Source:How to check DNS configuration: Difference between revisions

From SEPsesam
(Fixed formatting.)
(27 intermediate revisions by 5 users not shown)
Line 1: Line 1:
= How to check DNS configuration =
<translate><!--T:1-->
<noinclude><div class="noprint"><languages />


== General ==
<!--T:35-->
{{Copyright SEP AG|en}}
{{Navigation_latest|release=[[Special:MyLanguage/SEP_sesam_Release_Versions|4.4.3/4.4.3 ''Beefalo V2'']]|link=[[Special:MyLanguage/SEP_sesam_Documentation#previous|documentation archive]]}}</div>
</translate><br />


Most of our customers face problems while configuring new clients. Often the source of the problems are misconfigured
</noinclude><translate>==={{anchor|overview}}Overview=== <!--T:2--></translate>
DNS Servers, or no functional DNS at all. This document describes how to use Sesam with DNS names and how to check
<noinclude><div class="boilerplate metadata" id="Additional resources" style="background-color:#ecedf1; color:#8695a7; border: 1px ridge #cdd3db; margin: 0.5em; padding: 0.5em; float: right; width: 35%; "><center><b><translate><!--T:3-->
wether if your DNS configuration is OK.
Additional resources</translate></b></center>
{|style="margin: auto; margin-bottom:1em; width:100%; border:0px solid grey;"
| rowspan="2" style="padding:0px 10px 0px;" | <translate>
<!--T:4-->
[[File:SEP_next.png|45px|link=Special:MyLanguage/SEP_Sesam_CLI]]</translate>
| style="padding:0px 40px 0px 10px; color: grey; font-size: 90%; text-align:left;" | <translate><!--T:5-->
See also: [[Special:MyLanguage/FAQ#name_resolution|Why do I receive the message: "Login incorrect. Password incorrect." during backup?]] – [[Special:MyLanguage/FAQ#profile_setting|What happens when I set a profile?]]</translate>


== Requirements and Rules ==
|}
{|style="margin: auto; margin-bottom:1em; width:100%; border:0px solid grey;"
| rowspan="2" style="padding:0px 10px 0px;" | <translate>
<!--T:6-->
[[File:SEP Troubleshooting.png|45px|link=Special:MyLanguage/Troubleshooting_Guide|Troubleshooting Guide]]</translate>
| style="padding:0px 40px 0px 10px; color: grey; font-size: 90%; text-align:left;" | <translate><!--T:7-->
Problems? See the [[Special:MyLanguage/Troubleshooting_Guide|Troubleshooting Guide]]</translate>


* Sesam needs a propper DNS to work, it will NOT work with IP Adresses
|}</div></noinclude>
* All DNS Names have to correctly resolve forward and reverse
<translate><!--T:8-->
* If no DNS Server is available, the hosts file of the client and backup server have to be used for making systems available via DNS name
Certain problems may occur when configuring new clients in SEP sesam if the DNS server is misconfigured or missing. SEP sesam needs a proper DNS to work and will not work with an IP address only. All DNS names must be correctly resolved (forward and reverse DNS lookup).
* The Hostname of the Sesam server is not allowed to include a underscore "_" sign (see: wikipedia: [http://en.wikipedia.org/wiki/Hostname#Restrictions_on_valid_host_names])


== Configuration ==
<!--T:9-->
If the DNS server is missing, you will have to use the '''hosts file''' of the client and backup server to make systems available via a DNS name. The hosts file can be found in the following locations:</translate>


=== Common Error Messages ===
;Linux
/etc/hosts


There are some common error messages which are an indication for errors in your name resolution:
;Windows
C:\Windows\system32\drivers\etc\hosts


CLIENT_HOSTNAME: Login to stpd from <CLIENT_HOSTNAME> to <SESAM_SERVER_HOSTNAME> incorrect.
<translate><!--T:10-->
{{note|The hostname of the SEP sesam server may not include an underscore "_" sign. For hostname restrictions, see [http://en.wikipedia.org/wiki/Hostname#Restrictions_on_valid_host_names Restrictions on valid host names].}}</translate>
 
