Security Module multiple DNS resolutions

Last Updated : Apr 28, 2016 |

The Security Module is provisioned as a DNS name in the Session Manager, but the name resolves to more than one IP address.

The default behavior is to use the first IP address to which the DNS name maps whether the address is correct or not. While the system may work just fine, the situation is highly dangerous in terms of not having a reliable system.

Troubleshooting Security Module multiple DNS resolution alarms

Procedure

  1. Check the IP address in the Session Manager Security Module administration and make sure it is correct.
  2. Check what the name resolves to by entering one of the following commands:
    1. Enter host someDNSname where someDNSname is the server name.
    2. Use some other equivalent DNS reverse look-up tool such as dig.
  3. Check /etc/hosts to ensure that the name resolves to the proper single IP address.

    The file should have entries in the form of <IP Address> <FQDN> <domain>.

  4. Fix real DNS to resolve to one IP address.