Internal clients' queries for "myhostname." get sent to forwarders. Why?
Lawrence K. Chen, P.Eng.
lkchen at ksu.edu
Tue Mar 11 21:59:28 UTC 2014
If you have FQDN for machines, the problem might be that the domain
isn't set in resolv.conf?
from resolv.conf(5):
domain Local domain name. Most queries for names within this
domain can use short names relative to the local domain.
If no domain entry is present, the domain is determined
from the local host name returned by gethostname(3);
the domain part is taken to be everything after the
first `.'. Finally, if the host name does not contain
a domain part, the root domain is assumed.
On 03/11/14 06:28, Tony Finch wrote:
> Andreas Ntaflos <daff at pseudoterminal.org> wrote:
>>
>> Using Bind 9 on Ubuntu 12.04 for internal DNS (master for zones
>> "dc01.example.at.", "7.1.10.in-addr.arpa.", ...) with forwarders (ISP's
>> nameservers) for everything outside of internal zones.
>>
>> The Problem: Clients, when running "hostname -f" or "hostname -i",
>> create queries for "myhostname." which are sent to the forwarders which
>> respond with NXDomain. This generates load on the forwarders and exposes
>> our internally used hostnames, both of which seems unnecessary and
>> possible dangerous.
>>
>> This doesn't seem like normal or healthy behaviour. What can we do to
>> stop it?
>
> Option 1: put the FQDN in /etc/hostname on each machine.
> Option 2: populate /etc/hosts on each machine.
> Option 3: slave the root zone on your name servers.
>
> Tony.
>
--
Who: Lawrence K. Chen, P.Eng. - W0LKC - Sr. Unix Systems Administrator
For: Enterprise Server Technologies (EST) -- & SafeZone Ally
More information about the bind-users
mailing list