<translate>=== {{anchor|tools}}Tools to check DNS resolution === <!--T:11--></translate>  
<translate><!--T:12-->
Several tools are available for checking the DNS resolution, however, SEP recommends that you use <tt>sm_setup check_resolution</tt>.</translate>


Login incorrect. Client resolves his IP address [X.X.X.X] to [RANDOM_HOSTNAME], but server resolves it to [X.X.X.X]. Please adjust your name resolution.  (0)
<translate>==== {{anchor|sm_setup_check}}<tt>sm_setup check_resolution (recommended)</tt> ==== <!--T:13--></translate>
<translate><!--T:14-->
The SEP sesam <tt>sm_setup</tt> tool is part of the SEP sesam Client and Server installation and can be used from the command line to resolve DNS names. Before using this tool, you will have to set up a SEP sesam profile as described in the FAQ: [[Special:MyLanguage/FAQ#profile_setting|What happens when I set a profile?]]


=== Hosts Files ===
<!--T:15-->
SEP recommends that you run this command on the backup server AND on the client with same arguments. It's important that the client and the backup server resolving themself correct.


==== Linux ====
<!--T:16-->
;Syntax</translate>
'''Client''':~ # sm_setup check_resolution '''backupserver'''
Calling getaddrinfo with ''''backupserver''''
        Official name: '''backupserver.sep.de'''
        IPv4 Address #1: '''172.16.1.146'''
Calling getnameinfo for IP Address #1 ''''172.16.1.146''''
        Official name: '''backupserver.sep.de'''
        Alternate name: backupserver


If an hosts file has to be used because of no proper DNS server, the file on the system is placed
'''Client''':~ # sm_setup check_resolution '''client'''
in:
Calling getaddrinfo with ''''client''''
        Official name: '''client.sep.de'''
        IPv4 Address #1: '''172.16.1.145'''
Calling getnameinfo for IP Address #1 ''''172.16.1.145''''
        Official name: '''client.sep.de'''
        Alternate name: client
<br>
'''Backupserver''':~ # sm_setup check_resolution '''client'''
' Calling getaddrinfo with ''''client''''
        Official name: '''client.sep.de'''
        IPv4 Address #1: '''172.16.1.145'''
Calling getnameinfo for IP Address #1 ''''172.16.1.145''''
        Official name: '''client.sep.de'''
        Alternate name: client


  /etc/hosts
  '''Backupserver''':~ # sm_setup check_resolution '''backupserver'''
Calling getaddrinfo with ''''backupserver''''
        Official name: '''backupserver.sep.de'''
        IPv4 Address #1: '''172.16.1.146'''
Calling getnameinfo for IP Address #1 ''''172.16.1.146''''
        Official name: '''backupserver.sep.de'''
        Alternate name: backupserver
 
 
<translate><!--T:17-->
The returned addresses and hostnames must match. If the reverse resolve returns an ''official name'' that is different from the name specified on the command line, there will be problems with backing up the client (see [[Special:MyLanguage/How to check DNS configuration#Common error messages|Common error messages]]).</translate>


==== Windows ====
<translate>===={{anchor|nslookup}}<tt>nslookup</tt> (Windows and Linux) ==== <!--T:18--></translate>
<translate><!--T:19-->
The <tt>nslookup</tt> tool is a network administration command-line tool for querying the DNS to obtain a hostname or IP address.


If you want to use a hosts file on windows Systems for working around DNS problems, the
<!--T:20-->
file can be found in:
It is useful for troubleshooting DNS issues but not for full hostname resolution as it ignores the hosts file. SEP sesam resolves its hostnames via "common library function" and will first use the hostname specified in the hosts file of the system. By default, nslookup will translate a domain name to an IP address (or vice versa).


C:\Windows\system32\drivers\etc\hosts
<!--T:21-->
Use the <tt>nslookup</tt> command to check if the name resolution ''forward'' with and without FQDN as well as ''reverse'' is correct. Check on the SEP sesam Server AND on the SEP sesam Client. If the DNS is not used and the verification is taking place over the <code>etc/hosts</code> file, use [[Special:MyLanguage/How to check DNS configuration#ping|ping]] to verify individual clients.


