DNS Alias functionality


(Walter Schoenly) #1

I am shockingly disappointed in the DNS Alias functionality. There is one field for the alias, and then a discription. An alias should point to another DNS ‘A’ record name. It looks like this Alias will only point to the Nethserver. I can’t point it at another DNS record as the destination. Does this mean I have to make ‘A’ records for every alias I want?


(Gabriel GHEORGHIU) #2

Hi Walter,

You are right. The aliases are only for the main domain.
NS is not a “Name Server” (are you coming from Zentyal?).

Press the “Help” button from the top right side of the page (Configuration ->DNS -> Help) to read more about “Server alias” on NS 7b1 or, read here:
http://docs.nethserver.org/en/v7b/dns.html

or here:

http://docs.nethserver.org/projects/nethserver-devel/en/v7b/dns.html

You need an external name server to maintain the DNS “A” records. There you can point to the NethServers’ IP.


(Walter Schoenly) #3

I’m sure someone has asked for a Full fledged DNS server for Nethserver, have they not? This would be my vote for that as well.

And no, an ‘A’ record is an ‘A’ Record. You can host them local/internal or you can host them external. I disagree with your terminology.

When you are behind a NAT an External DNS ‘A’ record isn’t effective for naming your internal systems.


(Gabriel GHEORGHIU) #4

One of them:
Replace dnsmasq with BIND9

https://www.domainmonster.com/glossary/
https://www.123-reg.co.uk/support/answers/Domains-Archive/Domain-Configuration/what-is-an-a-record-257/
https://support.dnsimple.com/articles/a-record/
http://dns-record-viewer.online-domain-tools.com/
https://support.google.com/a/answer/48090?hl=en#H

Of course, but you can reach to your internal systems (www, mail, …) with Port forward or with Reverse Proxy (publish them to Internet).

Also, maybe I’m wrong! I can admit this! :wink:


(Walter Schoenly) #5

I didn’t go through all of the links you list, but the few that I did agree with my definition.

“An A-record is an entry in your DNS zone file that maps each domain name”. It has nothing to do with external or internal.

You can point to a reverse proxy, but that only helps you coming in from the outside. You still need to have your local DNS point to either your reverse proxy or directly to the Server because the external DNS is only going to be pointing to your External IP.

I’m looking for addressing for systems that are both behind my NAT. That requires DNS that translates names with my subnet that is behind my NAT. I would rather make the entries as real aliases so I would only have to make one update to the ‘A’ record to change all the aliased IPs, but that isn’t possible.

Thanks for the posting reference. I will put my two cents in there.


(Gabriel GHEORGHIU) #6

Maybe I’m wrong but please read again this:
http://docs.nethserver.org/projects/nethserver-devel/en/v7b/dns.html


(Walter Schoenly) #7

I’m guessing I would love for you to be right, but I’m not seeing anything in there for aliases. Could you quote out what you think the solution is for that one?


(Gabriel GHEORGHIU) #8

If I understand correctly, you need that the DNS to resolve the local hosts.

For this, you will use “Hosts”.
NethServer use Dnsmasq as DNS server to directly resolves all hosts inside its domain.

The config files are here: /etc/e-smith/templates/etc/hosts

To make your settings permanent, you must create custom templates, here: /etc/e-smith/templates-custom

PS

I never did that but from the NS Documentation and from Google Serach, that I have understood.
I’m not a Linux specialist, maybe I’m wrong and I can admit this!

http://bencane.com/2013/10/29/managing-dns-locally-with-etchosts/
http://www.thekelleys.org.uk/dnsmasq/docs/setup.html

and more.


(Filippo Carletti) #9

Admitting that the terminology is debatable, I can’t understand what features are missing.
You need a “generic” DNS record? Use the Hosts tab.
An alias name for NethServer? Use the Alias tab.

I know that CNAMEs would be better, but, apart from more work, you can obtain the same result using A records.

We could run a poll, but I think that the average NS user doesn’t need a full dns resolver.

We could build an optional DNS package. In fact, I built nethserver-unbound, it can easily be extended to serve all domains.

If @Walter_Schoenly (or someone else) want to do at least the analysis phase, I’d help with the code.


(Giacomo Sanchietti) #10

I back Filippo idea: improving unbound.

Replacing dnsmasq is quite hard since is tightly coupled with many packages: https://github.com/search?q=org%3ANethServer+dnsmasq.conf&type=Code


(Walter Schoenly) #11

Yes, I agree. I can get the job done with Standard/Entries. Alias would be a little more future proof. I apologize if I came out a little strong in my initial post. I still believe a full fledged DNS option would be the best option.

I would imagine that Samba 4 would require a stronger DNS option for AD controller, but I guess you have worked those issues out.