PDA

View Full Version : LDAP and DNS




Apotheosis
Feb 22, 2008, 05:17 PM
Hello, first, I am peon with college experience. I am not in charge of this situation, I was put in the mix-up so you need to realize that I do not run the show, I follow orders.

We have an Xserve RAID hosting an Open Directory, DHCP, Net Boot, AFP and a time server. The server processor is always in very low usage and our memory still has plenty of space remaining; however, the network goes SO SLOW.

Now, the server doesn't host DNS. This is because there is a 3rd party guy involved since neither the director, nor the network administrator are confident in network administration (DNS, VPNs, Postfix, Dovecot, Apache... everything). :rolleyes:

The network seems fine until the Open Directory accounts log on and then the crawl begins. I remember from my college Active Directory days (I said a bad word), that it is extremely critical that DNS is set up correctly before doing anything.

Not that I would be able to test anything, but do you think that DNS not being configured on the Xserve could be the problem? I've heard of issues with regards to slowness when both NICs aren't properly configured... even the outside NIC that clients shouldn't ever even touch.

I've looked at network traffic through Etherape and Wireshark in the MDF and ever since installing the NHR package (keeps junk like caches stored locally), the network has been very clean and our switching equipment appears to be functioning correctly.

P.S. The server is running on 10.4.11 server software and the clients are all 10.4.11 or 10.3.9.



natech
Feb 22, 2008, 09:49 PM
DNS is the single most important basis you need for a reliable OD experience. The same can also be said with AD....but I've said a dirty word as well ;)

Am I to understand the DNS is managed elsewhere? Where and how?
Don't kid yourself and run DNS locally on said server unless you have some sort of an appreciation for pain.

To say Apple's DNS management "sucks beyond all belief" is being far too kind. Might I suggest Men & Mice suite?

Apotheosis
Feb 22, 2008, 11:15 PM
That's the hard part. We have this 3rd party guy that takes care of that stuff and he keeps his keys close to him. My boss is like Linus and he is their security blanket. Ever since I started as an intern I told them that they were too old for a security blanket but they don't listen. :rolleyes:

I know he has a Fedora box with 2 NICs so I assume he's running Bind on that server which is on site plugging into the same switch as the Xserve. All Macs are configured to go to that box in their DNS settings under System Preferences. The weird thing is that everything seems ok under the local account; however, once you get to OD you go slowwwww with very little stress on the server to speak of.

I've tried to rule everything else out as much as possible; however, the part that baffles me is that these OD accounts slow down all network traffic (not just OD). This includes using Apple Remote Desktop to search the network for Macs (although if these Macs were slow due to messed up DNS that could explain it).

xparaparafreakx
Feb 25, 2008, 01:57 PM
Are you getting this error:

servermgr_dns: no hostname set and unable to detect via DNS, services may not function properly - use changeip to repair