From owner-freebsd-current@FreeBSD.ORG Tue Mar 31 08:25:25 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 639561065676 for ; Tue, 31 Mar 2009 08:25:25 +0000 (UTC) (envelope-from mel.flynn+fbsd.current@mailing.thruhere.net) Received: from mailhub.rachie.is-a-geek.net (rachie.is-a-geek.net [66.230.99.27]) by mx1.freebsd.org (Postfix) with ESMTP id 2D52A8FC16 for ; Tue, 31 Mar 2009 08:25:24 +0000 (UTC) (envelope-from mel.flynn+fbsd.current@mailing.thruhere.net) Received: from sarevok.dnr.servegame.org (gate.lan.rachie.is-a-geek.net [192.168.2.10]) by mailhub.rachie.is-a-geek.net (Postfix) with ESMTP id 840737E818; Tue, 31 Mar 2009 00:25:23 -0800 (AKDT) From: Mel Flynn To: freebsd-current@freebsd.org Date: Tue, 31 Mar 2009 10:25:22 +0200 User-Agent: KMail/1.11.0 (FreeBSD/8.0-CURRENT; KDE/4.2.0; i386; ; ) References: <49D1B261.6010406@FreeBSD.org> <49D1B57F.8050903@FreeBSD.org> In-Reply-To: <49D1B57F.8050903@FreeBSD.org> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200903311025.22219.mel.flynn+fbsd.current@mailing.thruhere.net> Cc: Doug Barton Subject: Re: New rc.d/named features for testing: auto-forwarding and wait on boot X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Mar 2009 08:25:25 -0000 Hi Doug, On Tuesday 31 March 2009 08:17:35 Doug Barton wrote: > > In addition to enabling auto_forward you can also enable > > auto_forward_only which changes from the default 'forward first' to > > (you guessed it) 'forward only'. > And of course, the patch: > http://dougbarton.us/Downloads/rcd-named.diff Snippet: + if [ -z "$firstns" ]; then + if [ ! "$nsip" = '127.0.0.1' ]; then + echo 'nameserver 127.0.0.1' + echo " ${nsip};" >> /var/run/auto_forward.conf + fi I think the hardcoded 127.0.0.1 should be configurable especially considering prepend-domain-nameservers option for dhclient.conf(5). Now you risk using yourself as forwarder if you expose the resolver to the internal network (whether it be through dhclient or statically). Also, maybe the combo of autoforward and dhclient should be guarded against, since there's no telling which comes up first and both dhclient and /etc/rc.d/named might be writing /etc/resolv.conf at the same time / after eachother. Lastly, 127.0.0.1 and ::1 aren't equal, yet they are the same thing ;) -- Mel