Sean O'Neill's Weblog

« OpenDNS - very kewl | Main | OpenDNS: SMF Setup... »
Thursday Jul 26, 2007

OpenDNS - tweak for SunRay at Home Users

In my efforts with trying out OpenDNS, I discovered that my SunRay 2 (which is configured to connect to Sun's internal network) here home suddenly stopped working.  After a little effort with Wireshark, I was able to determine that my introduction of OpenDNS into my internal network configuration was the problem.

The SunRay is configured to try a couple of different hostnames when it boots up.   The way that OpenDNS work is if it can't satisfy a specific DNS query, it supplies a OpenDNS IP address assuming the original request was for a web page (anyone from OpenDNS can reply correcting me obviously).  Assuming the requesting application is a web browser, then the OpenDNS page shown gives suggested alternatives to what the user originally requested and some ads in the right frame of the page (this is how they make money and pay the bills).

The issue is for a SunRay, it needs to try *all* the hostnames it has configured in its PROM and in all the normal combinations that a DNS client will try to resolve a DNS request.  But because OpenDNS replies back with an A record on the first failure, the SunRay just locks up when initializing.

So how to configure my /etc/named.conf file to disable the DNS forwarding configuration I have setup for the .sun.com domain (with a little help from the OpenDNS support folks) ?

Like this:

options {
        directory "/var/named";
        forwarders { 208.67.222.222; 208.67.220.220; };
        forward only;
};

zone "."                        { type hint;    file "db.cache"; };
zone "0.0.127.in-addr.arpa"     { type master;  file "db.127.0.0"; forwarders {}; };
zone "nonroutable.com"          { type master;  file "db.nonroutable"; forwarders {}; };
zone "0.168.192.in-addr.arpa"   { type master;  file "db.192.168.0"; forwarders {}; };
zone "sun.com"                  { type forward; forwarders {}; };

The additional zone entry is for the sun.com DNS domain.  Notice the "type" field for this zone is "forward" and it has the "forwarders {}" option like the others.  This disables DNS forwarding for that domain.  After resetting my named daemon and a power cycle on my SunRay 2, the SunRay booted up just fine and I got my Solaris login screen. 


Posted at 11:05PM Jul 26, 2007 by ldcubed in Other-Than-Solaris  | 

Comments:

Post a Comment:
Comments are closed for this entry.