Technical Documentation DNS for Mobile Access Service

Configuring DNS for Mobile Access Service Discovery The Nasuni Mobile application needs the following information to access your Nasuni Filers: host address, port number, and user credentials. The administrator has several options for providing this information to configure the Nasuni Mobile application for users. Several of these methods simplify login, so that the user does not need to know the host or port.

Configuring the DNS for Mobile Access To simplify user login to your Nasuni Filers, the administrator can configure the company DNS server entry to include the host and port necessary for Mobile Access. When the user logs into the Nasuni mobile application using their company email address and password, the application retrieves the host and port from the DNS to complete the login. We present the general method of configuring the DNS, as well as considerations for using Microsoft Windows DNS Manager and third-party DNS configuration software.

www.nasuni.com / [email protected]

Last modified: May 18, 2016

+1.508.433.6200 / +1.800.208.3418

Technical Documentation DNS for Mobile Access Service

General method of configuring the DNS To configure the DNS, it is necessary to create a DNS record, which might contain PTR, SRV, TXT, and A resource record types. Not all of these resource record types are necessary for configurations. Important: You must specify the domain name for use in the resource records. With Linux, the domain name is often specified globally in the Start of Authority (SOA) resource record, in this format: mydomain.com 14400 IN SOA ns.mynameserver.com. root.ns.mynameserver.com. ( 2004123001 ; serial number 86000 ; refresh rate in seconds 7200 ; update retry in seconds 3600000 ; expiry in seconds 600 ; minimum in seconds )

where: mydomain.com is the domain name: the main name in this zone. 14400 is the TTL (time to live) and defines the duration in seconds that the record may be cached by client-side programs. If 0, the record should not be cached. ns.mynameserver.com is the nameserver that holds the zone files. If it is an external server, the fully-qualified domain name (FQDN) is specified, followed by a dot. If it is defined in this zone file, then it can be written as “ns1” without the dot. root.ns.mynameserver.com is the email address of the domain name administrator, followed by a dot. 2004123001 is a serial number, in the form YYYYMMDDnn, where nn is a revision number in case more than one updates are done in a day. This value must increment when any resource record in the zone file is updated. 86000 is the refresh rate, in seconds, which represents how often a secondary server will poll the primary server to see if the serial number has increased. 7200 is the update retry time, in seconds, which tells the secondary server how long to wait before retrying to contact the primary server after a failure to contact. 3600000 is the expiry time, in seconds, that a secondary server keeps a cached zone file as valid, if it can't contact the primary server. 600 is the minimum time, in seconds, that the secondary servers should cache the zone file. High values increase web site speeds as a result of reduced lookups. If the domain name is not specified in the SOA record, it must be specified within each record. With Windows, the DNS Manager makes the domain name available to specify. Important: Similarly, you must specify the TTL (time to live) for use in the resource records. With Linux, the TTL is often specified globally in the Start of Authority (SOA) resource record, as shown above. If the TTL is not specified in the SOA record, it must be specified within each record. With Windows, the DNS Manager makes the TTL available to specify.

Configuring DNS for Mobile Access Service Discovery

2

Technical Documentation DNS for Mobile Access Service

PTR record type For the PTR record type, the record should be of the form: _nasunifiler._tcp.mydomain.com 14400 IN PTR ._nasunifiler._tcp.mydomain.com where: is the name of the instance of the _nasunifiler._tcp service that the SRV record links to. _nasunifiler._tcp is the symbolic service name and the TCP protocol name, and must not be changed. mydomain.com is the domain name, if not specified globally. 14400 is the TTL (time to live), if not specified globally. For a single service instance, an SRV record alone, or an SRV record with a TXT record, is valid. For multiple-service-instance configurations, each service instance must have a PTR record and a TXT record. However, for multiple-service-instances with the same instance name, each service instance only needs one PTR record and one TXT record. Important: For some implementations, the PTR record MUST end with a period (.), while, for other implementations, the PTR record MUST NOT end with a period. It is suggested to omit the period and test the configuration. If the configuration does not work, try adding the period. On a Microsoft Windows platform, if you run the following nslookup command: nslookup -querytype=ptr _nasunifiler._tcp.nasuni.net The output should look like this: Server: localhost Address: ::1 _nasunifiler._tcp.nasuni.net

