zparsons Posted July 1, 2016 Posted July 1, 2016 My network supports multiple DNS servers. This permits DNS resolution to fall back to a secondary server if the primary server is down. My DHCP server broadcasts both the primary and secondary servers to clients. This is a standard configuration of DHCP option 6 (RFC 2132) which carries the IP address(es) of the DNS servers that the client uses for name resolution. Nearly every device on my network understands this configuration and handles it correctly, except for my ISY. I can not specify more than one DNS server manually in the ISY network configuration, and (when using DHCP) it appears that the ISY ignores all DHCP option 6 entries other than the first. I use a large number of ISY network resources to tie my Insteon light switches to Hue lightbulbs via the Hue bridge APIs. The network resources use local network addresses that the ISY must resolve via DNS. This means that the majority of the light switches in my home stop working when the ISY can't perform a DNS query. Thus I would really like the ISY to handle fallback to a secondary DNS server if the primary is unreachable, just like most network devices do. Thanks.
elvisimprsntr Posted July 1, 2016 Posted July 1, 2016 If your router supports DNSMasq, then you don't need multiple DNS server entries in ANY client. Simply enable DNSMasq in your router, then set the DNS entry in the client to the IP address of your router if using a static IP address in your client. If you reserve a static lease in your router for each client MAC address and use DHCP, the client will automatically retrieve the IP address of the router as the DNS entry. If you router does not support DNSMasq, then get one that does or flash open source firmware (if you own your router) from DD-WRT or OpenWRT
Michel Kohanim Posted July 1, 2016 Posted July 1, 2016 Hi zparsons, We will definitely look into adding support for multiple DNS. This said, local IP addresses do NOT use DNS in ISY: they use direct IP unless it's name. Are you using names for local resources? With kind regards, Michel
G W Posted July 1, 2016 Posted July 1, 2016 My network supports multiple DNS servers. This permits DNS resolution to fall back to a secondary server if the primary server is down. My DHCP server broadcasts both the primary and secondary servers to clients. This is a standard configuration of DHCP option 6 (RFC 2132) which carries the IP address(es) of the DNS servers that the client uses for name resolution. Nearly every device on my network understands this configuration and handles it correctly, except for my ISY. I can not specify more than one DNS server manually in the ISY network configuration, and (when using DHCP) it appears that the ISY ignores all DHCP option 6 entries other than the first. I use a large number of ISY network resources to tie my Insteon light switches to Hue lightbulbs via the Hue bridge APIs. The network resources use local network addresses that the ISY must resolve via DNS. This means that the majority of the light switches in my home stop working when the ISY can't perform a DNS query. Thus I would really like the ISY to handle fallback to a secondary DNS server if the primary is unreachable, just like most network devices do. Thanks. You know just enough to be dangerous. Your internal devices, such as the ISY, should point to your router and the router will handle the DNS look-up for multiple DNS servers. Best regards, Gary Funk
zparsons Posted July 1, 2016 Author Posted July 1, 2016 Hi zparsons, We will definitely look into adding support for multiple DNS. This said, local IP addresses do NOT use DNS in ISY: they use direct IP unless it's name. Are you using names for local resources? With kind regards, Michel Hi Michel, Thanks for getting back to me so quickly. I'm sorry if I wasn't clear in my original post. It's probably easiest to imagine that my home network is more like a small corporate environment than a standard home network. My local network has local DNS servers that I use to maintain authoritative internal records for the various devices in my home. I have 80 some-odd static reservations on my internal network so having local DNS is handy way to work with them. So, for example, if I want to talk to the Hue bridge in the master bedroom I *could* refer to it as 192.168.11.65 but instead I refer to it as hue-1.dalocal.net. This is incredibly handy when I want to move things around since I can just update the A records in one place and everything else just works. This is why my network resources refer to hosts by name rather than IP address. Here is a screenshot of a resource that turns off a light in the bedroom, note the host field: https://www.dropbox.com/s/23qh61x46jp1mml/Screen%20Shot%202016-07-01%20at%209.09.06%20AM.png Within my local network I have two local DNS servers (a master and a secondary). When I work on the master I occasionally need to take it down. When it is down, my ISY can't resolve hue-1.dalocal.net and this resource (and all the others) won't work. Ideally in this situation the ISY would (like most devices) fall back to the secondary DNS server and use it to resolve hue-1.dalocal.net instead. I realize this is probably an edge case since I suspect few of your users have network environments as complicated as mine and, even for me, it is only an issue occasionally. However, I figured since it was standard behavior for so many devices it might be relatively easy for your team to add this feature in. Thanks for all your support, and for making such an excellent product. -Zac Edit: It looks like this feature request would also help with skydvrz's issue as described in http://forum.universal-devices.com/topic/14450-isy-994-dns-error/ so maybe I am not the only one who could use this.