=== Tools to check DNS Resolution ===
<!--T:22-->
;Syntax</translate>
        nslookup {client}
        nslookup {IP-Address of client}                        # important reverse lookup
        nslookup {SEPsesam Server name}
        nslookup {IP-Address of SEPsesam Server}                # important reverse lookup


There are various tools which can be used to check the DNS resolution, they have up and downsides.
<translate><!--T:23-->
The recommended way to check your dns configuration is to use [[How_to_check_DNS_configuration#sm_setup_check_resolution_.28recommended.29]]
Example: check ''mysesam'' name resolution and reverse lookup:</translate>


==== ping ====
      #>nslookup mysesam
      Server:  dns.domaine.de
      Address:  192.168.1.254


ping is not a proper tool to check DNS resolution, it will not allways be 100% correct. It is
      Name:    mysesam.domaine.de
also not possible to correctly reverse resolve the DNS names.
      Address:  192.168.1.1


==== nslookup (windows and linux) ====
      #>nslookup 192.168.1.1
      Server:  dns.domaine.de
      Address:  192.168.1.254


This tool can be used to query and existing DNS Server for a certain hostname or ip address. It
      Name:    mysesam.domaine.de
will NOT check the hosts file of the System. As such, you may get different results if you choose
      Address:  192.168.1.1
to use nslookup. Sesam resolves its hostnames via common library function and will first use
the hostname specified in the hostsfile of the system.


==== host (linux only) ====
<translate>==== {{anchor|host}}<tt>host</tt> (Linux only) ==== <!--T:24--></translate>
<translate><!--T:25-->
The <tt>host</tt> command can also be used to resolve a hostname into an IP address and vice-versa. It defaults to the name server configured in <code>/etc/resolv.conf</code> but can also be used with a DNS server as an additional argument. It will query the DNS server of the system first.


As nslookup, host can be used to forward and reverse resolve hostnames and ip adresses. It
<!--T:26-->
defaults to the DNS server configured in /etc/resolv.conf but can also be used wit a certain
;Syntax</translate>
DNS Server as additional argument. It will query the DNS Server of the System first.
'''Client''':~ # host '''backupserver'''
                      backupserver.sep.de has address '''172.16.1.146'''


==== sm_setup check_resolution (recommended) ====
'''Client''':~ # host '''172.16.1.146'''
                      146.1.16.172.in-addr.arpa domain name pointer '''backupserver.sep.de'''


This is the recommended way to check your DNS Resolution. Both client and backup servers
<translate>===={{anchor|ping}}<tt>ping</tt>==== <!--T:27--></translate>
come with the sesam tool "sm_setup" installed. It can be used to forward and reverse resolve
<translate><!--T:28-->
DNS names from the Command Line.
<tt>ping</tt> is a network administration software utility used to test the reachability of a destination device on an IP network via ICMP echo request. It is not a proper tool for checking the DNS resolution and will not always be 100% correct. Although ping does resolve an IP address, it is not strictly a name server lookup tool and can return a potentially outdated cached result.  


Before you can use this tool, be sure to execute the Sesam Profile like shown in this
<!--T:29-->
FAQ entry:
In addition, it is not possible to correctly reverse resolve the DNS names. For more details, see [https://en.wikipedia.org/wiki/Ping_%28networking_utility%29 ping description on Wikipedia].


[[English_FAQ#A_support_staff_member_told_me_to_set_a_profile.2C_what_does_he_mean.3F]]
=== {{anchor|messages}}Common error messages=== <!--T:30--></translate>
<translate><!--T:31-->
The following common error messages indicate that there is a problem with your name resolution:</translate>


It is recommended to run this command on the backup server AND on the client with different
CLIENT_HOSTNAME: Login to stpd from <CLIENT_HOSTNAME> to <SESAM_SERVER_HOSTNAME> incorrect.
arguments. On the backup server, the second argument will be the desired hostname of the
client. If executing the command at the client, the second argument will be the hostname
of the backup server.


