Complete DNS records?

NethServer Version: 7.7
Module: DNS

Seems that DNS GUI is limited to adding A and CNAME entries? (EDIT: Now that I see it more thoroughly, not even CNAME!)
And the only option for different records (AAAA, MX, SRV etc.) is to edit the actual host file?

I also searched around and didn’t find anything different.
I looked both in the old GUI and the new GUI…
I consider this rather basic functionality, are there any plans to extend the GUI?

Not being able to see the complete records in the GUI, is a limitation not just for the edits, but even to have an idea of the entries already set (for example I suspect mail module does add MX record right?).

No, and don’t see any reason why it would–Neth is only intended to serve DNS over the LAN. The design is that it can act as your router, and when doing so it can provide DNS service to your LAN. When it’s being used in that way, there’s a benefit to being able to serve local hostnames, hence the ability to add those through the GUI. What benefit do you see to a local DNS server serving MX or SRV records?

None (but read the * part).
I thought it could also be used as external DNS (I know it is not common practice but I have used my own servers as authoritative servers for my domains before). Didn’t know it doesn’t have this feature. No harm done.

(*) Sometimes such entries (esp. SRV entries) are used for the internal configuration of software clients. For example some Microsoft services (or even many SIP related services).

Anyway, no go for that with NethServer. Clear.

Yeah, I’m pretty sure acting as a public DNS server is outside the scope of what was intended for Neth. I developed a module to let it act as a limited public DNS server for the sole purpose of Let’s Encrypt validation (see https://wiki.nethserver.org/doku.php?id=userguide:let_s_encrypt_acme-dns), but I don’t think that’s as general-purpose as you’re intending.

As to mail configuration specifically, this might help:


You’d need to set the SRV record on your authoritative DNS host, but this would automate the rest of the configuration.

1 Like

Exactly. I need to set the record in my authoritative DNS and this will not work for internal clients - except if I point them to external DNS.
For clients using internal DNS (i.e. the common setup), the internal DNS will act as authoritative (even though is not) for the domain it belongs to, won’t it? So it won’t request resolution from the real authoritative DNS.
Correct me if I am wrong.

Even if this is not the case, internal clients will still need autoconfigure for the internal domain (usually a subdomain of the external or something .local). And with the existing DNS, this cannot be done.

No, Neth only acts as a DNS cache. If you make entries in the DNS page, it will serve those records in preference to whatever it finds on the Internet; otherwise, it will reach out to whatever DNS server you’ve configured (default is 8.8.8.8, IMO a poor choice) to satisfy any requests.

This isn’t a design decision I agree with, and it’s a step backward in functionality compared to Neth’s ancestor (SME Server)–but even that acted as a recursive resolver (rather than just querying a specified DNS server), and still wasn’t authoritative for local hosts.

Sure it can; the SRV record can still be created at your “real” DNS host and will propagate.

Hi @NLS welcome to NethServer community!

Not exactly, you have to change /etc/dnsmasq.conf because the UI only sets A records overrides. In NethServer many configuration files are obtained by a “template expansion”. You can customize the result at your will: see http://docs.nethserver.org/projects/nethserver-devel/en/v7/templates.html#local-site-overrides-templates-custom-and-templates-user-custom

About “SRV” records, for instance ejabberd adds some automatically to /etc/dnsmasq.conf.

Yes, it is implemented by “dnsmasq” that is more than just caching: it “masquerades” the public DNS for the local LAN, so you can define local overrides as long as your client points to it and it can run as DHCP. For sure it doesn’t act as authoritative DNS.

As you can see you have many options!

Just for reference: http://docs.nethserver.org/en/v7/dns.html

Really, true DNS is vital for a home/office server setup.
I don’t understand how some people don’t see it.
First of all there is the “split DNS” feature. To set local addresses for local connections.
In other words, if a mobile client uses “mail.mydomain.com” and asks a DNS for this, the “Internet” DNS (in the bus for example) will properly report the public IP (or even a cname matching a dyndns IP), when if connected in the LAN of the server, the local DNS will instead route than FQDN to a LOCAL IP.
If this is not implemented, many routers are smart enough to not route this to the Internet (only to come “back inside” - which is sometimes also an issue for some cheap routers).
Zentyal (mention this only because it was a recent comparison I made - although Zentyal still “lost” overall), does implement a less-than-full-but-still-ok DNS server. It allows cnames and MX records. Also IIRC allows for setting resolution for more than one domains (thus SOA is also a vital record).

I think the team should really revisit the subject.

1 Like

Sorry I think I don’t understand this sentence.

AFAIK a LAN client asks the internal DNS server (dnsmasq) and gets an internal IP as response. There’s no router in the middle. This is a well-proven scenario, supported by dnsmasq since the beginning

http://www.thekelleys.org.uk/dnsmasq/doc.html

True.

That said I really hope for a real DNS server. I can describe many scenarios this is needed.