Solaris DNS Config

A DNS Client service is a component that resolves and caches Domain Name System (DNS) domain names. When the DNS Client service receives a request from the user or from a whatever process to resolve a DNS name that it does not contain in its cache, it queries an assigned DNS server on port 53 for an IP address corresponding to that name. If the DNS Client service receives the requested address, it stores the name and address in its cache to resolve future requests without having to query the DNS server.

All systems that use DNS to resolve domain names (including DNS servers and domain controllers) use the DNS Client service for this purpose and Solaris makes no difference. If you want to enable this feature, you must follow the following steps.

Configuration

1) Login as “root” user:

# su - root

2) Edit file /etc/nsswitch.conf, specifying the sequence through which the operating system has to resolve DNS names, as follows:

# vi /etc/nsswitch.conf
  hosts: files dns

It’s very important that tag “files” remains first, otherwise you may invalidate the boot of your machine!

3) Create a file named /etc/resolv.conf, specifying the membership domains of your host (which will also become the reference domains used to carry out searches) followed by IP address of your DNS servers:

# vi /etc/resolv.conf
  search domain1 domain2 domain3
  nameserver primaryIP
  nameserver secondaryIP

For example:

# vi /etc/resolv.conf
  search lucamerello.wordpress.org lucamerello.org lucamerello.com
  nameserver 192.168.0.1
  nameserver 192.168.0.2

4) Finally, enable DNS Client service:

# svcadm enable svc:/network/dns/client:default

and verify its status and log:

# svcs -x svc:/network/dns/client:default
  svc:/network/dns/client:default (DNS resolver)
  State: online since May 2, 2014 12:35:45 PM CEST
  See: man -M /usr/share/man -s 3RESOLV resolver
  See: /var/svc/log/network-dns-client:default.log
  Impact: None.

Test

At this point, it’s time to interrogate DNS servers and perform DNS lookups in order to test previous configuration.

1) Run a query to obtain an IP address for a resource named hostname:

# dig hostname +search

where the +search option forces the use (not enabled by default) of the DNS domains list defined by the “search” tag in /etc/resolv.conf. Otherwise, if you don’t want to add this option, you’re required to highlight the domain membership of hostname:

# dig hostname.domain

2) Accomplish a reverse lookup (i.e. mapping IP addresses to DNS names), looking for the DNS name of address:

# dig -x address

Troubleshooting

If you had any trouble during configuration, you can disable the service, make corrections and then re-enable it:

# svcadm disable svc:/network/dns/client:default
# svcadm enable svc:/network/dns/client:default

Moreover, if DNS name resolution gives unexpected results, you can try to fix it cleaning up your cache:

# /usr/sbin/nscd -i hosts

or checking its use statistics:

# /usr/sbin/nscd -g