Date: Mon, 17 Jan 2000 00:03:43 +0000 From: David Goddard <goddard@acm.org> To: freebsd-questions@FreeBSD.ORG Subject: Odd DNS lookup issue Message-ID: <3.0.3.32.20000117000343.0084bdd0@dmg.parse.net>
next in thread | raw e-mail | index | archive | help
Hi,
I'm having an irritating problem with unwanted dialups caused (it seems) by
hostname lookups that I could do with some help eliminating.
The basic architecture is a FreBSD box using ppp (with -auto and -alias
flags) acting as an Internet gateway to a LAN. The box is also running
BIND to provide DNS. The LAN machines all use 10.0.0.* IPs while the
gateway box also has a proper IP assigned by the ISP on its dialup interface.
The gateway box is currently running a rather ageing version of 4.0-CURRENT
(shortly to be replaced by something more normal!) - however, a 3.2-RELEASE
box on the LAN seems to have the same problem.
Basically, the issue is that when I log in via telnet, a DNS query is done
for a truncated version of the client's host name - i.e. if I log in to the
server (zero.somedomain.com) from another machine (say,
jaka.lan.somedomain.com) a query is done for jaka.lan. This isn't
recognised by named on zero, so it queries the ISPs server.
The DNS query seems to be happening as soon as I enter the password, as the
login hangs at this point while the server dials out. The session looks
like this:
jaka% telnet 10.0.0.1
Trying 10.0.0.1...
Connected to zero.lan.somedomain.com.
Escape character is '^]'.
FreeBSD/i386 (zero.somedomain.com) (ttyp3)
login: dg
Password:
Last login: Sun Jan 16 22:26:57 from jaka.lan
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 4.0-CURRENT (DMG_KERNEL) #1: Mon Jan 10 13:42:55 GMT 2000
Personally, I suspect the Last login section - it is this truncated name
that is being queried and this is what is getting stored in wtmp and other
places. Casting a very inexpert eye over the source for login, it seems
that some shortening of the domain is being done deliberately, but I'm not
sure why a lookup would be done on this when I log on.
Checking out the archives, there are a few references to similar problems,
but they are mostly related to reverse lookups, which seem fine on my
setup. There was also an old (1996) mention of an issue with tcsh (my
shell), but I'm not sure if this is it.
There are some obvious workarounds to this, but I'd really appreciate some
pointers as to what is wrong (or more likely what I've done wrong!)
I've appended some more info about the setup etc.
I'm not currently subscribed to -questions to please cc me on any responses.
Thanks,
Dave
Snippet from named.query.log:
12-Jan-2000 22:47:16.515 XX+/10.0.0.1/jaka.lan/A/IN
12-Jan-2000 22:47:16.517 XX+/10.0.0.1/jaka.lan.somedomain.com/A/IN
[...]
12-Jan-2000 23:19:32.595 XX+/10.0.0.1/jaka.lan/A/IN
12-Jan-2000 23:19:32.597 XX+/10.0.0.1/jaka.lan.somedomain.com/A/IN
Edited zone file for the domain held on the gateway server:
$ORIGIN com.
somedomain 43200 IN SOA zero.somedomain.com. name.someisp.co.uk. (
118687026 21600 10800 604800 43200 )
43200 IN NS zero.somedomain.com.
$ORIGIN somedomain.com.
zero 43200 IN A 195.256.256.256
localhost 43200 IN A 127.0.0.1
jaka 43200 IN CNAME jaka.lan.somedomain.com.
ns 43200 IN CNAME zero.somedomain.com.
$ORIGIN lan.somedomain.com.
zero 43200 IN A 10.0.0.1
jaka 43200 IN A 10.0.0.2
elrod 43200 IN A 10.0.0.3
astoria 43200 IN A 10.0.0.9
elf 43200 IN A 10.0.0.10
gateway 43200 IN CNAME zero
Reverse lookup:
$ORIGIN 0.10.in-addr.arpa.
0 86400 IN SOA ns.somedomain.com. name.someisp.co.uk. (
2216956931 10800 3600 604800 86400 )
86400 IN NS ns.somedomain.com.
$ORIGIN 0.0.10.in-addr.arpa.
1 86400 IN PTR zero.lan.somedomain.com.
2 86400 IN PTR jaka.lan.somedomain.com.
3 86400 IN PTR elrod.lan.somedomain.com.
4 86400 IN PTR julius.lan.somedomain.com.
9 86400 IN PTR astoria.lan.somedomain.com.
10 86400 IN PTR jaka.lan.somedomain.com.
Edited named.conf:
// $Id: named.conf,v 1.5 1998/12/23 06:06:13 dillon Exp $
//
// Refer to the named(8) man page for details. If you are ever going
// to setup a primary server, make sure you've understood the hairy
// details of how DNS is working. Even with simple mistakes, you can
// break connectivity for affected parties, or cause huge amount of
// useless Internet traffic.
options {
directory "/etc/namedb";
dialup yes;
use-id-pool yes;
treat-cr-as-space yes;
[...]
// In addition to the "forwarders" clause, you can force your name
// server to never initiate queries of its own, but always ask its
// forwarders only, by enabling the following line:
//
forward only;
// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below. This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.
forwarders {
195.256.256.256;
};
[...]
};
[...]
zone "." {
type hint;
file "named.root";
};
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "localhost.rev";
};
[...]
zone "somedomain.com" {
type master;
file "s/somedomain.com";
notify no;
};
zone "0.0.10.in-addr.arpa" {
type master;
file "s/0.0.10.in-addr.arpa";
notify no;
};
Random nslookup stuff:
Script started on Wed Jan 12 23:23:24 2000
dg has logged on ttyp0 from jaka.
zero% nslookup
Default Server: zero.lan.somedomain.com
Address: 10.0.0.1
> jaka
Server: zero.lan.somedomain.com
Address: 10.0.0.1
Non-authoritative answer:
Name: jaka.lan.somedomain.com
Address: 10.0.0.10
Aliases: jaka.somedomain.com
> 10.0.0.10
Server: zero.lan.somedomain.com
Address: 10.0.0.1
Name: jaka.lan.somedomain.com
Address: 10.0.0.10
> set type=any
> jaka
Server: zero.lan.somedomain.com
Address: 10.0.0.1
jaka.somedomain.com canonical name = jaka.lan.somedomain.com
somedomain.com nameserver = zero.somedomain.com
zero.somedomain.com internet address = 195.256.256.256
> exit
zero%
--
David Goddard ~ goddard@acm.org ~ http://freeweb.ftech.net/dmg
Some mornings it's just not worth chewing through the leather straps
PGP Fingerprint: 3E41 EBBC 9B71 5E66 68E5 C823 9C56 9078 C16B AD65
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.3.32.20000117000343.0084bdd0>