The output of the command looks like this:
Login incorrect. Client resolves his IP address [X.X.X.X] to [RANDOM_HOSTNAME], but server resolves it to [X.X.X.X]. Please adjust your name resolution.  (0)


backup_server:~ # sm_setup check_resolution '''client'''
<translate><!--T:32-->
Calling gethostbyname with ' '''client''' '
In such case, check your name resolution (DNS or <tt>etc/hosts</tt> file). The SEP sesam Server and SEP sesam Client must be reachable with or without FQDN and should be able to resolve each other and also itself correctly, including the reverse lookup.  
        Official name: '''client.sep.de'''
        Address type: AF_INET
        Address length: 4
        First IP Address: '''172.16.1.145'''
Calling gethostbyaddr with ''''172.16.1.145''''
        Official name: '''client.sep.de'''
        Address type: AF_INET
        Address length: 4
        First IP Address: '''172.16.1.145'''


As you can see the command will output the forward and reverse resolved hostname
<!--T:33-->
of the system. Both the addresses and hostnames which are returned have to
In case you have changed an entry in your DNS configuration, but Windows still reports a wrong hostname/IP, try to run <tt>ipconfig /flushdns</tt> as administrator.</translate>
match. For example if the Official name which is returned from the reverse
resolve is different from the on specified on the command line, this will
result in problems backing up the client (see [Common Error Messages])
The same values have to match on the client for the hostname of the backup
server:


client:~ # sm_setup check_resolution backup_server
<translate><div class="noprint"><noinclude>
Calling gethostbyname with 'backup_server'
=== See also=== <!--T:34-->
[[Special:MyLanguage/FAQ#name_resolution|Why do I receive the message: "Login incorrect. Password incorrect." during backup?]] – [[Special:MyLanguage/FAQ#profile_setting|What happens when I set a profile?]]</noinclude></div></translate>
        Official name: backup_server.sep.de
        Address type: AF_INET
        Address length: 4
        First IP Address: 172.16.1.146
Calling gethostbyaddr with '172.16.1.146'
        Official name: backup_server.sep.de
        Address type: AF_INET
        Address length: 4
        First IP Address: 172.16.1.146

Revision as of 16:12, 6 August 2020

Other languages:

Copyright © SEP AG 1999-2024. All rights reserved.

Any form of reproduction of the contents or parts of this manual is allowed only with the express written permission from SEP AG. When compiling and designing user documentation SEP AG uses great diligence and attempts to deliver accurate and correct information. However, SEP AG cannot issue a guarantee for the contents of this manual.

Docs latest icon.png Welcome to the latest SEP sesam documentation version 4.4.3/4.4.3 Beefalo V2. For previous documentation version(s), check documentation archive.


Overview

Certain problems may occur when configuring new clients in SEP sesam if the DNS server is misconfigured or missing. SEP sesam needs a proper DNS to work and will not work with an IP address only. All DNS names must be correctly resolved (forward and reverse DNS lookup).

If the DNS server is missing, you will have to use the hosts file of the client and backup server to make systems available via a DNS name. The hosts file can be found in the following locations:

Linux
/etc/hosts
Windows
C:\Windows\system32\drivers\etc\hosts
Information sign.png Note
The hostname of the SEP sesam server may not include an underscore "_" sign. For hostname restrictions, see Restrictions on valid host names.

Tools to check DNS resolution

Several tools are available for checking the DNS resolution, however, SEP recommends that you use sm_setup check_resolution.

sm_setup check_resolution (recommended)

The SEP sesam sm_setup tool is part of the SEP sesam Client and Server installation and can be used from the command line to resolve DNS names. Before using this tool, you will have to set up a SEP sesam profile as described in the FAQ: What happens when I set a profile?

SEP recommends that you run this command on the backup server AND on the client with same arguments. It's important that the client and the backup server resolving themself correct.

