Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'You can use remote DNS - here's how' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
You can use remote DNS - here's how
Authored by: emarmite on May 18, '05 11:38:02AM
There are several problems with putting static entries in your hosts file. I used to find myself always checking in via Remote Desktop with a known windows server to look up addresses. Fortunately, there is a way to use local DNS servers.

There is a mechanism called 'resolver' where you can specify custom DNS settings for individual domain names.

You'll need to open Terminal to carry out these instructions, and to know the name of the domain you want to look up domain names on. For this example, I'll use 'acme.com', just replace it with your company's internal TLD.

(1) Create a directory as root called 'resolver' in /etc/

sudo mkdir /etc/resolver

(2) Now create a file named after your internal network's domain name with '.x' on the end. For the example, I'm using 'acme.com', change this to your name

sudo pico /etc/resolver/acme.com.x

This is important: if you name it 'acme.com' without the .x, OSX will *always* use these DNS settings. We're going to do a little trick to activate & deactivate the settings every time you connect to your VPN.

(3) Put the following settings into this file:

search acme.com
nameserver 192.168.0.1
nameserver 192.168.0.2


Change 'acme.com' to your internal domain name. You can get the nameserver addresses by typing the following the next time you are actually in the office:

cat /etc/resolver.conf

Other options include: asking your sysadmin nicely; connect to a known Windows box using Remote Desktop and typing 'ipconfig /all' in a Command Prompt.

(4) Now here's the magic: we're going to edit /etc/ppp/ip-up and /etc/ppp/ip-down to activate and deactivate the domain names each time you connect & disconnect.

sudo pico /etc/ppp/ip-up

ip-up should contain the following:

#!/bin/sh
cp /etc/resolver/acme.com.x /etc/resolver/acme.com > /tmp/ppp.log 2>&1


Now for ip-down:

sudo pico /etc/ppp/ip-down

which should contain the following:

#!/bin/sh
rm -f /etc/resolver/acme.com.x > /tmp/ppp.log 2>&1


(5) Final step (important!): get the permissions right

sudo chmod +x /etc/ppp/ip-up
sudo chmod +x /etc/ppp/up-down


Now give it a try. When you connect, a second file should appear in resolver called 'acme.com', and this should disappear when you disconnect. Check /tmp/ppp.log for more details if you have any problems.

Good luck!



[ Reply to This | # ]
minor correction
Authored by: tsanders on May 21, '05 05:44:03PM
I suspect that in the ip-down script you want to remove /etc/resolver/acme.com and not acme.com.x

#!/bin/sh
rm -f /etc/resolver/acme.com > /tmp/ppp.log 2>&1


[ Reply to This | # ]
minor correction - thx
Authored by: emarmite on May 26, '05 09:29:12PM

Yes, that's right, thx :-)



[ Reply to This | # ]
You can use remote DNS - here's how
Authored by: MorganizeIT on Sep 30, '05 05:33:31PM
This works perfectly! I no longer have to choose between *either* using static IPs for all the machines on the VPN *or* routing all my traffic through the VPN connection. On another note, I've also added a line to the ip-up script to lower the mtu for pptp connections. I'm hoping this will cure the instability of smb shares and remote desktop over the vpn:
ifconfig ppp0 mtu 700
700 is the mtu size used by DigiTunnel (a third party VPN client) so I figure it's a good place to start.

[ Reply to This | # ]
You can use remote DNS - here's how
Authored by: MorganizeIT on Sep 30, '05 06:50:49PM
Correction:
ifconfig ppp0 mtu 1200 > /dev/null


[ Reply to This | # ]