DNS server (BIND) VPS requirements.
I am looking into renting a VPS (or 2) and I have actually found some pretty good deals.
I can save a good bit of money per yer if I sacrifice storage space.
My question is, does anyone have a DNS server that they can check out or possibly know off hand about how much disk space it is actually using?
I know that a DNS server doesn't use a ton of resources, but I am just trying to get a general idea.
Thanks in advance,
Daniel
I did end up getting a vps for this, with 1gb of disk space. Using for just a resolving dns it is plenty.
I am just concerned if i wanted to do a caching dns server, that the space might add up quickly.
Similar Messages
-
Need a suggestion for a DNS server (BIND etc...)
I am a student in college. I got a little job to help improve the internal DNS management in the college.
Right now they use BIND with nothing else. They edit the zone files by hand. Since the network is quite large, it's sometimes hard to maintain these files.
There are three possibilities:
1) use webmin.
2) use DLZ (still BIND, but uses a database backend)
3) use another DNS server software.
I would really appreciate your advice about:
1) lets assume webmin doesn't support a particular record of the DNS, and I update it manually via directly editing the files, will it interfere with webmin?
2) did you try DLZ? I don't know if it worth the work. Does it noticeably change the performance? Is there a decent GUI for editing the records when using a database?
3) I've heard many good things about PowerDNS. Is it really the best DNS server around? What GUI options does it have? Do you want to recommend another solution?
Thank you!dnsmasq is hands down the easiest DNS (and DHCP!) solution if it works for your network setup. If you let it handle both DHCP and DNS it will dynamically add DHCP client host names to the DNS so you can look up local DHCP clients by DNS.
I am by no means a DNS expert, but dnsmasq just makes it all so easy. -
DNS Server binding wrong ip address
The DFS Replication service failed to contact domain controller to access configuration information
Can you share some details?
If this answers your question please mark as answer. If this post is helpful, please vote as helpful by clicking the upward arrow mark next to my reply. -
DNS requests from Solaris 10 box to Bind/MySQL DNS server fail
We have some servers running solaris 9 and some running solaris 10. We also have a DNS server setup running BIND with the MySQL backend. When I query the DNS server from our solaris 9 boxes, they always work just fine. However, when I query the DNS server from our solaris 10 boxes, they always fail. Queries to other DNS servers from the Solaris 10 boxes work just fine - they only fail when being sent to this particular DNS server. Here's exactly what I'm doing:
ON SOLARIS 9 BOX:
bash-3.00$ nslookup google.com calo-sunset
Server: calo-sunset
Address: <IP_OF_DNS_SERVER>#53
Non-authoritative answer:
Name: google.com
Address: 64.233.187.99
Name: google.com
Address: 72.14.207.99
Name: google.com
Address: 209.85.171.99
ON SOLARIS 10 BOX:
bash-2.05$ nslookup google.com calo-sunset
*** Can't find server name for address <IP_OF_DNS_SERVER>: Non-existent host/domain
*** Default servers are not available
In the case of the SOLARIS 10 box, <IP_OF_DNS_SERVER> is correct - it knows the IP address of the DNS server, but apparently it doesn't recognize that it's actually a DNS server.
I am utterly perplexed by this. It seems to me that a DNS request is a DNS request, regardless of your OS. Clearly something is different from Solaris 9 to Solaris 10 though because the requests fail on all of our solaris 10 boxes, and they succeed on all of our Solaris 9 boxes. Incidentally, dig requests from the Solaris 10 box also fail, where they succeed on the Solaris 9 boxes.
I don't really know what other information I could offer that might be useful. If you have any information at all about this or ideas on what I might try to troubleshoot/fix it, I'd love to hear it. Thanks in advance.First off, I am an idiot. I got this entire post backwards. The fact is that the DNS requests work swimmingly well on our Solaris 10 boxes. They fail on our Solaris 9 boxes. I don't know how I managed to read this post all of these times and not notice that I got that backwards. Nice.
In any case, I've found the problem. It was non-trivial to me because I am not terribly familiar with the inner-workings of DNS. To those who are, it may seem painfully obvious. To me it certainly was not.
The problem was that the DNS server (BIND 9 with MySQL backend) did not contain a reverse DNS entry for itself. Apparently this is a big problem for Solaris 9. I got a hint that this might be the cause when I turned on verbose debugging info when I ran nslookup (nslookup -d2). I had to add the PTR record for the DNS server itself. I don't know why Solaris 9 would require that a DNS server contain reverse DNS information about itself, but sure enough it does. As soon as I added that info, the Solaris 9 boxes were able to successfully query the DNS server. Very odd.
Anyway, I doubt anyone else will come across this problem, but if you do, now you know something that might fix it.
Edited by: dprater on Oct 7, 2008 8:09 PM -
Can't connect to mail server - DNS Server settings?
Hello:
Let me preface this question by saying that computer networking is not my strong suit.
Last week I moved our web hosting from our ISP to Lunarpages; our domain is marshall-arts.net. I set up some POP email accounts on our new mail servers and was able to successfully send and receive email wirelessly using our G4 ibook. However, none of our networked desktop systems could connect to our new mail server, although they could connect to our ISP's mail server; they also have no problem connecting to the web. The mail server and user names were identical between the desktop systems and the ibook. But upon closer examination of the TCP/IP settings of the ibook I found that the ibook had 209.253.113.10 entered into the DNS Servers (optional) field. That field was blank in the desktop systems. Once I entered that address into the DNS Servers field on the desktop systems they had no problem connecting to our Lunarpages mail servers.
Here's our setup, as best as I can describe it:
We have an AirPort Extreme connected to our DSL router. It's connected via ethernet, configured manually with a static IP, router and DNS server addresses provided by our ISP. It's set to distribute IP addresses with the AirPort client computers sharing a single IP address using DHCP and NAT (10.0.1.1. addressing). It's connected via ethernet to a Linksys gigabit ethernet switch to which we have connected three desktop Macs running OS 10.3.x and 10.4.x.
The TCP/IP of the three desktop systems and the ibook are configured Using DHCP.
As I wrote above, only the ibook had an address entered into the DNS Servers field, 209.253.113.10. This doesn't correspond to anything our ISP provided (those addresses are entered in the AirPort Extreme.) I have no idea where it came from.
So I have two questions:
Would that address have been generated automatically while setting up the AirPort connection on the ibook?
Why would that supposedly optional DNS Server address be required for me to connect to our new mail servers (but not our old ISP mail servers)?
Thank you.
Shawn Marshall
Marshall Arts Motion Graphics
Dual 2.5 Ghz G5 Mac OS X (10.4.7)
Dual 2.5 Ghz G5 Mac OS X (10.4.7)Hello:
Let me preface this question by saying that computer networking is not my strong suit.
Last week I moved our web hosting from our ISP to Lunarpages; our domain is marshall-arts.net. I set up some POP email accounts on our new mail servers and was able to successfully send and receive email wirelessly using our G4 ibook. However, none of our networked desktop systems could connect to our new mail server, although they could connect to our ISP's mail server; they also have no problem connecting to the web. The mail server and user names were identical between the desktop systems and the ibook. But upon closer examination of the TCP/IP settings of the ibook I found that the ibook had 209.253.113.10 entered into the DNS Servers (optional) field. That field was blank in the desktop systems. Once I entered that address into the DNS Servers field on the desktop systems they had no problem connecting to our Lunarpages mail servers.
