• Skip to main content

Uly.me

cloud engineer

  • Home
  • About
  • Archives

dns

Generated by NetworkManager

May 27, 2021

If your /etc/resolv.conf keeps getting overwritten, take a look at /etc/NetworkManager/NetworkManager.conf. Set DNS to none.

[main]
dns=none

[main] dns=none

Filed Under: Linux Tagged With: dns, generated, networkmanager, overwritten, resolv.conf

Outbound DNS

August 23, 2019

Here’s a typical setup for an Outbound DNS server.

What are unbound servers? Unbound servers are a validating, recursive and caching DNS server

Install Unbound DNS

yum install unbound

yum install unbound

Configuration: /etc/outbound/outbound.conf

server:
        interface: 0.0.0.0
        access-control: 0.0.0.0/0 allow
        local-zone: "10.in-addr.arpa." nodefault
forward-zone:
        name: "10.in-addr.arpa."
        forward-addr: 169.254.169.253
forward-zone:
        name: "ec2.internal"
        forward-addr: 169.254.169.253
forward-zone:
        name: '.'
        forward-addr: 10.10.10.1
        forward-addr: 10.10.11.2

server: interface: 0.0.0.0 access-control: 0.0.0.0/0 allow local-zone: "10.in-addr.arpa." nodefault forward-zone: name: "10.in-addr.arpa." forward-addr: 169.254.169.253 forward-zone: name: "ec2.internal" forward-addr: 169.254.169.253 forward-zone: name: '.' forward-addr: 10.10.10.1 forward-addr: 10.10.11.2

Unbound Start, Stop, Restart and Status

service outbound start | stop | restart | status

service outbound start | stop | restart | status

Filed Under: Cloud, Linux Tagged With: caching, config, dns, outbound, resolver

Route 53 Policy to Change Records

June 14, 2019

Here’s the IAM policy you’ll need to change Route 53 DNS records. Substitute with your own hosted zone id.

{
   "Statement":[{
      "Effect":"Allow",
      "Action":["route53:ChangeResourceRecordSets"],
      "Resource":"arn:aws:route53:::hostedzone/*HOSTEDZONEID*"
      }
   ],
   "Statement":[{
      "Effect":"Allow",
      "Action":["route53:GetChange"],
      "Resource":"arn:aws:route53:::change/*"
      }
   ]
}

{ "Statement":[{ "Effect":"Allow", "Action":["route53:ChangeResourceRecordSets"], "Resource":"arn:aws:route53:::hostedzone/*HOSTEDZONEID*" } ], "Statement":[{ "Effect":"Allow", "Action":["route53:GetChange"], "Resource":"arn:aws:route53:::change/*" } ] }

Add to policy to a user.

Filed Under: Cloud Tagged With: aws, change, dns, iam, policy, records, route 53

Change DNS Records in Route 53 via CLI

June 14, 2019

How to change DNS records in Route 53 via AWS CLI.

  • Assuming AWS CLI is already configured
  • Uses Route53 change-resource-record-sets to update DNS records
  • Substitute with your own hosted-zone-id
  • Uses JSON files containing record sets
  • See JSON file examples below
cd /path/to/scripts/
# the command to switch to the elb
aws route53 change-resource-record-sets --hosted-zone-id xxxxxxxxxxxxxx --change-batch file://elb.json
# the command to switch to standard site
aws route53 change-resource-record-sets --hosted-zone-id xxxxxxxxxxxxxx --change-batch file://live.json

cd /path/to/scripts/ # the command to switch to the elb aws route53 change-resource-record-sets --hosted-zone-id xxxxxxxxxxxxxx --change-batch file://elb.json # the command to switch to standard site aws route53 change-resource-record-sets --hosted-zone-id xxxxxxxxxxxxxx --change-batch file://live.json

elb.json = points to AWS ELB (elastic load balancer)

{
   "Comment": "back to elb",
   "Changes": [
      {
         "Action": "UPSERT",
         "ResourceRecordSet": {
            "Name": "yourdomain.com",
            "Type": "A",
            "AliasTarget": {
               "HostedZoneId": "xxxxxxxxxxxxxx",
               "EvaluateTargetHealth": false,
               "DNSName": "xxxxxxxxxxxxx.us-east-1.elb.amazonaws.com."
            }
         }
      }
   ]
}

{ "Comment": "back to elb", "Changes": [ { "Action": "UPSERT", "ResourceRecordSet": { "Name": "yourdomain.com", "Type": "A", "AliasTarget": { "HostedZoneId": "xxxxxxxxxxxxxx", "EvaluateTargetHealth": false, "DNSName": "xxxxxxxxxxxxx.us-east-1.elb.amazonaws.com." } } } ] }

live.json = points to your standard site. Value is your IP Address.

