DNS: computer name under root domain "." resolve problem (need to resovle pure computer-xyz name without domain suffix)

Posted on 2006-04-13
Medium Priority
Last Modified: 2010-03-18
I need to setup bind on linux box the following way:
I have domain abc.com, I have setup the bind to resolve comp1.abc.com, comp2.abc.com, etc... So I can resolve any of my computers by FQDN (compxyz.abc.com) Now   I need to resolve (on my local network, where this DNS is the primary DNS server) computer name without a domain suffix-> compxyz for example. It can be done by auto suffix insert after the computer name, but I don't like to do this that way. DNS must be able to resolve the pure computer name (under domain "." -> root)
Is there any way to do this?
Question by:karelrambousek
  • 3
  • 3
  • 2

Expert Comment

ID: 16449780
You prpbably don't want that,
Putting new tld's into your namespace will just break stuff.
I gather you don't want to do stuff like:

dig ns compxyz
dig SOA compxyz

rather, you just want

ssh compxyz
ping compxyz

to "just work"?

try adding to /etc/resolv.conf

domain abc.com

At that point non-FQDN will work.
LVL 19

Expert Comment

by:Gabriel Orozco
ID: 16451353
best way, as wnross points, is to add (if linux box) in your /etc/resolv.conf:
search abc.com

for windows, when you see tcp/ip propierties, you will se a tab about dns. there you can set the default search domain.

if you do not want that (which is the best solution and by far the simpler), then
* you can create a wins server using samba, so you can access computers by issuing their computer name. not very good but works.
* create a script that updates the hosts file, so you can use only the name. you would need to edit the order of name search to be hosts,dns

Author Comment

ID: 16451670
did you read my question??? I DON'T LIKE TO USE SEARCH DOMAIN!!!! I need to be able to resolve just the computername under ROOT DOMAIN "." SO:
FQDN is computer.domain.com, but it also is computer.domain.com. (dot at the end) . is the root domain. Now, I need to resolve computername. (dot at the end). Computed under root domain.

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

LVL 19

Expert Comment

by:Gabriel Orozco
ID: 16451728
Sorry, but I read your question and wonder if some confusion there
but now I understand you want a root server for yourself, so you can add TLD's

I can only recommend to create a domain for each computer, and point the "A" record to that machine. of course this should only be allowed to internal users, since your server would then become a "lame server" pretending to be authority for domains that maybe not even exist.

Author Comment

ID: 16451904
I think this is not the way.
I have zone "." in my conf file with type hint and there are som ROOT DNS servers.
Can I combine this with zone "." type master?
Please don't answer if you don't know the exact solution (this will save my time). Thanks

Accepted Solution

wnross earned 2000 total points
ID: 16453298
No, you cannot combine it with the root hints, you will get sporadic dns resolution failure.

If you want to set up your own standalone DNS structure INDEPENDENT from the internet
(eg: a company not actually connected to the internet), then this is kinda the way to go.

An example of this has been encouraged by microsoft for their Active Directory setup
for example nwtraders.msft.

You can disable root hints as follows

in named.conf
zone "." {
        type hint;
        file "named.ca";
zone "." {type master; file "zone.root.dns"; }

In /var/named/zone.root.dns
@       IN      SOA     localhost. root.localhost.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
              IN      NS
comp123   IN A
comp234   IN A
comp345   IN A

Now if you still needed internet access, you will have to hijack the root servers by replacing their functionality:

You start by manually adding DNS records to the above file:
com.                    172743  IN      NS      j.gtld-servers.net.
com.                    172743  IN      NS      k.gtld-servers.net.
com.                    172743  IN      NS      l.gtld-servers.net.
com.                    172743  IN      NS      m.gtld-servers.net.
com.                    172743  IN      NS      a.gtld-servers.net.
com.                    172743  IN      NS      b.gtld-servers.net.
com.                    172743  IN      NS      c.gtld-servers.net.
com.                    172743  IN      NS      d.gtld-servers.net.
com.                    172743  IN      NS      e.gtld-servers.net.
com.                    172743  IN      NS      f.gtld-servers.net.
com.                    172743  IN      NS      g.gtld-servers.net.
com.                    172743  IN      NS      h.gtld-servers.net.
com.                    172743  IN      NS      i.gtld-servers.net.

j.gtld-servers.net.      172800  IN      A
k.gtld-servers.net.     172800  IN      A
.... (use dig to get the rest)

Cleanse, fold, repeat for
.net, .mil, .gov, .org, .edu, .biz, .info, .name
.ca, .us, .uk, ,tw, .... see IANA for complete list

This is fairly labor intensive, but you only need to do it once.

After all this surgery is complete, your tld names will co-exist (sorta) with the rest of the net

Author Comment

ID: 16453394
Great answer, thanks

Expert Comment

ID: 16453443
Glad to help


Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question