Re: [ovirt-users] oVirt engine and primary DNS
On Thu, Oct 27, 2016 at 12:32 PM, Jonas Israelsson <
jonas.israelsson(a)elementary.se> wrote:
I could indeed, the issue I saw yesterday is resolved already. I was
merely thinking we might have a potential single point of failure here.
While the primary nameserver was offline the machine (where the
ovirt-engine is running) itself had no problem doing name-resolution, still
oVirt-ui was acting rather unpleasant.
And since my changes to resolv.conf only had an impact after restarting
the engine I thought there are some internals, such as a cache causing this
problem.
It was only a suggestion, I didn't try myself with ovirt-engine.
But if you have a test system, you can simulate running something like this
on your engine server
change resolv.conf while engine is running
silently drop connections to primary dns server with
iptables -I OUTPUT -d your_primary_dns_ip -j DROP
(at the end of tests you delete the rule checking the line number of the
inserted line (it should be 1 because of "-I" option above) with
iptables -L -n --line-numbers
and then
iptables -D OUTPUT 1
or in general
iptables -D OUTPUT N
if line is not 1 but N
)
you can then monitor calls to dns with tcpdump, something like
tcpdump -nn dst port 53
HIH debugging,
Gianluca
Attachments:
- attachment.html (text/html — 1.9 KB)