name = filer-web20._nasunifiler._tcp.nasuni.net

Configuring DNS for Mobile Access Service Discovery

3

Technical Documentation DNS for Mobile Access Service

SRV record type For the SRV record type, the record should be of the form: ._nasunifiler._tcp.mydomain.com 14400 IN SRV . where: is the name of the instance of the _nasunifiler._tcp service that the SRV record links to. Same as in the PTR record. _nasunifiler._tcp is the symbolic service name and the TCP protocol name, and must not be changed. mydomain.com is the domain name, if not specified globally. 14400 is the TTL (time to live), if not specified globally. is the relative priority of this target, from 0 through 65535. Lowest number is highest priority. Priority and weight are only relevant when there is more than one SRV record with the same instance. is the weight, which is used when there is more than one target with the same instance and with the same priority, from 0 through 65535. Higher number means greater weight and greater probability. 0 indicates no weighting should be applied. Priority and weight are only relevant when there is more than one SRV record with the same instance. Note: Nasuni Mobile follows the DNS Service Discovery standard (RFC 6763), and properly handles complex configurations with multiple Nasuni Filers using various priorities and weights. If you need assistance in setting up such a configuration, contact Nasuni Support. is the TCP port number where the Nasuni Filer is reachable. Usually: 443. is the DNS name of the target host. Does not have to be in the same domain as the SRV record. Note the period (.) at the end. For a single service instance, an SRV record alone (an “empty” SRV), or an SRV record with a TXT record, is valid. If you use an “empty” SRV record, you cannot use separate PTR records, or the TXT record to specify the PTR record. For multiple-target configurations, each target must have an SRV and A record. On a Microsoft Windows platform, if you run the following nslookup command: nslookup -querytype=srv filer-web20._nasunifiler._tcp.nasuni.net The output should look like this: Server: localhost Address: ::1 filer-web20._nasunifiler._tcp.nasuni.net SRV service location: priority = 0 weight = 0 port = 443 svr hostname = filer-web20.nasuni.net filer-web20.nasuni.net internet address = 10.1.3.240

Configuring DNS for Mobile Access Service Discovery

4

Technical Documentation DNS for Mobile Access Service

TXT record type For the TXT record type, the record should be of the form: ._nasunifiler._tcp.mydomain.com 14400 IN TXT "txtvers=1" "companyfullname=" where: is the name of the instance of the _nasunifiler._tcp service that the SRV record links to. Same as in the PTR record. _nasunifiler._tcp is the symbolic service name and the TCP protocol name, and must not be changed. mydomain.com is the domain name, if not specified globally. 14400 is the TTL (time to live), if not specified globally. is the name of the company (optional). Note: The "txtvers=1" parameter is necessary. For a single service instance, an SRV record alone, or an SRV record with a TXT record, is valid. You can also use the TXT record to specify the PTR record. If you use the TXT record to specify the PTR record, you cannot use separate PTR records, or an “empty” SRV record. For multiple-service-instance configurations, each service instance must have a PTR record and a TXT record. However, for multiple-service-instances with the same instance name, each service instance only needs one PTR record and one TXT record. On a Microsoft Windows platform, if you run the following nslookup command: nslookup -querytype=txt filer-web20._nasunifiler._tcp.nasuni.net The output should look like this: Server: localhost Address: ::1 filer-web20._nasunifiler._tcp.nasuni.net text = ““txtvers=1” “CompanyName=Nasuni Corporation””

Configuring DNS for Mobile Access Service Discovery

5

Technical Documentation DNS for Mobile Access Service

A record type For the A record type, the record should be of the form: A where: is the DNS name of the target host, as in the SRV record. is the IP address of the target. For a single service instance, an SRV record alone, or an SRV record with a TXT record, is valid. For multiple-target configurations, each target must have an SRV and A record. On a Microsoft Windows platform, if you run the following nslookup command: nslookup -querytype=a filer-web20.nasuni.net The output should look like this: Server: localhost Address: ::1 Name: filer-web20.nasuni.net Address: 10.1.3.240

Configuring DNS for Mobile Access Service Discovery

6

Technical Documentation DNS for Mobile Access Service

Examples Note: Suggestions for Windows and for third-party tools follow this section.

Single-instance DNS configuration An example of a single-instance DNS configuration looks like this: _nasunifiler._tcp.mydomain.com 14400 IN PTR Nasuni\ Mobile._nasunifiler._tcp.mydomain.com Nasuni\ Mobile._nasunifiler._tcp.mydomain.com 14400 IN SRV 0 0 8000 mfcolo.nasuni.com. Nasuni\ Mobile._nasunifiler._tcp.mydomain.com 14400 IN TXT "txtvers=1" "companyfullname=Nasuni Corporation" mfcolo A 123.45.67.8 In this example: •

Nasuni Mobile is the service instance name of the _nasunifiler._tcp service that the SRV record links to.

•

The domain name is mydomain.com.

•

The TTL is 14400.

•

The priority is 0.

•

The weight is 0.

•

The port is 8000.

•

The target is mfcolo.nasuni.com.

