: ______________________ (should match C)
  12. Result of dig +short @A 4: ______________________ (should match D)
  13. Result of dig +short @A 5: ______________________ (should match E)
  14. Result of dig +short @A 6: ______________________ (should match F)
  15. Result of dig +short @B 3: ______________________ (should match C)
  16. Result of dig +short @B 4: ______________________ (should match D)
  17. Result of dig +short @B 5: ______________________ (should match E)
  18. Result of dig +short @B 6: ______________________ (should match F)

Aaron Freimark
CEO, GroundControl

BlackF1re's picture

Really nice worksheet.

I'll try to explain in details.
At first, we decided to keep separate the Xsan network from the pre-existing network.

Previous cfg:

DNS Server A IP address: 192.168.40.10
DNS Server B IP address: 192.168.40.11
MDC-A Public IP address: 192.168.0.56
MDC-A Private IP address: 10.0.10.56
MDC-B Public IP address: 192.168.0.57
MDC-B Private IP address: 10.0.10.57

DNS on public ethernet of both mdc were 0.56 and 0.57 after started a DNS service with their own master zone and had the problems i've reported it (the networks were physically separated from the 40.x and their own dns)

Then i've recreated the San using the existing DNS:

New cfg after re-cabled

DNS Server A IP address: 192.168.40.10
DNS Server B IP address: 192.168.40.11
MDC-A Public IP address: 192.168.40.56
MDC-A Private IP address: 10.0.10.56
MDC-B Public IP address: 192.168.40.57
MDC-B Private IP address: 10.0.10.57

DNS on public ethernet of both mdc are 40.10 and 40.11

Added the ip addresses of the mdc 1 and 2 on the DNS Computer with the properly name to resolve. For now it's working but it's a lot slow mounting xsan volumes on the clients (about a minute), but i don't know if in this case, the problem is on the DNS of the customer.

Next week, on thursday, i'll be on this xsan again, and i'll test the "dig +short" and post the results

Sry for my english (i'm italian)

Thx a lot to all of you.
I'll keep you up to date.

Personal Website: http://gabriele-zanon.branded.me
Twitter: @GabrieleZanon83
Linkedin: https://it.linkedin.com/in/neverimpossible

JesusAli's picture

Sounds good!

Some ideas about locking this down completely:

• Did you also add REVERSE Zones in the Leopard Server DNS service pane?
Sometimes they are added automatically when you make an entry, sometimes they are not.

• Review this thread and the threads it links to:
http://www.xsanity.com/forum/viewtopic.php?t=2923

But also review this thread, but especially this comment:
http://www.xsanity.com/forum/viewtopic.php?p=3331#3331

Here, MattG (who literally wrote the book on Xsan) points out the importance of adding reverse zones for the MDC's.

Good luck, let us know if you can get rid of the Volume Mounting lag.

JesusAli's picture

BlackF1re's picture

For the first question: i've checked and yes, the reverse zone was added automatically.

Thx a lot for the links. I'll read a lot this weekend.

Personal Website: http://gabriele-zanon.branded.me
Twitter: @GabrieleZanon83
Linkedin: https://it.linkedin.com/in/neverimpossible

JesusAli's picture

Hello Aaron, Great Worksheet!
Things have been working well for our Xsan, but I am a nerd and wanted to test out your Worksheet anyway.

[b]And now I have a question.
Why do would a network [i]usually/i have TWO addresses for DNS?/b

Here at my school, we used to have 1 DNS address, but now we have 2 DNS addresses.
The 1st is the internal Apple Xserve DNS server (172.x.x.x), the 2nd belongs to our backbone Internet provider (210.x.x.x on the outside internet). When you setup a station with DHCP, both addresses automatically populate the DNS field (in gray), separated by a comma.

When I run your worksheet, I get NO RESPONSES from anything sent to the 2nd DNS address (outside internet). The Terminal Prompt just automatically reloads, waiting for another command. Nothing times out or processes at all. I tried ping on the address and it DOES produce a response, so my MDC's can see it.

[b]So I was just wondering if my location was rare, in that it has an outside internet address as the 2nd DNS address. Since your worksheet tells me to expect a response to that address.

At other locations, what else would/could that 2nd address be (for)?/b

BlackF1re's picture

Tested Xsan using hosts.conf

IT WORKS !!!

Of course is more intensive as maintenance, but it works.

Just remember two important things:

Into the file hosts.conf insert both name and primary DNS name of yours MDC

example of an hosts.conf file:

192.168.40.56 md1
192.168.40.56 md1.xsan.com
192.168.40.57 md2
192.168.40.57 md2.xsan.com
10.0.10.56 md1
10.0.10.56 md1.xsan.com
10.0.10.57 md2
10.0.10.57 md2.xsan.com

192.168.40.58 client1
10.0.10.58 client1
192.168.40.59 client2
10.0.10.59 client2

This is important to set into the hosts.conf files of yours MDC, but if you want to make things complete, put all data into the clients too.

Second thing: write "order hosts,bind" above all, into the resolv.conf file to make hosts.conf file priority over DNS service

both files are into /etc folder

Xsan is now working perfectly without delay mounting volume..... and without any DNS service activated on MDCs

Personal Website: http://gabriele-zanon.branded.me
Twitter: @GabrieleZanon83
Linkedin: https://it.linkedin.com/in/neverimpossible

aaron's picture

JesusAli wrote:
Why do would a network usually have TWO addresses for DNS? /quote

As should be obvious from Xsanity, DNS is a critical service. Any critical service should have some redundancy. Therefore: two DNS servers to back one another up.

This isn't what you have, JesusAli. You have two DNS servers that provide different information, at least in some cases. That's not redundant. And you can't tell the Mac to use one DNS server for some queries and the other for other queries. So queries about the Xsan will sometimes go to the ISP's DNS, which won't have a clue. This will probably cause problems on your Xsan.

Aaron Freimark
CEO, GroundControl

uroshnor's picture

That is nature's way of telling you that you did not configure your DNS server correctly ....