Here's our setup, as best as I can describe it:
We have an AirPort Extreme connected to our DSL router. It's connected via ethernet, configured manually with a static IP, router and DNS server addresses provided by our ISP. It's set to distribute IP addresses with the AirPort client computers sharing a single IP address using DHCP and NAT (10.0.1.1. addressing). It's connected via ethernet to a Linksys gigabit ethernet switch to which we have connected three desktop Macs running OS 10.3.x and 10.4.x.
The TCP/IP of the three desktop systems and the ibook are configured Using DHCP.
As I wrote above, only the ibook had an address entered into the DNS Servers field, 209.253.113.10. This doesn't correspond to anything our ISP provided (those addresses are entered in the AirPort Extreme.) I have no idea where it came from.
So I have two questions:
Would that address have been generated automatically while setting up the AirPort connection on the ibook?
Why would that supposedly optional DNS Server address be required for me to connect to our new mail servers (but not our old ISP mail servers)?
Thank you.
Shawn Marshall
Marshall Arts Motion Graphics
Dual 2.5 Ghz G5 Mac OS X (10.4.7)
Dual 2.5 Ghz G5 Mac OS X (10.4.7) -
Bind 9 DNS Server chroot cannot work on Solaris 10 u6 and u7
My Old verion "Solaris 10 x86 Generic_Patch_118844-30" can be run "Bind 9 DNS Server" in chroot mode.
And this is no any problem.
I have been try to use "Bind 9 DNS Server" in Solairs 10 x86 u6 or u7.
The result is not any problem.
But when I turn it run in the chroot mode. the "Bind 9 DNS Server" cannot run.
I have been manuelly run the named:-
/usr/sbin/named -c /etc/named.conf -t /chroot/dns -u named -f -g
The respond is :-
13-May-2009 02:17:46.623 starting BIND 9.3.6-P1 -c /etc/named.conf -t /chroot/dns -u named -f -g
13-May-2009 02:17:46.624 found 1 CPU, using 1 worker thread
13-May-2009 02:17:46.627 socket.c:3259: unexpected error:
13-May-2009 02:17:46.627 open(/dev/poll) failed: No such file or directory
13-May-2009 02:17:46.628 ./main.c:495: unexpected error:
13-May-2009 02:17:46.628 isc_socketmgr_create() failed: file not found
13-May-2009 02:17:46.629 create_managers() failed: unexpected error
13-May-2009 02:17:46.629 exiting (due to early fatal error)
Look like the bind 9 runing in the chroot mode after that cannot find /dev/poll
Even I use Bind 9 version 9.6.0, the result is same.
So, I don't sure the problem are the Bind 9 or Solaris 10 u6/u7
I try to continous install New verion Bind 9 in my old version Solaris 10.
THE Result is NO ANY PROBLEM in old version Solaris 10.
And I already bypass the SMF problem.
Anyone can tell me what the problem in solaris 10 u6/u7?Looks like something reported similar bug:
[BIND fails to start|http://bugs.opensolaris.org/view_bug.do%3Bjsessionid=376e1152f0ddc75829ed1725542e?bug_id=6799867]
but I am somewhat puzzled why there is no follow up on the bug fixing.
Ok, I found the source (may be?):
From named:
http://src.opensolaris.org/source/xref/sfw/usr/src/cmd/bind/bind-9.3.6-P1/bin/named/main.c
462 static isc_result_t
463 create_managers(void) {
464 isc_result_t result;
465 unsigned int socks;
466
467 #ifdef ISC_PLATFORM_USETHREADS
468 if (ns_g_cpus == 0)
469 ns_g_cpus = ns_g_cpus_detected;
470 isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER,
471 ISC_LOG_INFO, "found %u CPU%s, using %u worker thread%s",
472 ns_g_cpus_detected, ns_g_cpus_detected == 1 ? "" : "s",
473 ns_g_cpus, ns_g_cpus == 1 ? "" : "s");
474 #else
475 ns_g_cpus = 1;
476 #endif
477 result = isc_taskmgr_create(ns_g_mctx, ns_g_cpus, 0, &ns_g_taskmgr);
478 if (result != ISC_R_SUCCESS) {
479 UNEXPECTED_ERROR(__FILE__, __LINE__,
480 "isc_taskmgr_create() failed: %s",
481 isc_result_totext(result));
482 return (ISC_R_UNEXPECTED);
483 }
484
485 result = isc_timermgr_create(ns_g_mctx, &ns_g_timermgr);
486 if (result != ISC_R_SUCCESS) {
487 UNEXPECTED_ERROR(__FILE__, __LINE__,
488 "isc_timermgr_create() failed: %s",
489 isc_result_totext(result));
490 return (ISC_R_UNEXPECTED);
491 }
492
493 result = isc_socketmgr_create2(ns_g_mctx, &ns_g_socketmgr, maxsocks);===========================> here. (notice the error message and the actual function called are not the same).
494 if (result != ISC_R_SUCCESS) {
495 UNEXPECTED_ERROR(__FILE__, __LINE__,
496 "isc_socketmgr_create() failed: %s",
497 isc_result_totext(result));
498 return (ISC_R_UNEXPECTED);
499 }
500 result = isc_socketmgr_getmaxsockets(ns_g_socketmgr, &socks);
501 if (result == ISC_R_SUCCESS) {
502 isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
503 NS_LOGMODULE_SERVER,
504 ISC_LOG_INFO, "using up to %u sockets", socks);
505 }
506
507 result = isc_entropy_create(ns_g_mctx, &ns_g_entropy);
508 if (result != ISC_R_SUCCESS) {
509 UNEXPECTED_ERROR(__FILE__, __LINE__,
510 "isc_entropy_create() failed: %s",
511 isc_result_totext(result));
512 return (ISC_R_UNEXPECTED);
513 }
514
515 result = isc_hash_create(ns_g_mctx, ns_g_entropy, DNS_NAME_MAXWIRE);
516 if (result != ISC_R_SUCCESS) {
517 UNEXPECTED_ERROR(__FILE__, __LINE__,
518 "isc_hash_create() failed: %s",
519 isc_result_totext(result));
520 return (ISC_R_UNEXPECTED);
521 }
522
523 return (ISC_R_SUCCESS);
524 }And in isc_socketmgr_create2():
3384 isc_result_t
3385 isc_socketmgr_create2(isc_mem_t *mctx, isc_socketmgr_t **managerp,
3386 unsigned int maxsocks)
3387 {
<SNIP>
3488
3489 /*
3490 * Set up initial state for the select loop
3491 */
3492 result = setup_watcher(mctx, manager);===============================>will call open() on /dev/poll.
3493 if (result != ISC_R_SUCCESS)
3494 goto cleanup;
3495 memset(manager->fdstate, 0, manager->maxsocks * sizeof(int));
Other the above, I cannot really understand or help further. But I know it should fail in somewhere in setup_watcher() in socket.c. -
DNS server required for default route
I'm trying to find out if Apple is aware of this requirement, as it is problematic for network engineers.
