On Mon, Jun 19, 2006 at 05:05:40PM +0100, David Reynolds wrote:
On 19 Jun 2006, at 4:53 pm, chrisisbd@leary.csoft.net wrote:
We have a wierd DNS problem at work, it's almost certainly something to do with low level DNS setup and/or the firewall but we're a bit lost as to where to look.
From our Solaris boxes issuing an 'nslookup xxx.yyy.zzz' gives the
correct IP address for the domain xxx.yyy.zzz. However every application lookup of domain name xxx.yyy.zzz gives the wrong result. The wron result is always that of a domain at Network Solutions, a US name registration business.
DNS works OK from PCs on the network. So it looks like something adrift on our name lookup machine but we really cannot see what at the moment.
When an application asks for a name resolution what is the normal order of things happening?
You might want to look at /etc/resolv.conf (assuming this is the same in Solaris as it is in Linux) which will tell you what namservers your machines are trying to look domains up at. Another thing to check is /etc/nsswitch.conf which will tell you the order that sources will be tried to look up things like hosts.
I think the /etc/resolv.conf provides a clue, the 'domain' line there has a very old name for our internal domain that now resolves to a Network Solutions address which explains why we always end up there. I think we need a valid 'domain' line in resolv.conf.
dig is a very useful command, if you can install it. This will tell you where it is getting the dns answer from so you can try and track down the error that way too.
I'll try and get a Solaris 'dig', thanks for the idea.