Source:How to check DNS configuration: Difference between revisions
m (Sync with newly set-up wiki) |
(Rewritten.) |
||
| Line 1: | Line 1: | ||
{{Copyright SEP AG en}} | {{Copyright SEP AG en}} | ||
== Overview == | |||
Certain problems may occur when configuring new clients in SEP sesam if the DNS server is misconfigured or missing. SEP sesam needs a proper DNS to work and will not work with an IP address only. All DNS names must be correctly resolved (forward and reverse DNS lookup). | |||
If the DNS server is missing, you will have to use the '''hosts file''' of the client and backup server to make systems available via a DNS name. The hosts file can be found in the following locations: | |||
;Linux | |||
/etc/hosts | /etc/hosts | ||
;Windows | |||
C:\Windows\system32\drivers\etc\hosts | C:\Windows\system32\drivers\etc\hosts | ||
== Tools to check DNS | {{note|The hostname of the SEP sesam server may not include an underscore "_" sign. For hostname restrictions, see [http://en.wikipedia.org/wiki/Hostname#Restrictions_on_valid_host_names Restrictions on valid host names].}} | ||
== Tools to check DNS resolution == | |||
Several tools are available for checking the DNS resolution, however, SEP recommends that you use <tt>sm_setup check_resolution</tt>. | |||
=== <tt>sm_setup check_resolution</tt> === | |||
The SEP sesam <tt>sm_setup</tt> tool is part of the SEP sesam Client and Server installation and can be used from the command line to resolve DNS names. Before using this tool, you will have to set up a SEP sesam profile as described in the FAQ: [[English_FAQ#What_happens_when_I_set_a_profile.3F|What happens when I set a profile?]] | |||
SEP recommends that you run this command on the backup server AND on the client with different arguments. On the backup server, the second argument will be the desired hostname of the client. On the client, the second argument will be the hostname of the backup server. | |||
;Syntax | |||
'''Client''':~ # sm_setup check_resolution '''backupserver''' | |||
Calling gethostbyname with ''''backupserver'''' | |||
Official name: '''backupserver.sep.de''' | |||
Alternate name: backupserver | |||
Address type: AF_INET | |||
Address length: 4 | |||
First IP Address: '''172.16.1.146''' | |||
Calling gethostbyaddr with ''''172.16.1.146'''' | |||
Official name: '''backupserver.sep.de''' | |||
Alternate name: backupserver | |||
Address type: AF_INET | |||
Address length: 4 | |||
First IP Address: '''172.16.1.146''' | |||
'''Backupserver''':~ # sm_setup check_resolution '''client''' | |||
Calling gethostbyname with ''''client'''' | Calling gethostbyname with ''''client'''' | ||
| Line 91: | Line 56: | ||
First IP Address: '''172.16.1.145''' | First IP Address: '''172.16.1.145''' | ||
The returned addresses and hostnames must match. If the reverse resolve returns an ''official name'' that is different from the name specified on the command line, there will be problems with backing up the client (see [[How to check DNS configuration#Common error messages|Common error messages]]). | |||
===<tt>nslookup</tt> (Windows and Linux) === | |||
match. | The <tt>nslookup</tt> tool is a network administration command-line tool for querying the DNS to obtain a hostname or IP address. It is useful for troubleshooting DNS issues but not for full hostname resolution as it ignores the hosts file. SEP sesam resolves its hostnames via "common library function" and will first use the hostname specified in the hosts file of the system. By default, nslookup will translate a domain name to an IP address (or vice versa). | ||
resolve is different from the | |||
Use the <tt>nslookup</tt> command to check if the name resolution ''forward'' with and without FQDN as well as ''reverse'' is correct. Check on the SEP sesam Server AND on the SEP sesam Client. If the DNS is not used and the verification is taking place over the <code>etc/hosts</code> file, use [[How to check DNS configuration#ping|ping]] to verify individual clients. | |||
The | ;Syntax | ||
nslookup {client} | |||
nslookup {IP-Address of client} # important reverse lookup | |||
nslookup {SEPsesam Server name} | |||
nslookup {IP-Address of SEPsesam Server} # important reverse lookup | |||
Example: check ''mysesam'' name resolution and reverse lookup: | |||
#>nslookup mysesam | |||
Server: dns.domaine.de | |||
Address: 192.168.1.254 | |||
Name: mysesam.domaine.de | |||
Address: 192.168.1.1 | |||
#>nslookup 192.168.1.1 | |||
Server: dns.domaine.de | |||
Address: 192.168.1.254 | |||
Name: mysesam.domaine.de | |||
Address: 192.168.1.1 | |||
=== <tt>host</tt> (Linux only) === | |||
The <tt>host</tt> command can also be used to resolve a hostname into an IP address and vice-versa. It defaults to the name server configured in <code>/etc/resolv.conf</code> but can also be used with a DNS server as an additional argument. It will query the DNS server of the system first. | |||
===<tt>ping</tt>=== | |||
<tt>ping</tt> is a network administration software utility used to test the reachability of a destination device on an IP network via ICMP echo request. It is not a proper tool for checking the DNS resolution and will not always be 100% correct. Although ping does resolve an IP address, it is not strictly a name server lookup tool and can return a potentially outdated cached result. In addition, it is not possible to correctly reverse resolve the DNS names. For more details, see [[https://en.wikipedia.org/wiki/Ping_%28networking_utility%29|ping description on Wikipedia]]. | |||
==Common error messages== | |||
The following common error messages indicate that there is a problem with your name resolution: | |||
CLIENT_HOSTNAME: Login to stpd from <CLIENT_HOSTNAME> to <SESAM_SERVER_HOSTNAME> incorrect. | |||
Login incorrect. Client resolves his IP address [X.X.X.X] to [RANDOM_HOSTNAME], but server resolves it to [X.X.X.X]. Please adjust your name resolution. (0) | |||
In such case, resolve your name resolution (DNS or <tt>etc/hosts</tt> file). The SEP sesam Server and SEP sesam Client must be reachable with or without FQDN and should be able to resolve each other correctly, including the reverse lookup. In case you have changed an entry in your DNS configuration, but Windows still reports a wrong hostname/IP, try to run <tt>ipconfig /flushdns</tt> as administrator. | |||
==See also== | |||
[[English_FAQ#Why_do_I_receive_the_message:_.22Login_incorrect._Password_incorrect..22_during_backup.3F|Why do I receive the message: "Login incorrect. Password incorrect." during backup?]] | |||
Revision as of 16:09, 16 May 2016
Overview
Certain problems may occur when configuring new clients in SEP sesam if the DNS server is misconfigured or missing. SEP sesam needs a proper DNS to work and will not work with an IP address only. All DNS names must be correctly resolved (forward and reverse DNS lookup).