The summary of the problem is that without a DNS server configured, mavericks will not activate the default route. So if you configure a DHCP scope without a DNS server, your Mac will not be able to have IP connectivity outside it's local subnet.
I blogged the details of this bug/feature: http://transmitfailure.blogspot.com/2014/02/mac-os-x-mavericks-dns-server-requir ed.html
I'd really like to hear from Apple, just to say if this is intended or not. The commenter said this is happening on 10.9.2 as well as the 10.9.1 I tested.You're very unlikely to receive a direct response on that from Apple through these discussions.
https://bugreport.apple.com may get something. -
External DNS server not replicating records to secondary after migration from 2003 to 2012
Hi
I have a query relating to 2012 Server and DNS.
Last week we de-commissioned our primary external DNS server (Windows 2003 Server) and moved the role over to a new Windows 2012 server.
Since this point replication to our secondary server (3rd party hosted) does not seem to occur and our DNS records seem to have expired on the secondary server as we cannot look these up via nslookup.
I cannot see any failures in the event log of the server; I have checked our external firewall logs and nothing is being blocked inbound/ outbound as far as I can see. And the server’s local firewall has been disabled.
The server is a standalone server in a workgroup with a standard filebased primary zone, with no AD integration and recursion disabled.
When I created the zone I copied the .dns file from the old server and selected this in the interface during the creation of the zone on the new server. The new server has the same internal and external IP as the old server and the old server is off-line.
I have also manually increased the serial number of the zone and still no joy.
One thing that I have noticed is when I open the zones properties/Name Servers and click edit on the external nameserver I get the infamous "The server with this IP address is not authoritative for the required zone" error.
Any help Would be appreciated, thanks in advanceNice to hear that you are close in finding the problem. So in short:
You have enabled Zone transfers in DNS management console for the applicable zone
You have verified that your DNS is listening to the correct interfaces
You have enabled firewall rules to accept TCP and UDP traffic to port 53
You have checked if "BIND secondaries" option is applicable to your case
You have initiated a zone transfer from the secondary server
Lefteris Karafilis
MCSE, MCTS, SEC+
LinkedIn: http://www.linkedin.com/in/lkarafilis
Mail: [email protected]
Blog: http://www.karafilis.net -
Hi Folks,
We have a requirement to replace existing DNS servers (BIND on unix) with some DNS appliances.
So, just wanted some inputs on if we can use GSS 4400 series device as full fledged DNS server holding all DNS records for our domains.
ThanksHi, I cannot answer question directly, but consider these as alternatives:
1) DNS appliance (multi-master), works well and has many nice options: http://www.infoblox.com. This is probably more suitable to running DNS than GSS. BTW, I don't/haven't worked for infoblox. I have deployed them in the past and think they work pretty well.
2) Do you really need GSS appliance in your environment? Before purchasing a GSS, consider this write-up discussing GSLB (first link may not work):
http://www.tenereillo.com/GSLBPageOfShame.htm
http://www.tenereillo.com/GSLBPageOfShameII.htm -
I originally posted this question to the community section and was advised to post it here. Please bear with me as this will be a long post. I'm including the scenarios involving this reoccurring issue, the trouble shooting steps I've already
taken and the results of several diagnostic tools and logs.
I have a Sony VAIOS VPCEBB33FM lap top since 2011. I have had this issue on an off for a long time. I'm at my wit's end. Any new insights or suggestions would be greatly appreciated.
Scenario Details
1) Some times it's on and off through out the day, sometimes it won't work all day, and once in a while it will work fine for the entire day.
2) I've had this issue across several wireless services, Clear Network accessed with WiMax, Library Wi-fi, Comcast cable internet using wireless router and Wi-fi, and Comcast Xfinity Wi-Fi, to name a few examples.
3) Other devices in the household or library will work with no problems such as my smart phone or my roommates' laptops or desktop computers.
4) Once in a while, the built-in wireless adapter is not found and I have to reinstall the driver. Also the diagnostic tool has had to reset my adapter on an increasing basis.
5) I had my hard drive replaced in December 2014 and my system restored from the System Restore disks that came with it when I bought the laptop. Even though I've been online on an infrequent basis it worked just fine for a while. Now that
I've been online a bit more I'm having the same issues again.
Below are my attempts at trouble shooting so far but I still have not been able to consistently resolve my DNS issues
1) Restarting my adapter
2) Turning off my laptop and removing the power supply for 5-10 minutes before turning it back on.
3) Using the IP Config in Command Prompt
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
4) Using the NetSh reset in Command Prompt and restarting my laptop
netsh int ip reset c:\resetlog.txt
netsh winsock reset
ipconfig /flushdns
[restart laptop]
5) Configuring the TCP/IP in several settings
Select Internet Protocol Version 4 (TCP/IPv4), and then click Properties.
I have used the following settings:
a) Obtain an DNS server address automatically
b) OpenDNS
208 67 222 222
208 67 220 220
c) Google DNS
8 8 8 8
8 8 4 4
6) Updating the driver for my Intel Centrino(R) Advanced-N 6250 AGN and Intel Centrino(R) WIMAX 6250 from the Intel website previous having my laptop wiped clean in 2014. It still did not resolve the issue. My laptop
manufacturer as not come up with an driver update for my adapter since 2010. I haven't tried to update the adapter driver from Intel's website since having my laptop repaired due to the fact that Intel strongly recommending using the manufacturer's updates
instead and frankly it didn't make much of a difference when I did it the first time.
7) The last one I've tried as of today is going into Services and changing the start up type to automatic for the following:
Computer Browser [changed from manual to automatic]
DHCP Client [already set to automatic]
DNS Client [already set to automatic]
Network Connections [already set to automatic]
Network Location Awareness [changed from manual to automatic]
Remote Procedure Call (RPC) [already set to automatic]
Server [already set to automatic]
TCP/IP Netbios helper [already set to automatic]
Workstation [already set to automatic]
...and I'm still having DNS issues.
My only guessing are that my laptop came with a lemon adapter that needs to be replaced, some advanced setting(s) that I'm not aware off, or my firewall/anti-virus is interfering. I've used Symmantic Anti-virus and Firewall in the past and currently
Avast Anti-Virus with Microsoft Network Firewall. I've had DNS issues with both anti-virus/firewall set ups.
Below are the results from the diagnostics and tests that I've ran.
Windows Network Diagnostics
Your computer appears to be correctly configured, but the device or resource (DNS server) is not responding Detected Detected
Contact your network administrator or Internet service provider (ISP) Completed
Windows can't communicate with the device or resource (DNS server). The computer or service you are trying to reach might be...
