From owner-freebsd-questions Sun Jan 16 16: 1:49 2000 Delivered-To: freebsd-questions@freebsd.org Received: from relay2.ftech.net (ibm1.ftech.net [212.32.16.71]) by hub.freebsd.org (Postfix) with ESMTP id 65D2415078 for ; Sun, 16 Jan 2000 16:01:43 -0800 (PST) (envelope-from goddard@acm.org) Received: from dmg.ftech.co.uk ([195.200.9.208] helo=dmg.parse.net) by relay2.ftech.net with esmtp (Exim 3.12.ftech-p6 #1) id 129zYh-0001SK-00 for freebsd-questions@FreeBSD.ORG; Sun, 16 Jan 2000 23:58:12 +0000 Received: from elf (elf.putney.parse.net [10.0.0.10]) by dmg.parse.net (8.9.3/8.9.3) with SMTP id AAA68070 for ; Mon, 17 Jan 2000 00:00:43 GMT (envelope-from goddard@acm.org) Message-Id: <3.0.3.32.20000117000343.0084bdd0@dmg.parse.net> X-Sender: dmg@dmg.parse.net (Unverified) X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Mon, 17 Jan 2000 00:03:43 +0000 To: freebsd-questions@FreeBSD.ORG From: David Goddard Subject: Odd DNS lookup issue Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, I'm having an irritating problem with unwanted dialups caused (it seems) by hostname lookups that I could do with some help eliminating. The basic architecture is a FreBSD box using ppp (with -auto and -alias flags) acting as an Internet gateway to a LAN. The box is also running BIND to provide DNS. The LAN machines all use 10.0.0.* IPs while the gateway box also has a proper IP assigned by the ISP on its dialup interface. The gateway box is currently running a rather ageing version of 4.0-CURRENT (shortly to be replaced by something more normal!) - however, a 3.2-RELEASE box on the LAN seems to have the same problem. Basically, the issue is that when I log in via telnet, a DNS query is done for a truncated version of the client's host name - i.e. if I log in to the server (zero.somedomain.com) from another machine (say, jaka.lan.somedomain.com) a query is done for jaka.lan. This isn't recognised by named on zero, so it queries the ISPs server. The DNS query seems to be happening as soon as I enter the password, as the login hangs at this point while the server dials out. The session looks like this: jaka% telnet 10.0.0.1 Trying 10.0.0.1... Connected to zero.lan.somedomain.com. Escape character is '^]'. FreeBSD/i386 (zero.somedomain.com) (ttyp3) login: dg Password: Last login: Sun Jan 16 22:26:57 from jaka.lan Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 4.0-CURRENT (DMG_KERNEL) #1: Mon Jan 10 13:42:55 GMT 2000 Personally, I suspect the Last login section - it is this truncated name that is being queried and this is what is getting stored in wtmp and other places. Casting a very inexpert eye over the source for login, it seems that some shortening of the domain is being done deliberately, but I'm not sure why a lookup would be done on this when I log on. Checking out the archives, there are a few references to similar problems, but they are mostly related to reverse lookups, which seem fine on my setup. There was also an old (1996) mention of an issue with tcsh (my shell), but I'm not sure if this is it. There are some obvious workarounds to this, but I'd really appreciate some pointers as to what is wrong (or more likely what I've done wrong!) I've appended some more info about the setup etc. I'm not currently subscribed to -questions to please cc me on any responses. Thanks, Dave Snippet from named.query.log: 12-Jan-2000 22:47:16.515 XX+/10.0.0.1/jaka.lan/A/IN 12-Jan-2000 22:47:16.517 XX+/10.0.0.1/jaka.lan.somedomain.com/A/IN [...] 12-Jan-2000 23:19:32.595 XX+/10.0.0.1/jaka.lan/A/IN 12-Jan-2000 23:19:32.597 XX+/10.0.0.1/jaka.lan.somedomain.com/A/IN Edited zone file for the domain held on the gateway server: $ORIGIN com. somedomain 43200 IN SOA zero.somedomain.com. name.someisp.co.uk. ( 118687026 21600 10800 604800 43200 ) 43200 IN NS zero.somedomain.com. $ORIGIN somedomain.com. zero 43200 IN A 195.256.256.256 localhost 43200 IN A 127.0.0.1 jaka 43200 IN CNAME jaka.lan.somedomain.com. ns 43200 IN CNAME zero.somedomain.com. $ORIGIN lan.somedomain.com. zero 43200 IN A 10.0.0.1 jaka 43200 IN A 10.0.0.2 elrod 43200 IN A 10.0.0.3 astoria 43200 IN A 10.0.0.9 elf 43200 IN A 10.0.0.10 gateway 43200 IN CNAME zero Reverse lookup: $ORIGIN 0.10.in-addr.arpa. 0 86400 IN SOA ns.somedomain.com. name.someisp.co.uk. ( 2216956931 10800 3600 604800 86400 ) 86400 IN NS ns.somedomain.com. $ORIGIN 0.0.10.in-addr.arpa. 1 86400 IN PTR zero.lan.somedomain.com. 2 86400 IN PTR jaka.lan.somedomain.com. 3 86400 IN PTR elrod.lan.somedomain.com. 4 86400 IN PTR julius.lan.somedomain.com. 9 86400 IN PTR astoria.lan.somedomain.com. 10 86400 IN PTR jaka.lan.somedomain.com. Edited named.conf: // $Id: named.conf,v 1.5 1998/12/23 06:06:13 dillon Exp $ // // Refer to the named(8) man page for details. If you are ever going // to setup a primary server, make sure you've understood the hairy // details of how DNS is working. Even with simple mistakes, you can // break connectivity for affected parties, or cause huge amount of // useless Internet traffic. options { directory "/etc/namedb"; dialup yes; use-id-pool yes; treat-cr-as-space yes; [...] // In addition to the "forwarders" clause, you can force your name // server to never initiate queries of its own, but always ask its // forwarders only, by enabling the following line: // forward only; // If you've got a DNS server around at your upstream provider, enter // its IP address here, and enable the line below. This will make you // benefit from its cache, thus reduce overall DNS traffic in the Internet. forwarders { 195.256.256.256; }; [...] }; [...] zone "." { type hint; file "named.root"; }; zone "0.0.127.IN-ADDR.ARPA" { type master; file "localhost.rev"; }; [...] zone "somedomain.com" { type master; file "s/somedomain.com"; notify no; }; zone "0.0.10.in-addr.arpa" { type master; file "s/0.0.10.in-addr.arpa"; notify no; }; Random nslookup stuff: Script started on Wed Jan 12 23:23:24 2000 dg has logged on ttyp0 from jaka. zero% nslookup Default Server: zero.lan.somedomain.com Address: 10.0.0.1 > jaka Server: zero.lan.somedomain.com Address: 10.0.0.1 Non-authoritative answer: Name: jaka.lan.somedomain.com Address: 10.0.0.10 Aliases: jaka.somedomain.com > 10.0.0.10 Server: zero.lan.somedomain.com Address: 10.0.0.1 Name: jaka.lan.somedomain.com Address: 10.0.0.10 > set type=any > jaka Server: zero.lan.somedomain.com Address: 10.0.0.1 jaka.somedomain.com canonical name = jaka.lan.somedomain.com somedomain.com nameserver = zero.somedomain.com zero.somedomain.com internet address = 195.256.256.256 > exit zero% -- David Goddard ~ goddard@acm.org ~ http://freeweb.ftech.net/dmg Some mornings it's just not worth chewing through the leather straps PGP Fingerprint: 3E41 EBBC 9B71 5E66 68E5 C823 9C56 9078 C16B AD65 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message