5 1 0:Checking DNS Configuration

From SEPsesam


Welcome to the latest SEP sesam documentation version 5.1.0 Apollon. For previous documentation version(s), check documentation archive.


Overview


For smooth installation of SEP sesam backup software in the network, name resolution must work properly. Specify a fully qualified name for each SEP sesam component, e.g., every server and client in network.

When finding a client, the operating system (Windows or Linux) first checks the hosts file for name resolution. Next, the configured DNS server is checked. If the DNS server is misconfigured or missing, the hosts file must be set up correctly to provide DNS. You have to enter the names and addresses of all SEP sesam components: SEP sesam Server, backup clients and machines running the graphical user interface (GUI). You must not remove or modify any existing entry of localhost in your hosts file.

A DNS server is preferred over entries in the hosts files of all devices. A DNS server allows a system-wide solution. All SEP sesam components must have their names and IP addresses (reverse lookup) added to the DNS server.

Certain problems can occur when configuring new clients in SEP sesam if the DNS server is incorrectly configured or missing. SEP sesam needs a correct DNS to work and will not work with just an IP address. All DNS names must be correctly resolved (forward and reverse DNS lookup).

If the DNS server is missing, you will have to use the hosts file of the client and backup server to make systems available via a DNS name. The hosts file can be found in the following locations:

Linux
/etc/hosts
Windows
C:\Windows\system32\drivers\etc\hosts
Note
The hostname of the SEP sesam server may not include an underscore "_" sign. For hostname restrictions, see Restrictions on valid host names.

Tools for checking DNS resolution

Several tools are available to check DNS resolution. However, SEP recommends the use of sm_setup check_resolution.

sm_setup check_resolution (recommended)

The SEP sesam sm_setup tool is part of the SEP sesam Client and Server installation and can be used from the command line to resolve DNS names. Before using this tool, you need to set up a SEP sesam profile as described in FAQ: What happens when I set up a profile?

SEP recommends that you run this command on the backup server AND on the client with the same arguments. It is important that the client and the backup server are resolved correctly.

Syntax
Client:~ # sm_setup check_resolution backupserver
Calling getaddrinfo with 'backupserver'

        Official name: backupserver.sep.de
        IPv4 Address #1: 172.16.1.146

Calling getnameinfo for IP Address #1 '172.16.1.146'

        Official name: backupserver.sep.de
        Alternate name: backupserver
Client:~ # sm_setup check_resolution client
Calling getaddrinfo with 'client'

        Official name: client.sep.de
        IPv4 Address #1: 172.16.1.145

Calling getnameinfo for IP Address #1 '172.16.1.145'

        Official name: client.sep.de
        Alternate name: client


Backupserver:~ # sm_setup check_resolution client
' Calling getaddrinfo with 'client'

        Official name: client.sep.de
        IPv4 Address #1: 172.16.1.145

Calling getnameinfo for IP Address #1 '172.16.1.145'

        Official name: client.sep.de
        Alternate name: client

Backupserver:~ # sm_setup check_resolution backupserver
Calling getaddrinfo with 'backupserver'

        Official name: backupserver.sep.de
        IPv4 Address #1: 172.16.1.146

Calling getnameinfo for IP Address #1 '172.16.1.146'

        Official name: backupserver.sep.de
        Alternate name: backupserver


The returned addresses and hostnames must match. If the reverse resolve returns an official name that is different from the name specified on the command line, problems will occur when backing up the client (see Common error messages).

nslookup (Windows and Linux)

The nslookup tool is a network administration command-line tool for querying the DNS to obtain a hostname or IP address.

It is useful for troubleshooting DNS issues, but not for full hostname resolution as it ignores the hosts file. SEP sesam resolves its hostnames via the "common library function" and first uses the hostname specified in the hosts file of the system. By default, nslookup translates a domain name to an IP address (or vice versa).

Use the nslookup command to check that the name resolution is correct: forward with and without FQDN as well as reverse. Check on the SEP sesam Server AND on the SEP sesam Client. If DNS is not used and the verification done via the etc/hosts file, use ping to check individual clients.

Syntax
       nslookup {client}
       nslookup {IP-Address of client}                         # important reverse lookup
       nslookup {SEPsesam Server name}
       nslookup {IP-Address of SEPsesam Server}                # important reverse lookup

Example: check mysesam name resolution and reverse lookup:

     #>nslookup mysesam
     Server:   dns.domaine.de
     Address:  192.168.1.254
     Name:     mysesam.domaine.de
     Address:  192.168.1.1
     #>nslookup 192.168.1.1
     Server:   dns.domaine.de
     Address:  192.168.1.254
     Name:     mysesam.domaine.de
     Address:  192.168.1.1

host (Linux only)

The host command can also be used to resolve a hostname into an IP address and vice versa. It defaults to the name server configured in /etc/resolv.conf but can also be used with a DNS server as an additional argument. It will query the DNS server of the system first.

Syntax
Client:~ # host backupserver
                     backupserver.sep.de has address 172.16.1.146

Client:~ # host 172.16.1.146
                     146.1.16.172.in-addr.arpa domain name pointer backupserver.sep.de

ping

ping is a network administration software utility used to test the reachability of a destination device on an IP network via ICMP echo request. It is not a suitable tool for checking DNS resolution and will not always be 100% correct. Although ping resolves an IP address, it is not strictly a name server lookup tool and may return a potentially outdated cached result.

In addition, it is not possible to correctly reverse resolve DNS names. For more details, see the ping description on Wikipedia.

Common error messages

The following common error messages indicate that there is a problem with your name resolution:

CLIENT_HOSTNAME: Login to stpd from <CLIENT_HOSTNAME> to <SESAM_SERVER_HOSTNAME> incorrect.
Login incorrect. Client resolves his IP address [X.X.X.X] to [RANDOM_HOSTNAME], but server resolves it to [X.X.X.X]. Please adjust your name resolution.  (0)

In this case, check your name resolution (DNS or etc/hosts file). The SEP sesam Server and the SEP sesam Client must be reachable with or without FQDN and should be able to resolve each other and also themselves correctly, including reverse lookup.

If you have changed an entry in your DNS configuration, but Windows still reports a wrong hostname/IP, try running ipconfig /flushdns as administrator.

See also

Why do I receive the message: "Login incorrect. Password incorrect." during backup?What happens when I set a profile?

Copyright © SEP AG 1999-2024. All rights reserved.
Any form of reproduction of the contents or parts of this manual is allowed only with the express written permission from SEP AG. When compiling and designing user documentation SEP AG uses great diligence and attempts to deliver accurate and correct information. However, SEP AG cannot issue a guarantee for the contents of this manual.