Details about network adapter diagnosis:
Network adapter Wireless Network Connection driver information:
Description . . . . . . . . . . : Intel(R) Centrino(R) Advanced-N 6250 AGN
Manufacturer . . . . . . . . . : Intel Corporation
Provider . . . . . . . . . . . : Intel
Version . . . . . . . . . . . : 13.2.1.5
Inf File Name . . . . . . . . . : C:\Windows\INF\oem17.inf
Inf File Date . . . . . . . . . : Monday, June 14, 2010 9:05:44 AM
Section Name . . . . . . . . . : Install_MPCIEX_GEN_6250_AGN_2x2_HMC_WIN7_64_MOW
Hardware ID . . . . . . . . . . : pci\ven_8086&dev_0087&subsys_13018086
Instance Status Flags . . . . . : 0x180200a
Device Manager Status Code . . : 0
IfType . . . . . . . . . . . . : 71
Physical Media Type . . . . . . : 9
Informational Diagnostics Information (Wireless Connectivity)
Details about wireless connectivity diagnosis:
Information for connection being diagnosed
Interface GUID: 70a0781d-6329-45e4-8d7c-34aeca294c39
Interface name: Intel(R) Centrino(R) Advanced-N 6250 AGN
Interface type: Native WiFi
Connection incident diagnosed
Auto Configuration ID: 1
Connection ID: 1
Connection status summary
Connection started at: 2015-03-07 19:57:14-186
Profile match: Success
Pre-Association: Success
Association: Success
Security and Authentication: Success
List of visible access point(s): 22 item(s) total, 22 item(s) displayed
BSSID BSS Type PHY Signal(dB) Chnl/freq SSID
60-02-92-C6-D3-E8 Infra <unknown> -62 11 HOME-C7D4-2.4
60-02-92-A1-75-E0 Infra <unknown> -58 6 HOME-B917-2.4
00-1D-D5-D5-34-F0 Infra <unknown> -73 6 HOME-34F2
60-02-92-A1-75-E1 Infra <unknown> -58 6 (Unnamed Network)
06-1D-D5-D5-34-F0 Infra <unknown> -78 6 xfinitywifi
C4-27-95-C9-C4-2D Infra <unknown> -57 1 HOME-C42D
02-1D-D5-D5-34-F0 Infra <unknown> -74 6 (Unnamed Network)
00-0D-97-07-E0-79 Infra g -75 6 (Unnamed Network)
00-1D-CF-2A-44-C0 Infra <unknown> -86 6 HOME-44C2
02-1D-CF-2A-44-C0 Infra <unknown> -86 6 (Unnamed Network)
F8-E4-FB-3C-87-A2 Infra <unknown> -89 6 YVNM7
06-1D-CF-2A-44-C0 Infra <unknown> -87 6 xfinitywifi
0C-F8-93-7A-13-50 Infra b -87 6 PKennedy
06-F8-93-7A-13-50 Infra b -89 6 xfinitywifi
02-F8-93-7A-13-50 Infra b -87 6 (Unnamed Network)
E0-88-5D-C8-A9-DC Infra <unknown> -80 1 HOME-A9DC
E2-88-5D-C8-A9-DD Infra <unknown> -79 1 (Unnamed Network)
16-CF-E2-43-0B-30 Infra <unknown> -88 1 xfinitywifi
60-02-92-F0-A8-C0 Infra <unknown> -90 11 HOME-96A6-2.4
60-02-92-C6-D3-E9 Infra <unknown> -63 11 (Unnamed Network)
02-1D-D4-EB-87-00 Infra <unknown> -88 11 (Unnamed Network)
06-1D-D4-EB-87-00 Infra <unknown> -88 11 xfinitywifi
Connection History
Information for Auto Configuration ID 1
List of visible networks: 13 item(s) total, 13 item(s) displayed
BSS Type PHY Security Signal(RSSI) Compatible SSID
Infra <unknown> Yes 63 Yes HOME-C7D4-2.4
Infra <unknown> Yes 70 Yes HOME-B917-2.4
Infra <unknown> Yes 43 Yes HOME-34F2
Infra <unknown> Yes 70 Yes (Unnamed Network)
Infra <unknown> No 40 Yes xfinitywifi
Infra <unknown> Yes 71 Yes HOME-C42D
Infra g No 43 Yes (Unnamed Network)
Infra <unknown> Yes 28 Yes HOME-44C2
Infra <unknown> Yes 20 Yes YVNM7
Infra b Yes 21 Yes PKennedy
Infra <unknown> Yes 33 Yes HOME-A9DC
Infra <unknown> Yes 35 Yes (Unnamed Network)
Infra <unknown> Yes 16 Yes HOME-96A6-2.4
List of preferred networks: 3 item(s)
Profile: xfinitywifi
SSID: xfinitywifi
SSID length: 11
Connection mode: Infra
Security: No
Set by group policy: No
Connect even if network is not broadcasting: No
Connectable: Yes
Profile: HTC Portable Hotspot 9F50
SSID: HTC Portable Hotspot 9F50
SSID length: 25
Connection mode: Infra
Security: Yes
Set by group policy: No
Connect even if network is not broadcasting: No
Connectable: No
Reason: 0x00028002
Profile: belkin.332
SSID: belkin.332
SSID length: 10
Connection mode: Infra
Security: Yes
Set by group policy: No
Connect even if network is not broadcasting: No
Connectable: No
Reason: 0x00028002
Information for Connection ID 1
Connection started at: 2015-03-07 19:57:14-186
Auto Configuration ID: 1
Profile: xfinitywifi
SSID: xfinitywifi
SSID length: 11
Connection mode: Infra
Security: No
Pre-Association and Association
Connectivity settings provided by hardware manufacturer (IHV): No
Security settings provided by hardware manufacturer (IHV): No
Profile matches network requirements: Success
Pre-association status: Success
Association status: Success
Last AP: 06-1d-d5-d5-34-f0
Security and Authentication
Configured security type: Open
Configured encryption type: None
802.1X protocol: No
Key exchange initiated: Yes
Unicast key received: No
Multicast key received: No
Number of security packets received: 0
Number of security packets sent: 0
Security attempt status: Success
Connectivity
Packet statistics
Ndis Rx: 2068
Ndis Tx: 2543
Unicast decrypt success: 0
Multicast decrypt success: 0
Unicast decrypt failure: 0
Multicast decrypt failure: 0
Rx success: 3954
Rx failure: 0
Tx success: 537
Tx failure: 4
Tx retry: 2
Tx multiple retry: 2
Tx max lifetime exceeded: 0
Tx ACK failure: 18
Roaming history: 0 item(s)
InformationalDiagnostics Information (Wireless Connectivity)
Details about wireless connectivity diagnosis:
For complete information about this session see the wireless connectivity information event.
Helper Class: Auto Configuration
Initialize status: Success
Information for connection being diagnosed
Interface GUID: 70a0781d-6329-45e4-8d7c-34aeca294c39
Interface name: Intel(R) Centrino(R) Advanced-N 6250 AGN
Interface type: Native WiFi
Result of diagnosis: There may be problem
Network Connection details from Command Prompt (some info hidden for security reasons)
Connection-specific DNS Suffix:
Description: Intel(R) Centrino(R) Advanced-N 6250 AGN
Physical Address: 00-23-15-54-19-B8
DHCP Enabled: Yes
IPv4 Address: 192.168.X.XX
IPv4 Subnet Mask: 255.255.XX.X
Lease Obtained: Saturday, March 07, 2015 7:57:14 PM
Lease Expires: Saturday, March 07, 2015 8:24:44 PM
IPv4 Default Gateway: 192.168.X.X
IPv4 DHCP Server: 192.168.X.X
IPv4 DNS Servers: 75.75.75.75, 75.75.76.76
IPv4 WINS Server:
NetBIOS over Tcpip Enabled: Yes
Link-local IPv6 Address: fe80::b8de:3ac9:e166:XXX%XX
IPv6 Default Gateway:
IPv6 DNS Server:
Results of Ping and Trace Route in Command Prompt
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Windows\system32>ping 127.0.0.1
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\Windows\system32>ping www.youtube.com
Pinging youtube-ui.l.google.com [173.194.121.6] with 32 bytes of data:
Reply from 173.194.121.6: bytes=32 time=24ms TTL=55
Reply from 173.194.121.6: bytes=32 time=19ms TTL=55
Request timed out.
