From owner-freebsd-current@FreeBSD.ORG Tue Mar 31 20:39:35 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4DE021065676 for ; Tue, 31 Mar 2009 20:39:35 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx22.fluidhosting.com [204.14.89.5]) by mx1.freebsd.org (Postfix) with ESMTP id F225E8FC1F for ; Tue, 31 Mar 2009 20:39:34 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: (qmail 11658 invoked by uid 399); 31 Mar 2009 20:39:34 -0000 Received: from localhost (HELO 192-168-15-100.nohostname) (dougb@dougbarton.us@127.0.0.1) by localhost with ESMTPAM; 31 Mar 2009 20:39:34 -0000 X-Originating-IP: 127.0.0.1 X-Sender: dougb@dougbarton.us Message-ID: <49D27B95.7030209@FreeBSD.org> Date: Tue, 31 Mar 2009 13:22:45 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 2.0.0.21 (X11/20090321) MIME-Version: 1.0 To: Mel Flynn References: <49D1B261.6010406@FreeBSD.org> <49D1B57F.8050903@FreeBSD.org> <200903311025.22219.mel.flynn+fbsd.current@mailing.thruhere.net> In-Reply-To: <200903311025.22219.mel.flynn+fbsd.current@mailing.thruhere.net> X-Enigmail-Version: 0.95.7 OpenPGP: id=D5B2F0FB Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-current@freebsd.org Subject: Re: New rc.d/named features for testing: auto-forwarding and wait on boot X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Mar 2009 20:39:36 -0000 Mel Flynn wrote: > Hi Doug, > > On Tuesday 31 March 2009 08:17:35 Doug Barton wrote: > >>> In addition to enabling auto_forward you can also enable >>> auto_forward_only which changes from the default 'forward first' to >>> (you guessed it) 'forward only'. > >> And of course, the patch: >> http://dougbarton.us/Downloads/rcd-named.diff > > Snippet: > + if [ -z "$firstns" ]; then > + if [ ! "$nsip" = '127.0.0.1' ]; then > + echo 'nameserver 127.0.0.1' > + echo " ${nsip};" >> /var/run/auto_forward.conf > + fi > > I think the hardcoded 127.0.0.1 should be configurable especially considering > prepend-domain-nameservers option for dhclient.conf(5). I'm not sure you understand the goal. The idea here is to use the local resolver first, as a forwarder. If that usage would conflict with something that you prepend in dhclient.conf, don't enable both options. > Now you risk using > yourself as forwarder if you expose the resolver to the internal network Sorry, I'm not parsing this. The 127.0.0.1 address is not added to the forwarders list, if that's what you're concerned about. Come to think of it, the lines you pasted handle that address only if it's first. I just updated the patch to handle 127.0.0.1 coming later in the file, thanks! > (whether it be through dhclient or statically). > Also, maybe the combo of autoforward and dhclient should be guarded against, > since there's no telling which comes up first Ummmm.... that's completely false. rcorder determines that the network will be up first, so not only is there no harm in using both, it's how I've done all my testing. There is really no point in using this option if you are on a static network, you could just configure forwarders in named.conf yourself. > and both dhclient and > /etc/rc.d/named might be writing /etc/resolv.conf at the same time / after > eachother. Completely impossible, but I'm glad to see you're thinking about it at least. > Lastly, 127.0.0.1 and ::1 aren't equal, yet they are the same thing ;) I have no idea what you're trying to say here. However, we currently don't support (TMK anyway) IPv6-only configurations, although I'd like to see us do so sometime soon ... Doug -- This .signature sanitized for your protection