{
   "Comment": "back to live",
   "Changes": [
      {
         "Action": "UPSERT",
         "ResourceRecordSet": {
            "Name": "yourdomain.com",
            "Type": "A",
            "TTL": 60,
            "ResourceRecords": [
               {
                  "Value": "xxx.xxx.xxx.xxx"
               }
            ]
         }
      }
   ]
}

{ "Comment": "back to live", "Changes": [ { "Action": "UPSERT", "ResourceRecordSet": { "Name": "yourdomain.com", "Type": "A", "TTL": 60, "ResourceRecords": [ { "Value": "xxx.xxx.xxx.xxx" } ] } } ] }

Filed Under: Cloud Tagged With: change, cli, dns, domains, elb, json, records, route 53

Resolv.conf

January 7, 2019

Resolv.conf is a computer file used by various operating systems as a DNS resolver. The file is in plain text. It’s usually generated by the system administrator or a network program. The file is located in the /etc/ directory and contains the search domain as well a list of nameservers.

Here’s an example of the /etc/resolv.conf file.

search domain.com local.lan
nameserver 1.1.1.1
nameserver 8.8.8.8
nameserver 9.9.9.9

search domain.com local.lan nameserver 1.1.1.1 nameserver 8.8.8.8 nameserver 9.9.9.9

If you have problems resolving domain names, check this file first.

Filed Under: Linux Tagged With: dns, nameservers, network, resolv.conf

Failover Test

June 24, 2018

How to failover a website without actually doing a failover? It’s actually easier than you think. The key is to trick your computer that it’s pointing to a failover website. You can easily do this by editing your hosts file and adding a DNS entry. In both Linux and MacOS, you can edit the /etc/hosts file and add the failover site like the following below.

# /etc/hosts
# failover site
# xxx.xxx.xxx.xxx   yourdomain.com

# /etc/hosts # failover site # xxx.xxx.xxx.xxx yourdomain.com

xxx.xxx.xxx.xxx is the IP address of your failover site.
If you need to test the failover site, just uncomment the IP address.
Replace a comment if you’re done testing.

Filed Under: Cloud, Linux Tagged With: dns, hosts

Choosing DNS Servers

June 28, 2013

Every once in a while (it doesn’t happen very often) DNS servers would stop resolving certain domains causing intermittent issues when accessing the Internet. To solve the DNS issues, I often switch DNS servers on my main router. Changing DNS servers may require rebooting your router.

So, here’s a list of DNS servers you could use on your router, in case the current DNS servers you are using is having problems. I primarily use OpenDNS and Google DNS servers, but others DNS servers are reliable as well.

OpenDNS

208.67.222.222 Primary
208.67.220.220 Secondary

208.67.222.222 Primary 208.67.220.220 Secondary

Google

8.8.8.8 Primary
8.8.4.4 Secondary

8.8.8.8 Primary 8.8.4.4 Secondary

Comcast

75.75.75.75 Primary
75.75.76.76 Secondary

75.75.75.75 Primary 75.75.76.76 Secondary

AT&T DSL

68.94.156.1 Primary
68.94.157.1 Secondary

68.94.156.1 Primary 68.94.157.1 Secondary

UltraDNS

156.154.70.1 Primary
156.154.71.1 Secondary

156.154.70.1 Primary 156.154.71.1 Secondary

ScrubIt

67.138.54.100 Primary
207.225.209.66 Secondary

67.138.54.100 Primary 207.225.209.66 Secondary

DNSResolvers

205.210.42.205 Primary
64.68.200.200 Secondary

205.210.42.205 Primary 64.68.200.200 Secondary

Filed Under: Linux Tagged With: dns, network, router

  • Home
  • About
  • Archives

Copyright © 2023