Request timed out.
Ping statistics for 173.194.121.6:
Packets: Sent = 4, Received = 2, Lost = 2 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 19ms, Maximum = 24ms, Average = 21ms
C:\Windows\system32>ping 74.125.239.34
Pinging 74.125.239.34 with 32 bytes of data:
Request timed out.
Request timed out.
Reply from 74.125.239.34: bytes=32 time=3286ms TTL=50
Request timed out.
Ping statistics for 74.125.239.34:
Packets: Sent = 4, Received = 1, Lost = 3 (75% loss),
Approximate round trip times in milli-seconds:
Minimum = 3286ms, Maximum = 3286ms, Average = 3286ms
C:\Windows\system32>ping www.hotmail.com
Pinging dispatch.kahuna.glbdns2.microsoft.com [65.55.157.204] with 32 bytes of data:
Reply from 65.55.157.204: bytes=32 time=111ms TTL=237
Request timed out.
Request timed out.
Reply from 65.55.157.204: bytes=32 time=1537ms TTL=237
Ping statistics for 65.55.157.204:
Packets: Sent = 4, Received = 2, Lost = 2 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 111ms, Maximum = 1537ms, Average = 824ms
C:\Windows\system32>ping 207.46.11.236
Pinging 207.46.11.236 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 207.46.11.236:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
C:\Windows\system32>tracert www.youtube.com
Tracing route to youtube-ui.l.google.com [173.194.121.5]
over a maximum of 30 hops:
1 19 ms 13 ms 17 ms xfwsr12-nwca-01.sys.comcast.net [68.85.15.244]
2 13 ms 13 ms 27 ms ae-14-32767-ar03.newcastle.de.panjde.comcast.net [68.85.192.205]
3 20 ms 26 ms 21 ms he-5-10-0-0-cr01.ashburn.va.ibone.comcast.net [68.86.94.249]
4 18 ms 34 ms 22 ms he-0-13-0-0-pe07.ashburn.va.ibone.comcast.net [68.86.86.50]
5 19 ms 18 ms 18 ms 50-248-116-190-static.hfc.comcastbusiness.net [50.248.116.190]
6 35 ms 18 ms 18 ms 209.85.249.217
7 21 ms 19 ms 19 ms 72.14.233.93
8 * * * Request timed out.
9 * 2509 ms 677 ms iad23s25-in-f5.1e100.net [173.194.121.5]
Trace complete.
C:\Windows\system32>tracert 74.125.239.34
Tracing route to nuq04s19-in-f2.1e100.net [74.125.239.34]
over a maximum of 30 hops:
1 54 ms 23 ms 12 ms xfwsr12-nwca-01.sys.comcast.net [68.85.15.244]
2 22 ms 19 ms 17 ms ae-14-32767-ar03.newcastle.de.panjde.comcast.net[68.85.192.205]
3 19 ms 19 ms 18 ms he-5-14-0-0-cr01.ashburn.va.ibone.comcast.net [68.86.166.121]
4 18 ms 18 ms 18 ms he-0-15-0-0-cr01.350ecermak.il.ibone.comcast.net[68.86.85.74]
5 19 ms 18 ms 22 ms 50-248-116-190-static.hfc.comcastbusiness.net [50.248.116.190]
6 22 ms 36 ms 19 ms 209.85.249.217
7 26 ms 23 ms 25 ms 209.85.143.112
8 * * * Request timed out.
9 * * * Request timed out.
10 972 ms * * 216.239.51.97
11 148 ms 97 ms 95 ms 216.239.46.241
12 324 ms 130 ms 432 ms 209.85.246.252
13 * * * Request timed out.
14 1403 ms 101 ms 126 ms nuq04s19-in-f2.1e100.net [74.125.239.34]
Trace complete.
C:\Windows\system32>tracert www.hotmail.com
Tracing route to dispatch.kahuna.glbdns2.microsoft.com [65.55.157.144]
over a maximum of 30 hops:
1 13 ms 13 ms 25 ms xfwsr12-nwca-01.sys.comcast.net [68.85.15.244]
2 13 ms 15 ms 13 ms ae-14-32767-ar03.newcastle.de.panjde.comcast.net[68.85.192.205]
3 20 ms 19 ms 17 ms he-5-13-0-0-cr01.ashburn.va.ibone.comcast.net [68.86.95.145]
4 17 ms 20 ms 20 ms he-0-13-0-0-pe07.ashburn.va.ibone.comcast.net [68.86.86.50]
5 17 ms 18 ms 38 ms as8075-2-c.ashburn.va.ibone.comcast.net [173.167.58.82]
6 18 ms 18 ms 36 ms ae4-0.ash-96cbe-1a.ntwk.msn.net [207.46.36.172]
7 * * * Request timed out.
8 * 2191 ms 35 ms ae0-0.atb-96cbe-1b.ntwk.msn.net [191.234.81.167]
9 * * * Request timed out.
10 * * * Request timed out.
11 86 ms 84 ms 84 ms ae4-0.lax-96cbe-1a.ntwk.msn.net [191.234.83.150]
12 86 ms 86 ms 87 ms ae9-0.by2-96c-1a.ntwk.msn.net [207.46.42.176]
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 87 ms 84 ms 85 ms origin.by173w.bay173.mail.live.com [65.55.157.144]
Trace complete.
C:\Users\C.Cunningham>tracert 207.46.11.236
Tracing route to origin.by181w.bay181.mail.live.com [207.46.11.236]
over a maximum of 30 hops:
1 16 ms 16 ms 19 ms xfwsr12-nwca-01.sys.comcast.net [68.85.15.244]
2 18 ms 13 ms 13 ms ae-14-32767-ar03.newcastle.de.panjde.comcast.net[68.85.192.205]
3 21 ms 19 ms 21 ms he-5-12-0-0-cr01.ashburn.va.ibone.comcast.net [68.86.95.141]
4 18 ms 21 ms 18 ms he-0-13-0-0-pe07.ashburn.va.ibone.comcast.net [68.86.86.50]
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
10 * * * Request timed out.
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.
Trace complete.
Results of Intel WiFi Manual Diagnostics
Test Name Test Result Test Summary
Hardware Test Passed Wireless Hardware is enabled
Driver Test Passed Diver is loaded. NETwNs64 Version 13.3.0.24
Radio Test Passed Radio is ON
Scan Test Passed There are 25 Networks available to connect
Association Test Passed Associated
Authentication Test Passed Authenticated
Signal Test Passed Signal Quality: Poor
Ping Test Failed No Reponse: default gateway, DHCP server
I hope this information is enough to get to the root of this problem once and for all. Please let me know if you any other information such as event logs or statistics.