zparsons Posted July 1, 2016 Author Posted July 1, 2016 If your router supports DNSMasq, then you don't need multiple DNS server entries in ANY client. Simply enable DNSMasq in your router, then set the DNS entry in the client to the IP address of your router if using a static IP address in your client. If you reserve a static lease in your router for each client MAC address and use DHCP, the client will automatically retrieve the IP address of the router as the DNS entry. If you router does not support DNSMasq, then get one that does or flash open source firmware (if you own your router) from DD-WRT or OpenWRT Thanks Elvis Impersonator, The problem is not that I lack a DNS server, in fact I have two. I run BIND 9 on a little Ubuntu server in my basement rack, which is authoritative for my internal network and caches for everything else. I also run a secondary DNS server (hooray for zone transfers) to handle requests if my primary is not available. My issue is that the ISY only stores one DNS server entry so it can't fall back to the secondary if I'm fiddling with the primary. -Zac
zparsons Posted July 1, 2016 Author Posted July 1, 2016 You know just enough to be dangerous. Your internal devices, such as the ISY, should point to your router and the router will handle the DNS look-up for multiple DNS servers. Best regards, Gary Funk Hi Gary, I fear that I know even more than just enough to be dangerous. I'm not talking about recursive DNS resolution outside my network, I'm talking about authoritative resolution inside of my network. See my other posts for details. Thanks. -Zac
Michel Kohanim Posted July 1, 2016 Posted July 1, 2016 Hi Zac, Thanks so very much for the details. I got it now. We'll take a look and see how easy it would be to support multiple DNS. With kind regards, Michel
zparsons Posted July 1, 2016 Author Posted July 1, 2016 Hi Zac, Thanks so very much for the details. I got it now. We'll take a look and see how easy it would be to support multiple DNS. With kind regards, Michel Thank you so much Michel. I am always blown away by how great your customer support is. -Zac
G W Posted July 1, 2016 Posted July 1, 2016 Hi Gary, I fear that I know even more than just enough to be dangerous. I'm not talking about recursive DNS resolution outside my network, I'm talking about authoritative resolution inside of my network. See my other posts for details. Thanks. -Zac Again, this is something best handled at the router. Your router will handle this in the most effective way. Best regards, Gary Funk
Michel Kohanim Posted July 1, 2016 Posted July 1, 2016 Hi Zac, Thanks so very much. Took a quick look and it would require major regression testing to support DHCP with multiple DNS support. This said, a possible compromise might be to add a secondary DNS in the configuration screen. So, regardless of whether or not ISY is configured with DHCP, ISY can try the secondary DNS if the first fails. This approach does not require major regression testing. Please do let me know whether or not this approach would address your requirement. With kind regards, Michel
G W Posted July 1, 2016 Posted July 1, 2016 Michel, I won't pretend to speak for Zac, but that would go a long way in solving a problem. If you decide to do this, please consider a check box to indicate, Do not use DHCP DNS and add fields for two IP addresses. Best regards, Gary Funk
zparsons Posted July 1, 2016 Author Posted July 1, 2016 Hi Zac, Thanks so very much. Took a quick look and it would require major regression testing to support DHCP with multiple DNS support. This said, a possible compromise might be to add a secondary DNS in the configuration screen. So, regardless of whether or not ISY is configured with DHCP, ISY can try the secondary DNS if the first fails. This approach does not require major regression testing. Please do let me know whether or not this approach would address your requirement. With kind regards, Michel Hi Michel, Thanks for checking into this so quickly. While obviously I would prefer the convenience of having the DNS configuration set by the DHCP options, having a static configuration option for a fail-over secondary DNS server would certainly meet my needs. -Zac
Michel Kohanim Posted July 1, 2016 Posted July 1, 2016 Hi Gary, Thank you. Hi Zac, thank you for the feedback. If you are not in a rush, we can definitely include DHCP it in 5.0.x since we will have to do regression testing anyway (my preference). With kind regards, Michel
MWareman Posted July 1, 2016 Posted July 1, 2016 Again, this is something best handled at the router. Your router will handle this in the most effective way. Best regards, Gary Funk Generally, I agree. However, if using names internally I don't want name resolution dependant on my router. I have two internal bind9 servers (on RPIs) handling my internal name resolution, and it certainly would be better if ISY could use both of them (I hadn't noticed that it wasn't!) Michael.