•

The companyfullname is “Nasuni Corporation”.

•

The IP address of mfcolo is 123.45.67.8.

If the domain and TTL are specified globally, this example of a single-instance DNS configuration looks like this: _nasunifiler._tcp PTR Nasuni\ Mobile._nasunifiler._tcp Nasuni\ Mobile._nasunifiler._tcp SRV 0 0 8000 mfcolo.nasuni.com. Nasuni\ Mobile._nasunifiler._tcp TXT "txtvers=1" "companyfullname=Nasuni Corporation" mfcolo A 123.45.67.8

Configuring DNS for Mobile Access Service Discovery

7

Technical Documentation DNS for Mobile Access Service

Single-instance, multiple-target DNS configuration An example of a single-instance, multiple-target DNS configuration looks like this: _nasunifiler._tcp.mydomain.com 14400 IN PTR myfiler._nasunifiler._tcp.mydomain.com myfiler._nasunifiler._tcp.mydomain.com 14400 IN TXT "txtvers=1" myfiler._nasunifiler._tcp.mydomain.com 14400 IN SRV 0 0 8000 mfcolo.nasuni.com. myfiler._nasunifiler._tcp.mydomain.com 14400 IN SRV 1 0 8000 mfcolo2.nasuni.com. myfiler._nasunifiler._tcp.mydomain.com 14400 IN SRV 2 0 8000 mfcolo3.nasuni.com. mfcolo A 123.45.67.8 mfcolo2 A 123.45.67.9 mfcolo3 A 123.45.67.89 In this example, there are three targets, namely, mfcolo.nasuni.com., mfcolo2.nasuni.com., and mfcolo3.nasuni.com. For multiple-target configurations, each target must have an SRV and A record. In this example, it tries mfcolo.nasuni.com first, then, if that fails, mfcolo2.nasuni.com, then, if that also fails, mfcolo3.nasuni.com. If the domain and TTL are specified globally, this example of a single-instance, multiple-target DNS configuration looks like this: _nasunifiler._tcp PTR myfiler._nasunifiler._tcp myfiler._nasunifiler._tcp TXT "txtvers=1" myfiler._nasunifiler._tcp SRV 0 0 8000 mfcolo.nasuni.com. myfiler._nasunifiler._tcp SRV 1 0 8000 mfcolo2.nasuni.com. myfiler._nasunifiler._tcp SRV 2 0 8000 mfcolo3.nasuni.com. mfcolo A 123.45.67.8 mfcolo2 A 123.45.67.9 mfcolo3 A 123.45.67.89

Configuring DNS for Mobile Access Service Discovery

8

Technical Documentation DNS for Mobile Access Service

Weighting within a given priority This example illustrates weighting within a given priority, for SRVs with the same instance: _nasunifiler._tcp.mydomain.com 14400 IN PTR myfiler._nasunifiler._tcp.mydomain.com myfiler._nasunifiler._tcp.mydomain.com 14400 IN TXT "txtvers=1" myfiler._nasunifiler._tcp.mydomain.com 14400 IN SRV 0 100 8000 mfcolo-a.nasuni.com. myfiler._nasunifiler._tcp.mydomain.com 14400 IN SRV 0 200 8000 mfcolo-b.nasuni.com. myfiler._nasunifiler._tcp.mydomain.com 14400 IN SRV 1 0 8000 mfcolo2.nasuni.com. myfiler._nasunifiler._tcp.mydomain.com 14400 IN SRV 2 0 8000 mfcolo3.nasuni.com. mfcolo-a A 123.45.67.8 mfcolo-b A 123.45.67.9 mfcolo2 A 123.45.67.89 mfcolo3 A 123.45.67.98 In this example, it first selects either mfcolo-a or mfcolo-b. On average, it selects mfcolo-a about 1/3 of the time and mfcolo-b about 2/3 of the time, based on their respective weights. If neither mfcolo-a nor mfcolo-b answer, then proceed to mfcolo2, and then mfcolo3, based on their respective priorities.

Using the TXT record to specify the PTR record This example illustrates the use of the TXT record to specify the PTR record: _nasunifiler._tcp 3600 IN TXT "PTRV1=AA._nasunifiler._tcp.mydomain.com." AA._nasunifiler._tcp 3600 IN TXT "txtvers=1" "companyfullname=Nasuni Corporation" AA._nasunifiler._tcp 3600 IN SRV 0 0 443 mytest.mydomain.com. AA._nasunifiler._tcp 3600 IN SRV 1 0 443 mytest2.mydomain.com If you use the TXT record to specify the PTR record, you cannot use separate PTR records, or an “empty” SRV record.