Thanks in advance.Results of Intel WiFi Event View Log (I deleted some lines since there were basically repeats of the same messages)
#Event Source Time
Error Severity Domain
User Description
45 EvtEngine
3/8/2015 20:40 Success
Connection SYSTEM
iAMT - Failed to read Windows Events Log
46 S24EvMon
3/8/2015 20:41 Information
AppDriver
SYSTEM
Getting List of adapters.
47 S24EvMon
3/8/2015 20:41 Information
AppDriver
SYSTEM
Intel adapter(s) found.
156 S24EvMon
3/8/2015 20:47 Information
Driver SYSTEM
AddToExclude 06:1d:d5:d5:34:f0 xfinitywifi 6 WEV_EXCLUDE_LIST_REASON_802_11_AUTH_FAILURE
157 S24EvMon
3/8/2015 20:47 Information
Driver SYSTEM
ATC 06:1d:cf:2a:44:c0 xfinitywifi 6 RSSI=-88
158 S24EvMon
3/8/2015 20:47 Error
Driver SYSTEM
AssociationFailure 06:1d:cf:2a:44:c0 xfinitywifi 6 CNCT_GENERAL_FAILURE
159 S24EvMon
3/8/2015 20:47 Information
Driver SYSTEM
AddToExclude 06:1d:cf:2a:44:c0 xfinitywifi 6 WEV_EXCLUDE_LIST_REASON_802_11_ASSOC_FAILURE
160 S24EvMon
3/8/2015 20:47 Information
Driver SYSTEM
ATC 06:1d:d5:d5:34:f0 xfinitywifi 6 RSSI=-79
161 S24EvMon
3/8/2015 20:47 Success
Driver SYSTEM
RxAuthSuccess 06:1d:d5:d5:34:f0 6
162 S24EvMon
3/8/2015 20:47 Success
Driver SYSTEM
RxAssocResp 06:1d:d5:d5:34:f0 6 -77
163 S24EvMon
3/8/2015 20:49 Information
TCP/IP SYSTEM
VoIP: Got link down - deleting flows .
164 S24EvMon
3/8/2015 20:49 Information
Driver SYSTEM
ATC 06:1d:d4:eb:87:00 xfinitywifi 11 RSSI=-88
165 S24EvMon
3/8/2015 20:49 Error
Driver SYSTEM
AssociationFailure 06:1d:d4:eb:87:00 xfinitywifi 11 CNCT_GENERAL_FAILURE
166 S24EvMon
3/8/2015 20:49 Information
Driver SYSTEM
AddToExclude 06:1d:d4:eb:87:00 xfinitywifi 11 WEV_EXCLUDE_LIST_REASON_802_11_ASSOC_FAILURE
167 S24EvMon
3/8/2015 20:49 Information
Driver SYSTEM
ATC 06:1d:d4:eb:87:00 xfinitywifi 11 RSSI=-89
168 S24EvMon
3/8/2015 20:49 Error
Driver SYSTEM
AssociationFailure 06:1d:d4:eb:87:00 xfinitywifi 11 CNCT_GENERAL_FAILURE
169 S24EvMon
3/8/2015 20:49 Information
Driver SYSTEM
AddToExclude 06:1d:d4:eb:87:00 xfinitywifi 11 WEV_EXCLUDE_LIST_REASON_802_11_ASSOC_FAILURE
170 S24EvMon
3/8/2015 20:49 Information
Driver SYSTEM
ATC 06:1d:d4:eb:87:00 xfinitywifi 11 RSSI=-90
171 S24EvMon
3/8/2015 20:49 Error
Driver SYSTEM
AssociationFailure 06:1d:d4:eb:87:00 xfinitywifi 11 CNCT_GENERAL_FAILURE
172 S24EvMon
3/8/2015 20:49 Information
Driver SYSTEM
ATC 06:1d:d5:d5:34:f0 xfinitywifi 6 RSSI=-82
173 S24EvMon
3/8/2015 20:49 Success
Driver SYSTEM
RxAuthSuccess 06:1d:d5:d5:34:f0 6
174 S24EvMon
3/8/2015 20:49 Success
Driver SYSTEM
RxAssocResp 06:1d:d5:d5:34:f0 6 -81
175 S24EvMon
3/8/2015 20:50 Information
Driver SYSTEM
AddToExclude 06:1d:d5:d5:34:f0 xfinitywifi 6 WEV_EXCLUDE_LIST_REASON_802_11_AUTH_FAILURE
176 S24EvMon
3/8/2015 20:50 Information
Driver SYSTEM
ATC 06:1d:d5:d5:34:f0 xfinitywifi 6 RSSI=-79
177 S24EvMon
3/8/2015 20:50 Success
Driver SYSTEM
RxAuthSuccess 06:1d:d5:d5:34:f0 6
178 S24EvMon
3/8/2015 20:50 Success
Driver SYSTEM
RxAssocResp 06:1d:d5:d5:34:f0 6 -80
179 S24EvMon
3/8/2015 21:03 Information
Driver SYSTEM
RoamTrigger 06:1d:d5:d5:34:f0 xfinitywifi 6 RSSI=-81 MisBcn=8 RSSITh=-85 Roam Other Reason
186 S24EvMon
3/8/2015 21:21 Information
General
SYSTEM
DeviceIoCtrlS24NDIS: (2) Failed to send OID 0xff100055 to driver. Error - 31
187
S24EvMon
3/8/2015 21:21 Information
General
SYSTEM
DeviceIoCtrlS24NDIS - Dot11ExtNicSpecificExtension failed (31) -
How to configure DNS server to redirect all web traffic to one external website?
I'd like to use the DNS service on my OS X Server as a way to force all all web traffic to one specific, external website. Not quite sure how to go about configuring it, though - any recommendations?
(BTW, this is, obviously, not our primary DNS server; I intend to silently update the preferred DNS server for users who fail to complete their timesheets in order to force the issue)Web clients don't generate uniquely-identifiable DNS queries; there's no SRV request or related traffic that you could select on and spoof. So if you do implement this, everything querying the spoofing DNS server will get the spoofed host, or you'll have to spot specific queries that are likely web queries; Facebook, Google, Bing, etc.
If you still want to implement this, then I'd probably replace the DNS server with a runt DNS server (maybe hack dnsmasq or maraDNS, or create yourself a trivial DNS server) and have that always return the specified IP address. This avoids having to hack BIND to be universally authoritative, which is probably on par with hacking a simpler DNS server to always return a fixed IP address, and the latter is probably easier to undo.
A firewall can spot TCP port 80 and port 443 traffic, unlike a DNS server. Firewalling outbound port 80 traffic is more typical of these requests, and either trap that traffic to a specific web page based on the capabilities of the firewall, or the web proxy approach that Camelot suggests. There are folks that tie access into the web proxies into external authentication and related; that'd be able to do what you want. Web proxies are usually combined with firewall blocks, as most sites want only the web proxy to have external access, too. But this is also rather more pieces than a DNS redirect, too. -
Can I avoid setting up a DNS server?
Dear all,
I’m a newbie to set up a server but I recently bought a Mac Mini Server and I have some questions in setting up the machine.
My ultimate goal:
Set up a multimedia server in my Mac Mini Server which provide photos up / download and Quicktime video streaming services for my friends outside my local Lan.
