Inspecting DNS configuration

Available in Classic

If you do not use the DNS settings provided by NAVER Cloud Platform, normal communication with the servers provided for internal management may not be possible. If possible, do not set up DNS separately. If you set up DNS separately, you may encounter errors in the process of creating a server with a server image or setting the admin password.

CentOS

Inspect the DNS settings and file in the RedHat OS provided on NAVER Cloud Platform.

1. Check the DNS settings of NAVER Cloud Platform received from DHCP. The IPs of the DNS server provided in the Classic environment are 10.250.255.11 and 10.250.255.12.

   [root@centos78 ~]# grep domain-name /var/lib/dhclient/dhclient--eth0.lease
     option domain-name-servers 10.250.255.11,10.250.255.12;
     option domain-name "ncloud.com";
     option domain-name-servers 10.250.255.11,10.250.255.12;
     option domain-name "ncloud.com";
   

2. Check the settings and content of the /etc/resolv.conf file.

   • If the contents of the file differ from the following, normal communication with NAVER Cloud Platform DNS server may not be possible. However, after editing the file and rebooting the OS, it is initialized to NAVER Cloud Platform settings received from DHCP.

   [root@centos78 ~]# cat /etc/resolv.conf
   ; generated by /usr/sbin/dhclient-script
   search ncloud.com
   nameserver 10.250.255.11
   nameserver 10.250.255.12
   

3. Run the nslookup command to check DNS query operation.

   • When the query works correctly, 10.250.5.105 is displayed.

   [root@centos78 ~]# nslookup repo.ncloud.com
   Server:		10.250.255.11
   Address:	10.250.255.11#53
   
   Non-authoritative answer:
   repo.ncloud.com	canonical name = repo.ncloud.grm.ncloud.com.
   repo.ncloud.grm.ncloud.com	canonical name = kr2-init.ncloud.grm.ncloud.com.
   Name:	kr2-init.ncloud.grm.ncloud.com
   Address: 10.250.5.105
   

Ubuntu

Ubuntu 18.04 provided by NAVER Cloud Platform uses systemd-resolved. Inspect the DNS settings and files on the Ubuntu OS.

1. Check the settings and content of the /etc/resolv.conf file.

   • Check if the file's symbolic link exists.

   root@ubuntu1804:~# ll /etc/resolv.conf
   lrwxrwxrwx 1 root root 39 Sep 28  2020 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf
   

2. Check if the contents of the file are the same as the following:

   root@ubuntu1804:~# cat /etc/resolv.conf
   # This file is managed by man:systemd-resolved(8). Do not edit.
   ... Omitted...
   nameserver 127.0.0.53
   options edns0
   search ncloud.com
   

3. Check the DNS settings of NAVER Cloud Platform received from DHCP.

   root@ubuntu1804:~# cat /run/systemd/resolved.conf.d/isc-dhcp-v4-eth0.conf
   [Resolve]
   DNS=10.250.255.11 10.250.255.12
   Domains= ncloud.com
   

4. Check the configured DNS settings on the OS. The IPs of the DNS server provided in the Classic environment are 10.250.255.11 and 10.250.255.12.

   root@ubuntu1804:~# cat /run/systemd/resolve/resolv.conf
   ... Omitted...
   nameserver 10.250.255.11
   nameserver 10.250.255.12
   search ncloud.com
   

   • If it appears as follows, the DNS server settings are in an abnormal state.

     root@ubuntu1804:~# tail -2 /run/systemd/resolve/resolv.conf
     
     # No DNS servers known.
     

   • If applicable, handle it as follows:

     root@ubuntu1804:~# cat /run/systemd/resolved.conf.d/isc-dhcp-v4-eth0.conf
     [Resolve]
     DNS=10.250.255.11 10.250.255.12
     Domains= ncloud.com
     
     root@ubuntu1804:~# systemctl restart systemd-resolved
     root@ubuntu18:~# tail -3 /run/systemd/resolve/resolv.conf
     nameserver 10.250.255.11
     nameserver 10.250.255.12
     search ncloud.com
     

5. Check if the systemd-resolved daemon is running and its status.

   • The systemd-resolved daemon must be enabled in the list of installed units so it can work properly after booting.

     root@ubuntu1804:~# systemctl list-unit-files | grep systemd-resolved.service
     systemd-resolved.service               enabled
     

   • The systemd-resolved daemon must be active for normal operation.

     root@ubuntu1804:~# systemctl status systemd-resolved.service
     ● systemd-resolved.service - Network Name Resolution
        Loaded: loaded (/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: enabled)
        Active: active (running) since Sun 2023-04-09 20:27:10 KST; 14h ago
          Docs: man:systemd-resolved.service(8)
                https://www.freedesktop.org/wiki/Software/systemd/resolved
                https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
                https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients
      Main PID: 687 (systemd-resolve)
        Status: "Processing requests..."
         Tasks: 1 (limit: 4622)
        CGroup: /system.slice/systemd-resolved.service
                └─687 /lib/systemd/systemd-resolved
     