If the DNS server is missing, you will have to use the hosts file of the client and backup server to make systems available via a DNS name. The hosts file can be found in the following locations:
- Linux
/etc/hosts
- Windows
C:\Windows\system32\drivers\etc\hosts
|
Note |
| The hostname of the SEP sesam server may not include an underscore "_" sign. For hostname restrictions, see Restrictions on valid host names. |
Tools to check DNS resolution
Several tools are available for checking the DNS resolution, however, SEP recommends that you use sm_setup check_resolution.
sm_setup check_resolution
The SEP sesam sm_setup tool is part of the SEP sesam Client and Server installation and can be used from the command line to resolve DNS names. Before using this tool, you will have to set up a SEP sesam profile as described in the FAQ: What happens when I set a profile?
SEP recommends that you run this command on the backup server AND on the client with different arguments. On the backup server, the second argument will be the desired hostname of the client. On the client, the second argument will be the hostname of the backup server.
- Syntax
Client:~ # sm_setup check_resolution backupserver
Calling gethostbyname with 'backupserver'
Official name: backupserver.sep.de
Alternate name: backupserver
Address type: AF_INET
Address length: 4
First IP Address: 172.16.1.146
Calling gethostbyaddr with '172.16.1.146'
Official name: backupserver.sep.de
Alternate name: backupserver
Address type: AF_INET
Address length: 4
First IP Address: 172.16.1.146
Backupserver:~ # sm_setup check_resolution client
Calling gethostbyname with 'client'
Official name: client.sep.de
Alternate name: client
Address type: AF_INET
Address length: 4
First IP Address: 172.16.1.145
Calling gethostbyaddr with '172.16.1.145'
Official name: client.sep.de
Alternate name: client
Address type: AF_INET
Address length: 4
First IP Address: 172.16.1.145
The returned addresses and hostnames must match. If the reverse resolve returns an official name that is different from the name specified on the command line, there will be problems with backing up the client (see Common error messages).
nslookup (Windows and Linux)
The nslookup tool is a network administration command-line tool for querying the DNS to obtain a hostname or IP address. It is useful for troubleshooting DNS issues but not for full hostname resolution as it ignores the hosts file. SEP sesam resolves its hostnames via "common library function" and will first use the hostname specified in the hosts file of the system. By default, nslookup will translate a domain name to an IP address (or vice versa).
Use the nslookup command to check if the name resolution forward with and without FQDN as well as reverse is correct. Check on the SEP sesam Server AND on the SEP sesam Client. If the DNS is not used and the verification is taking place over the etc/hosts file, use ping to verify individual clients.
- Syntax
nslookup {client}
nslookup {IP-Address of client} # important reverse lookup
nslookup {SEPsesam Server name}
nslookup {IP-Address of SEPsesam Server} # important reverse lookup
Example: check mysesam name resolution and reverse lookup:
#>nslookup mysesam
Server: dns.domaine.de
Address: 192.168.1.254
Name: mysesam.domaine.de
Address: 192.168.1.1
#>nslookup 192.168.1.1
Server: dns.domaine.de
Address: 192.168.1.254
Name: mysesam.domaine.de
Address: 192.168.1.1
host (Linux only)
The host command can also be used to resolve a hostname into an IP address and vice-versa. It defaults to the name server configured in /etc/resolv.conf but can also be used with a DNS server as an additional argument. It will query the DNS server of the system first.
ping
ping is a network administration software utility used to test the reachability of a destination device on an IP network via ICMP echo request. It is not a proper tool for checking the DNS resolution and will not always be 100% correct. Although ping does resolve an IP address, it is not strictly a name server lookup tool and can return a potentially outdated cached result. In addition, it is not possible to correctly reverse resolve the DNS names. For more details, see [description on Wikipedia].
Common error messages
The following common error messages indicate that there is a problem with your name resolution:
CLIENT_HOSTNAME: Login to stpd from <CLIENT_HOSTNAME> to <SESAM_SERVER_HOSTNAME> incorrect.
Login incorrect. Client resolves his IP address [X.X.X.X] to [RANDOM_HOSTNAME], but server resolves it to [X.X.X.X]. Please adjust your name resolution. (0)
In such case, resolve your name resolution (DNS or etc/hosts file). The SEP sesam Server and SEP sesam Client must be reachable with or without FQDN and should be able to resolve each other correctly, including the reverse lookup. In case you have changed an entry in your DNS configuration, but Windows still reports a wrong hostname/IP, try to run ipconfig /flushdns as administrator.
See also
Why do I receive the message: "Login incorrect. Password incorrect." during backup?