My settings:
ISP (Dynamic IP) →DSL modem →Linksys Router (DHCP) →
1. Web Cam IP: 192.168.1.253 port 50000
2. Synology NAS IP:192.168.1.107 port 5000
3. Mac Mini Server IP: 192.168.1.108
4. Mac Book Pro x 2(wireless)
Since I don’t have a static IP, I registered a domain name which link to my dynamic IP. i.e. abc.viewnetcam.com
I can access my web cam and Synology from outside through port forwarding i.e. http://abc.viewnetcam.com: 50000 & http://abc.viewnetcam.com: 5000
During set up my Mac Mini Server, I was required to enter the Primary Domain Name, since I did not have a DNS server in my local Lan, I entered MacMinSserver.private
After I set up the server, I found that there was a message left on the desktop saying that; ….The domain name servers you’re using don’t have an entry for the domain MacMiniServer.private, and therefore your clients won’t be able to access your server using the name MacMiniServer.private…..
Now here is the question:
1. Can I just simply avoid to set up a DNS server in my Mac Mini Server? Cause it is very complicate; I have read up some information about DNS server settings which make me feel puzzle.
2. If DNS server is a must, so how can I set it? I have read the instructions in the HoffmanLabs, but after setting up the DNS server, how can I access my server from outside? Through port forward?
( Now I can access my server from outside in Safari with URL afp://abc.viewnetcam.com:548)
Many thanks.I take some time to digest your suggestions. I’m convinced to build up a DNS server, although I don’t fully understand how it works.
DNS is a way to ask a server or a series of servers to translate a string of a specific format into an IP address. If you follow the article in your implementation, then the local DNS services will cooperate with and access external DNS servers world-wide for public DNS translations.
But then questions come up again, first what should be my Primary Domain Name?
I don't know what you're looking at that is using "primary domain name", but the "domain name" you use? I use real and registered and public domains for the domain on private LANs. It's simple, effective, and unique. And I don't have to deal with collisions. I don't prefer to recommend using a made-up domain, as it's a few dollars to get a real domain and then you don't have to deal with collisions if and when you need to expose parts of your network.
Here, a bogus TLD would be, for instance, macminiserver.myhouse.ngmy69; that's a top-level domain (ngmy69) (TLD) that is not allocated, and unlikely to be publicly allocated, and a subdomain (myhouse) of your choice, and a host name (macminiserver) of your choice. (There are around 300 TLDs already allocated and live, and more are on the way. com, net, biz, org, travel, cat, two-character country codes, and more...)
This is listed in the article, including the trade-offs, and including a description of bogus domains.
As you said that the external DNS and the internal DNS should be separately functioning, then is it true that I have the freedom to choose my Primary DNS name? Or I have to stick to certain rules?
DNS and IP routing work by cooperation. You have to stick to certain rules, and the article guides you through the four general choices for picking a domain name.
In my case, do I need to use the external domain name, i.e. macminiserver.abc.viewnetcam.com or I rent another registered domain name and it will be macminiserver.xxxxx.com or even I create an imaginary name?
After you get your LAN DNS going, then read the [dynamic DNS article|http://labs.hoffmanlabs.com/node/1541].
Here, you've picked a domain (viewnetcam.com) name that's real and registered. That, and the use of the abc and macminiserver subdomains are something you'd have to work out with the folks administering that domain. While it is technically a domain name, macminiserver.abc.viewnetcam.com is also variously called a host name, as that'll usually have an associated IP address, and a subdomain like abc.viewnetcam.com might and variously will not.
With a real and registered domain (your own registered domain, or a DynDNS host), you can (later) choose to expose parts of your network. You don't own a DynDNS name, and DynDNS doesn't allow you to use various server functions and you can't use that on your LAN. DynDNS is a good solution for remote access into a home network and even for a VPN connection in but (if you're eventually looking to use mail or secure web access or other features) you'll usually end up using your own domain name.
The second question is that, how can I avoid using the subnet 192.168.1.0/24, as my router is providing the DHCP service, will that means I need to re-organized the whole network included the web cam and my Synology? Is there any simple way to achieve that?
It's the effort you think it is, and it involves getting that gateway server reconfigured to have its address in a different subnet and the DHCP server reconfigured to pass out addresses within a range within that subnet, and this is an effort that scales as your network increases and as you get IP addresses embedded. If you're going to do remote access via VPN, many home networks and many coffee shops will use 192.168.0.0/24 or 192.168.1.0/24, and having the same subnet on both ends of the VPN means IP routing tosses a snit.
[Please read the DNS article|http://labs.hoffmanlabs.com/node/1436] through, and then post up questions you might have. -
Can't override DNS Server settings - can only append!
See this thread for a similar question:
http://discussions.apple.com/thread.jspa?messageID=3555096
I have also filed this with Apple (Problem ID 5159216). Here is the text of the report (with a few bits removed - not crucial to understanding the report).
If anyone has suggestions/clues to resolve, please advise. Thanks!
Summary:
This problem concerns AirPort Extreme (802.11n) at revision 7.1. I will summarize with a comparison between AirPort and MacOS X.
MacOS X and Airport Extreme (referred herein as "AE") both permit editing of DNS server settings whether in DHCP or Manual mode.
When MacOS X DNS server settings are set manually by the end-user, the new server IPs are used (good). When AE's DNS server settings are overridden by the end-user, the new server IPs are NOT used (not good)! Rather, the DHCP-supplied DNS server always pre-empts whatever is given in the AE Configuration UI.
Steps to Reproduce:
1. Using AirPort Extreme (802.11n) at revision 7.1 and MacOS 10.4.9 on a MacBook Pro (Core 2 Duo). The AE has been previously configured for IPv4 using DHCP and the MacBook is successfully connected and resolving domain names through the AE.
2. Visit "Apple Menu > Location > Network Settings" and check the AirPort TCP/IP settings. For purposes of this test, make sure the "DNS Servers" field is EMPTY so MacOS X defaults to the AE's DNS settings, then close System Preferences.
3. Run "AirPort Utility" (the newer version, not "Airport Admin Utility") and configure the AE under test. Pick the "Internet" icon in the toolbar and note the Internet Connection settings.
4. In this test, Configure IPv4 is set to "DHCP" and the DNS Server(s) field contains two DNS IPs assigned by the Internet Service Provider. In my case that's Cablevision's Optimum Online service. You may or may not see IP addresses here, but in my case they are visible.
5. As the DNS Server(s) are editable, and they both show ISP-supplied addresses, they can be changed to whatever alternate IPs you wish. For instance, change them to these alternate DNS IPs from OpenDNS.com: 208.67.222.222 and 208.67.220.220. (You could use any alternate set of IPs but for the purpose of this test use the OpenDNS IPs.) Update the AE and restart.
(For additional reference, http://www.opendns.com/start/airport.php shows instructions for the older AirPort Admin Utility, but the concept is exactly the same.)
6. Normally you shouldn't have to restart the MacBook Pro since we're just using the AE settings, but go ahead and do that just to be consistent with this test.
Expected Results:
Now for the moment of truth! We want to verify that we're using the OpenDNS IPs for our DNS Servers. One nice feature OpenDNS has is automagic redirection for certain domain name typos.