MWareman Posted July 1, 2016 Posted July 1, 2016 This said, a possible compromise might be to add a secondary DNS in the configuration screen. So, regardless of whether or not ISY is configured with DHCP, ISY can try the secondary DNS if the first fails. This approach does not require major regression testing. Please do let me know whether or not this approach would address your requirement. With kind regards, Michel Michel, This works for me (even though it wasn't directed at me!). That said, will we be able to specify primary and secondary DNS servers even if DHCP is selected (taking precedence over any option 6 response if present)? Michael.
elvisimprsntr Posted July 2, 2016 Posted July 2, 2016 Thanks Elvis Impersonator, The problem is not that I lack a DNS server, in fact I have two. I run BIND 9 on a little Ubuntu server in my basement rack, which is authoritative for my internal network and caches for everything else. I also run a secondary DNS server (hooray for zone transfers) to handle requests if my primary is not available. My issue is that the ISY only stores one DNS server entry so it can't fall back to the secondary if I'm fiddling with the primary. -Zac I guess I prefer the big "Easy Button" DNSMasq.tiff
G W Posted July 2, 2016 Posted July 2, 2016 Generally, I agree. However, if using names internally I don't want name resolution dependant on my router. I have two internal bind9 servers (on RPIs) handling my internal name resolution, and it certainly would be better if ISY could use both of them (I hadn't noticed that it wasn't!) Michael. Set the ISY to use the router for DNS. set the Router to use what ever DNS severs you want. I tell all my internal devices to use 192.168.2.1 for DNS. I tell my router to use my internal DNS servers. If your router allowedms for more than 2 DNS severs you can add external servers. Best regards, Gary Funk
MWareman Posted July 2, 2016 Posted July 2, 2016 Set the ISY to use the router for DNS. set the Router to use what ever DNS severs you want. I tell all my internal devices to use Best regards, Gary Funk The router is a single point of failure in this configuration. Fine for most people, I agree. I like to do things in a redundant way if it's reasonable to do so. Michael.
G W Posted July 2, 2016 Posted July 2, 2016 The router is a single point of failure in this configuration. Find for most people, I agree. I like to do things in a redundant way if it's reasonable to do so. Michael. Are you saying you have redundant routers? Best regards, Gary Funk
MWareman Posted July 2, 2016 Posted July 2, 2016 Are you saying you have redundant routers? Best regards, Gary Funk The router isn't involved in communication internal to my network - only external communication.
G W Posted July 2, 2016 Posted July 2, 2016 The router isn't involved in communication internal to my network - only external communication.Okay. I understand. That actually makes sense if you have a router that fails and a primary DNS server that is down a lot. I agree the best solution is to have the ISY handle all the DNS servers sent to it by the DHCP server. I haven't checked the spec in years; is there a maximum number of servers? The most I have seen is six. Best regards, Gary Funk
MWareman Posted July 2, 2016 Posted July 2, 2016 I don't know what the max is, to be honest. I think it's more a timeout thing. If the client waits 500ms for a reply before moving on to the next, and the overall timeout is 2 seconds (a common limit), then the practical max is 3 (since the 4th will get asked, but the client won't wait for a reply). My primary hasn't been down in a long time (hence I haven't noticed that the IsY dosnt learn about my secondary!)
G W Posted July 2, 2016 Posted July 2, 2016 Personally I think if the ISY stored the first four it would be overkill. We have such First World Problems. Best regards, Gary Funk
zparsons Posted July 2, 2016 Author Posted July 2, 2016 Hi Gary, Thank you. Hi Zac, thank you for the feedback. If you are not in a rush, we can definitely include DHCP it in 5.0.x since we will have to do regression testing anyway (my preference). With kind regards, Michel No rush on my end, it's definitely a nice-to-have feature rather than a deal-breaking-requirement. So I'd prefer to wait for a regression tested DHCP based solution in a 5.0.x version. Generally I see most network equipment that lists specific "slots" for DNS server entries with 3 entry slots. I'd guess (but do not know) that this is due to an inability to poll more than three DNS servers sequentially before you'd want to timeout the attempt. My needs are only for two, but if you're going for the whole feature you might want to include three. Thanks. -Zac
Recommended Posts
Archived
This topic is now archived and is closed to further replies.