   • Check the connection status of the IP address 127.0.0.53. It must be LISTEN through port 53 (nameservice port) by the systemd-resolve service.

     root@ubuntu1804:~# netstat -anp | grep 127.0.0.53
     tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      687/systemd-resolve 
     udp        0      0 127.0.0.53:53           0.0.0.0:*                           687/systemd-resolve
     

6. Check the DNS settings in the systemd-resolve service.

   • Use the following command to verify the DNS server information that sends queries.

     root@ubuntu1804:~# systemd-resolve --status
     Global
          DNS Servers: 10.250.255.11
                       10.250.255.12
      ... Omitted...
     

7. Check the permissions of the /etc/hosts file.

   • Other User in the /etc/hosts file must have the read permission for the systemd-resolved daemon to operate properly. By default, the /etc/hosts file has permission set to 644.

   root@ubuntu1804:~# ls -l /etc/hosts
   -rw-r--r-- 1 root root 189 Sep 28  2020 /etc/hosts
   

8. Run the nslookup command to check DNS query operation.

   • When the query works correctly, 10.250.5.105 is displayed.

   root@ubuntu1804:~# nslookup repo.ncloud.com
   Server:		127.0.0.53
   Address:	127.0.0.53#53
   
   Non-authoritative answer:
   repo.ncloud.com	canonical name = repo.ncloud.grm.ncloud.com.
   repo.ncloud.grm.ncloud.com	canonical name = kr2-init.ncloud.grm.ncloud.com.
   Name:	kr2-init.ncloud.grm.ncloud.com
   Address: 10.250.5.105
   

Changing the Fade-out DNS server

If the confirmed DNS server settings are 125.209.192.12 or 125.209.192.13, changing DNS server settings is required.
Check if it should be changed and if so, proceed with changing the DNS server.

Linux

1. Run the DNS server configuration change file and change the DNS server for the resolv.conf configuration.

   [root@centos78 ~]# curl -sSL -k https://kr.object.ncloudstorage.com/dns-tools/resolv-change.sh | /bin/bash
   

[root@centos78 ~]# curl -sSL -k https://kr.object.ncloudstorage.com/dns-tools/resolv-change.sh | /bin/bash

Task result: change failed
Failed to change resolv.conf settings. The required nameserver(s) not found.

Windows

The following describes how to set DNS on Windows servers:

1. Connect to the Windows server.
   • For more information on how to connect to the server, see Access Windows server.
2. Click , then click Settings > Network & Internet > Change adapter options, in order.
   • Alternatively, you can enter ncpa.cpl on the Run command window.
3. On the list that appears, find the network you are using, right-click it and then click Properties.
   • In the Internet Protocol Version 4 (TCP/IPv4) Properties, edit Use the following DNS server addresses at the bottom to 10.250.255.11, 10.250.255.12.

FAQ related to DNS

Q. The following isc_socket_bind error occurs when querying DNS. What should I do?

[root@ncp-server ~]# nslookup repo.ncloud.com
Server:		10.250.255.11
Address:	10.250.255.11#53

Non-authoritative answer:
repo.ncloud.com	canonical name = repo.ncloud.grm.ncloud.com.
repo.ncloud.grm.ncloud.com	canonical name = kr2-init.ncloud.grm.ncloud.com.
Name:	kr2-init.ncloud.grm.ncloud.com
Address: 10.250.5.105
nslookup: isc_socket_bind: address in use

The issue occurs when the ip_local_port_range value is too small for the customer service network environment, or when there are too many socket ports currently in use.
You can check the ip_local_port_range as follows. By default, the minimum port is 32768, and the maximum port is 60999.

[root@ncp-server ~]# sysctl net.ipv4.ip_local_port_range
net.ipv4.ip_local_port_range = 32768    60999

If the server can be rebooted, reboot in the OS. If it cannot be rebooted, check the number of currently used sockets and organize the unnecessary sockets or increase the ip_local_port_range value.
DNS query in normal status is output as follows:

[root@ncp-server ~]# nslookup repo.ncloud.com
Server:		10.250.255.11
Address:	10.250.255.11#53

Non-authoritative answer:
repo.ncloud.com	canonical name = repo.ncloud.grm.ncloud.com.
repo.ncloud.grm.ncloud.com	canonical name = kr1-init.ncloud.grm.ncloud.com.
Name:	kr1-init.ncloud.grm.ncloud.com
Address: 10.101.86.18