Here's an example. Drop to shell (Applications > Utilities > Terminal) and try this command (excluding the $ prompt, natch):
$ dig craigslist.og
The "og" typo is deliberate. We really want to go to craigslist.org. If you're using the new OpenDNS IPs, you will STILL get an Address (A) record with an IP like so:
;; ANSWER SECTION:
craigslist.og. 0 IN A 208.69.32.130
If you had entered "craigslist.og" in Safari, you would end up at 208.69.32.130 (an OpenDNS server) and then redirected to craigslist.org.
Actual Results:
Alas, that's not what happens! Instead, you get NO IP address, like so:
;; QUESTION SECTION:
;craigslist.og. IN A
This means we're not actually using the OpenDNS IPs. What's happening?
To find out, I spoke with the AirPort support group (Case # xxx-xxx-xx). I learned that, despite being allowed to edit and override the IP addresses provided via DHCP, the AE still uses the DHCP-provided DNS server if available.
Again, the user interface suggests that I'm allowed to override the DHCP-provided DNS IPs as shown in the UI. Even though I can do this, the AirPort will still keep note of any DHCP-provided DNS Server IPs and use those first.
True, I can switch to Manual network settings (and then my own DNS Server IPs take effect). Of course this is problematic when the ISP renews my IP address (which it does from time to time).
Another workaround is to use the "DNS Servers" settings noted in step 2 (above). However this is also problematic if I want to keep my network settings simple. It requires a "Home Network" location and an "Office" location. Still not preferable, but it's a workaround.
Regression:
n/a
Notes:
I would like AirPort's DNS settings to be overridden in the same way OS X allows DNS settings to be overridden. The user interfaces suggest this is possible but it is not. It's only possible in the OS X case. Having the same flexibility on the AirPort would be most welcome.Afraid of the answer...sheesh...you must be a child. This has nothing to do with masquerading anything. The issue being discussed here is that people want to manually assign a dns server address via the new AEBS, while maintaining DHCP for IP address assignments through their ISP. For example, I would like to have opendns.com take care of all dns addressing at the router level, even though I have "Configure IPv4" set to "Using DHCP". If you do not understand why one would want to use something like opendns.com, please visit their website and enlighten yourself. The fact that the dns server address fields are editable when set to "Using DHCP" leads one to believe that you can manually assign a dns server in this configuration; however, under firmware 7.1.1, you still cannot. The previous iteration of the airport hardware can do it, as can nearly any router you pull off the shelf. In addition, this is something that can easily be done at the individual-computer level in OS X; however, many people would prefer to administer their network at the router level. That is the issue being discussed here. Either you can't read or you are purposely derailing the thread.
iMac 24" Mac OS X (10.4.9) -
Dear Experts,
In our office we have a domain controller call it 'Office.com', all computers and corporate servers e.g. exchange, antivirus etc. are member of this 'office.com', it is also having a DNS. All users in office have there preferred DNS set to the corporate
DNS
We are working for ministry and offering services to them from our data center so have many servers which are for ministry but they are in our data center. For all these servers we created another DNS server which contains all entries for these servers in
forward and reverse lookup zones. In this DNS we also created a forward lookup zone for our corporate servers and zone name is 'office.com'
What we are trying to have is name resolution of all servers which are listed in other DNS build in our office on Win 2008 R2 for ministry servers
If the user change his preferred DNS to ministry DNS he can resolve the ministry server but then we can not control any thing through group policy since they are using other DNS and not the corporate DNS.
How this can be done ? like any group policy applied to corporate domain controller must take effect on users and in addition to this user must also be able to resolve server names in ministry project DNS
Please assist ASAP.
regards,Hello,
ok so the GPO setting doesn't apply in any case.
Clients machines use the first DNS server in the list of configured ones on the NIC. If that one is available search for additional DNS servers will stop.
What i can not really understand is your description about the second DNS server. This should normally either another DC with AD integrated DNS, so everything is replicatedwithin AD replication or you use a secondary DNS on domain member server that pulls
the informations from the Master.
It sounds for me that you have configured a machine with DNS server role and created manually the zone with the same name as the domainand manually create there the required A records?
Best regards
Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://msmvps.com/blogs/mweber/
Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights. -
How to install external DNS Server on Windows server 2008?
After 2 days hard working I'm confused about DNS servers.
i registered a domain name and want to host my own DNS for my website.
i install DNS Role and IIS on a windows server 2008 R2 and config them all and set 127.0.0.1 and 8.8.8.8 on my network interface on my serve .
on my server i have 2 website
dns1.mysite.com //to set it on my domain panel as name server
mysite.com //hosting
now everything work on my server , when i type mysite.com at my web browser i can see my site.and when i ping mysite.com it reply my server static ip.
but on internet it does not work. i mean if you type dns1.mysite.com or mysite.com not works and i got request time out when i ping theme.
at this state if you set my server IP as DNS server at your network adapter(interface) everything work great.
how can i have a DNS Server like that hosting using on our domains like dns1.godaddy.com ?
i should register my DNS on any where like a organization or website or...?For the local nic you should _always_ configure dns servers that have the same scope. I think 8.8.8.8 and 127.0.0.1 will never have the same scope. Note that the configuration of multiple dns servers is only there for failover purposes. If the first one
is working, the second one is never used.
You should create a zone on your dns server matching your domain, and you should request your registrar to make your server authorative over your zone. Some providers let you configure this yourself (on a weninterface), so please consult the documentation
provided by the service provider/registrar. If in doubt, they will be the primary contact point as the required configuration depends on theirs.
Note that when you want to host a public dns server, the server should be reachable from the internet on port 53 tcp/udp and you should follow guidelines for serrver security very strictly.
Also be aware updates on dns servers need some time to be applied worldwide due to caching that has to expire and zone transfers that might be needed. be patient.
MCP/MCSA/MCTS/MCITP
Thanks SenneVL for your nice answer .
my server IP is static and reachable from Internet,then why when you add my server ip on your network adapter as a DNS it works and you can type mysite.com on your browser and see my site?
you said "Also be aware updates on dns servers need some time to be applied worldwide due to caching that has to expire and zone transfers that might be needed. be patient."
how long it takes?
Maybe you are looking for
-
i also downloaded the newest version of itunes
-
Hi there, I recently un-installed Adobe CS3 from my new MacBook Aluminum. I used a program called AppDelete as well as Adobe's own uninstaller (I didn't trust it to get rid of everything itself) and deleted anything that had "Adobe" in the title basi
-
Volume structure - having to rebuild daily
Lately I've been having to rebuild my volume structure every morning with TechTool. My hard drive isn't particularly full (30gb available), but just looking for tips on now to resolve this. I've been putting off upgrading to 10.4.x as I figured at th
-
Question about a second hard drive..
13" MacBook Pro, Mid 2012 (Non-Retina) Hello, in early December when in the Apple store, I was torn between a MacBook Air and Pro. After talking it over and hearing the basics from the Apple store guy, he mentioned how many people use the DVD Drive s
-
What is traveling through network when we fire an archiving?
We have here an ERP System running on Oracle being replicated to HANA (Side-car) using SLT. When we archive a lot of data from ERP, SLT is taking a very long time to empty the replication queue. What is traveling through network? Every record deleted