From owner-freebsd-current Fri May 25 2:38:39 2001 Delivered-To: freebsd-current@freebsd.org Received: from bremen.shuttle.de (bremen.shuttle.de [194.95.249.251]) by hub.freebsd.org (Postfix) with ESMTP id 4C8CA37B424 for ; Fri, 25 May 2001 02:38:33 -0700 (PDT) (envelope-from schweikh@schweikhardt.net) Received: by bremen.shuttle.de (Postfix, from userid 10) id 1365517D28; Fri, 25 May 2001 11:34:39 +0200 (CEST) Received: (from schweikh@localhost) by hal9000.schweikhardt.net (8.11.3/8.11.3) id f4P9Ycg01297 for freebsd-current@freebsd.org; Fri, 25 May 2001 11:34:38 +0200 (CEST) (envelope-from schweikh) Date: Fri, 25 May 2001 11:34:36 +0200 From: Jens Schweikhardt To: freebsd-current@freebsd.org Subject: Strange DNS behavior; I'm stumped Message-ID: <20010525113435.A955@schweikhardt.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG hello, world\n so I thought I knew everything about DNS. Here's something that beats me. I'm running -current as of a week or so ago, which means the resolver is configured with /etc/nsswitch.conf (instead of /etc/host.conf which no longer exists). I want the resolver to look in /etc/hosts and if nothing is found ask a remote nameserver. So I have $ hostname hal9000.schweikhardt.net $ cat /etc/nsswitch.conf hosts: files dns $ cat /etc/resolv.conf nameserver 193.174.247.193 nameserver 129.143.1.1 nameserver 120.69.18.28 $ grep -v '^#' /etc/hosts 194.95.228.253 hal9000 hal9000.schweikhardt.net hal9000.schweikhardt.net. s253.shuttle.de hal9000.s.shuttle.de 127.0.0.1 localhost localhost.schweikhardt.net localhost.schweikhardt.net. Here's the rub: when I start X, my window manager ctwm tries to determine the hostname (to assign to HOSTNAME and then m4-process the .ctwmrc) This causes my machine to dial out. I've used tcpdump on port 53 (dns) by putting this in /etc/start_if.isp1: /usr/sbin/tcpdump -nli isp1 -c 16 port 53 > /tmp/tcpdump.53 & so I capture the very first dns packets. The result is: $ cat /tmp/tcpdump.53 19:19:36.504837 IP 74: 213.7.20.247.1025 > 129.143.1.1.53: 34068+ A? hal9000.schweikhardt.net. (42) 19:19:41.514465 IP 74: 213.7.20.247.1026 > 120.69.18.28.53: 34068+ A? hal9000.schweikhardt.net. (42) 19:19:46.524451 IP 74: 213.7.20.247.1027 > 193.174.247.193.53: 34068+ A? hal9000.schweikhardt.net. (42) 19:19:46.573495 IP 129: 193.174.247.193.53 > 213.7.20.247.1027: 34068 NXDomain* 0/1/0 (97) (DF) 19:19:46.576134 IP 91: 213.7.20.247.1028 > 193.174.247.193.53: 34069+ A? hal9000.schweikhardt.net.schweikhardt.net. (59) 19:19:46.625504 IP 146: 193.174.247.193.53 > 213.7.20.247.1028: 34069 NXDomain* 0/1/0 (114) (DF) ... innd causes something similar lookups, but sendmail does not. What's more, I can use perl's gethostbyname function and ask for hal9000, localhost, hal9000.schweikhardt.net or hal9000.schweikhardt.net. and it does not cause a remote name server query: schweikh@hal9000:~/bin $ cat dns-test #!/usr/bin/perl # gethostbyname should not dial out if the name is found in /etc/hosts my $name = defined $ARGV[0] ? $ARGV[0] : 'hal9000.schweikhardt.net'; print "gethostbyname $name\n"; my ($n, $aliases, $addrtype, $length, @addrs) = gethostbyname $name; print "name: $n\n"; print "aliases: $aliases\n"; print "addrtype: $addrtype\n"; print "length: $length\n"; foreach (@addrs) { print join ('.', unpack ('C4', $_)), "\n"; } $ dns-test localhost gethostbyname localhost name: localhost aliases: localhost.schweikhardt.net localhost.schweikhardt.net. addrtype: 2 length: 4 127.0.0.1 $ dns-test `hostname` gethostbyname hal9000.schweikhardt.net name: hal9000 aliases: hal9000.schweikhardt.net hal9000.schweikhardt.net. s253.shuttle.de hal9000.s.shuttle.de addrtype: 2 length: 4 194.95.228.253 $ dns-test hal9000 gethostbyname hal9000 name: hal9000 aliases: hal9000.schweikhardt.net hal9000.schweikhardt.net. s253.shuttle.de hal9000.s.shuttle.de addrtype: 2 length: 4 194.95.228.253 $ dns-test hal9000.schweikhardt.net gethostbyname hal9000.schweikhardt.net name: hal9000 aliases: hal9000.schweikhardt.net hal9000.schweikhardt.net. s253.shuttle.de hal9000.s.shuttle.de addrtype: 2 length: 4 194.95.228.253 I even made a C program that used gethostbayname(3) and the result is the same as with the perl script, i.e. no remote ns lookups done for hosts in /etc/hosts. I'm stumped. Is it possible for apps to *force* a name server query, bypassing gethostbyname? How can I force apps to obey my nsswitch.conf? In case it matters, my isp1 interface is a dynamically assigned p2p link configured with ... ifconfig isp1 link1 0.0.0.0 0.0.0.1 netmask 255.255.0.0 and later made the default route. The address 194.95.228.253 in /etc/hosts belongs to another statically assigned interface, i.e. isp0: flags=a011 mtu 1500 inet 194.95.228.253 --> 194.95.242.2 netmask 0xffffff00 ether 00:00:00:00:00:00 isp1: flags=a011 mtu 1500 inet 0.0.0.0 --> 0.0.0.1 netmask 0xffff0000 ether 00:00:00:00:00:00 Regards, Jens -- Jens Schweikhardt http://www.schweikhardt.net/ SIGSIG -- signature too long (core dumped) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message