Syntax
Client:~ # sm_setup check_resolution backupserver
Calling getaddrinfo with 'backupserver'

        Official name: backupserver.sep.de
        IPv4 Address #1: 172.16.1.146

Calling getnameinfo for IP Address #1 '172.16.1.146'

        Official name: backupserver.sep.de
        Alternate name: backupserver
Client:~ # sm_setup check_resolution client
Calling getaddrinfo with 'client'

        Official name: client.sep.de
        IPv4 Address #1: 172.16.1.145

Calling getnameinfo for IP Address #1 '172.16.1.145'

        Official name: client.sep.de
        Alternate name: client


Backupserver:~ # sm_setup check_resolution client
' Calling getaddrinfo with 'client'

        Official name: client.sep.de
        IPv4 Address #1: 172.16.1.145

Calling getnameinfo for IP Address #1 '172.16.1.145'

        Official name: client.sep.de
        Alternate name: client

Backupserver:~ # sm_setup check_resolution backupserver
Calling getaddrinfo with 'backupserver'

        Official name: backupserver.sep.de
        IPv4 Address #1: 172.16.1.146

Calling getnameinfo for IP Address #1 '172.16.1.146'

        Official name: backupserver.sep.de
        Alternate name: backupserver


The returned addresses and hostnames must match. If the reverse resolve returns an official name that is different from the name specified on the command line, there will be problems with backing up the client (see Common error messages).

nslookup (Windows and Linux)

The nslookup tool is a network administration command-line tool for querying the DNS to obtain a hostname or IP address.

It is useful for troubleshooting DNS issues but not for full hostname resolution as it ignores the hosts file. SEP sesam resolves its hostnames via "common library function" and will first use the hostname specified in the hosts file of the system. By default, nslookup will translate a domain name to an IP address (or vice versa).

Use the nslookup command to check if the name resolution forward with and without FQDN as well as reverse is correct. Check on the SEP sesam Server AND on the SEP sesam Client. If the DNS is not used and the verification is taking place over the etc/hosts file, use ping to verify individual clients.

Syntax
       nslookup {client}
       nslookup {IP-Address of client}                         # important reverse lookup
       nslookup {SEPsesam Server name}
       nslookup {IP-Address of SEPsesam Server}                # important reverse lookup

Example: check mysesam name resolution and reverse lookup:

     #>nslookup mysesam
     Server:   dns.domaine.de
     Address:  192.168.1.254
     Name:     mysesam.domaine.de
     Address:  192.168.1.1
     #>nslookup 192.168.1.1
     Server:   dns.domaine.de
     Address:  192.168.1.254
     Name:     mysesam.domaine.de
     Address:  192.168.1.1

host (Linux only)

The host command can also be used to resolve a hostname into an IP address and vice-versa. It defaults to the name server configured in /etc/resolv.conf but can also be used with a DNS server as an additional argument. It will query the DNS server of the system first.

Syntax
Client:~ # host backupserver
                     backupserver.sep.de has address 172.16.1.146

Client:~ # host 172.16.1.146
                     146.1.16.172.in-addr.arpa domain name pointer backupserver.sep.de

ping

ping is a network administration software utility used to test the reachability of a destination device on an IP network via ICMP echo request. It is not a proper tool for checking the DNS resolution and will not always be 100% correct. Although ping does resolve an IP address, it is not strictly a name server lookup tool and can return a potentially outdated cached result.

In addition, it is not possible to correctly reverse resolve the DNS names. For more details, see ping description on Wikipedia.

Common error messages

The following common error messages indicate that there is a problem with your name resolution:

CLIENT_HOSTNAME: Login to stpd from <CLIENT_HOSTNAME> to <SESAM_SERVER_HOSTNAME> incorrect.
Login incorrect. Client resolves his IP address [X.X.X.X] to [RANDOM_HOSTNAME], but server resolves it to [X.X.X.X]. Please adjust your name resolution.  (0)

In such case, check your name resolution (DNS or etc/hosts file). The SEP sesam Server and SEP sesam Client must be reachable with or without FQDN and should be able to resolve each other and also itself correctly, including the reverse lookup.

In case you have changed an entry in your DNS configuration, but Windows still reports a wrong hostname/IP, try to run ipconfig /flushdns as administrator.