“Empty” SRV record This example illustrates the use of an “empty” SRV record: _nasunifiler._tcp.mydomain.com SRV 0 0 443

myfiler.mydomain.com

This logs into myfiler.mydomain.com with a simple login and no Filer choices appear. If you use an “empty” SRV record, you cannot use separate PTR records, or the TXT record to specify the PTR record.

Configuring DNS for Mobile Access Service Discovery

9

Technical Documentation DNS for Mobile Access Service

Microsoft Windows DNS Manager To use the Microsoft Windows DNS Manager to configure the DNS, follow these steps: 1. The screen for configuring the A record looks like this:

Figure 1-1: A record.

a. In the Host text box, specify the DNS name of the target host, as in the SRV record. The Fully qualified domain name (FQDN) text box might be automatically populated, using the domain name. b. In the IP address text box, enter the IP address of the target. Note: The “Update associated pointer (PTR) record” setting is for reverse lookup configurations, not for this DNS procedure. c. In the Time to live (TTL) text box, enter the TTL (time to live) as days, hours, minutes, and seconds. d. Click OK.

Configuring DNS for Mobile Access Service Discovery

10

Technical Documentation DNS for Mobile Access Service

2. The screen for configuring the PTR record looks like this:

Figure 1-2: PTR record.

a. In the Host IP Address text box, specify both the Nasuni Filer service and the TCP protocol: _nasunifiler._tcp The Windows DNS Manager might move the protocol to the Fully qualified domain name (FQDN) text box. The Fully qualified domain name (FQDN) text box might be automatically populated, using the domain name.

b. In the Host name text box, enter the name of the instance of the _nasunifiler._tcp service that the SRV record links to. Your entry is automatically appended with the Nasuni Filer service, the TCP protocol, and the domain. Whatever you enter here appears in the Mobile Access app: you can use the actual host name of the Nasuni Filer, or a name that users might recognize more easily. Important: For some implementations, the PTR record MUST end with a period (.), while, for other implementations, the PTR record MUST NOT end with a period. It is suggested to omit the period and test the configuration. If the configuration does not work, try adding the period.

Configuring DNS for Mobile Access Service Discovery

11

Technical Documentation DNS for Mobile Access Service

c. In the Time to live (TTL) text box, enter the TTL (time to live) as days, hours, minutes, and seconds. d. Click OK. 3. The screen for configuring the SRV record looks like this:

Figure 1-3: SRV record.

a. The Domain text box might be populated automatically using the domain name. If not, enter the domain name. b. In the Service text box, enter the the name of the instance of the _nasunifiler._tcp service, as in the PTR record, then append the Nasuni Filer service: ._nasunifiler c. In the Protocol text box, enter the protocol: _tcp d. In the Priority text box, enter the priority, as discussed above. e. In the Weight text box, enter the weight, as discussed above. f.

In the Port number text box, enter the port.

Configuring DNS for Mobile Access Service Discovery

12

Technical Documentation DNS for Mobile Access Service

g. In the Host offering this service text box, enter the actual host name of the Nasuni Filer, as a fully qualified domain name. Important: For some implementations, the SRV record MUST end with a period (.), while, for other implementations, the SRV record MUST NOT end with a period. It is suggested to add the period and test the configuration. If the configuration does not work, try omitting the period. h. In the Time to live (TTL) text box, enter the TTL (time to live) as days, hours, minutes, and seconds. i.

Click OK.

4. The screen for configuring the TXT record looks like this:

Figure 1-4: TXT record.

a. In the Record name text box, enter the the name of the instance of the _nasunifiler._tcp service, as in the PTR record, then append the Nasuni Filer service and protocol: ._nasunifiler_tcp The Fully qualified domain name (FQDN) text box might be automatically populated, using the domain name.

Configuring DNS for Mobile Access Service Discovery

13

Technical Documentation DNS for Mobile Access Service

b. In the Text text box, you must enter the text: ”txtvers=1” Any other text entries, such as the company name, are optional.

c. In the Time to live (TTL) text box, enter the TTL (time to live) as days, hours, minutes, and seconds. d. Click OK.

Using third-party DNS configuration software If you are using third-party software to configure DNS, ensure that the following is defined as a service: _nasunifiler Although you might not be able to specify other records, you might be able to specify the TXT record to define a PTR record. For example, the following TXT record specifies a PTR record: _nasunifiler._tcp 3600 IN TXT "PTR-V1=AA._nasunifiler._tcp.mydomain.com."

© Copyright 2010-2016 by Nasuni Corporation. All rights reserved. Nasuni Corporation | 313 Speen Street, Natick, MA 01760-1538 | 1.508.433.6200 | www.nasuni.com

Configuring DNS for Mobile Access Service Discovery

14