Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 31 Mar 2009 13:22:45 -0700
From:      Doug Barton <dougb@FreeBSD.org>
To:        Mel Flynn <mel.flynn+fbsd.current@mailing.thruhere.net>
Cc:        freebsd-current@freebsd.org
Subject:   Re: New rc.d/named features for testing: auto-forwarding and wait on boot
Message-ID:  <49D27B95.7030209@FreeBSD.org>
In-Reply-To: <200903311025.22219.mel.flynn%2Bfbsd.current@mailing.thruhere.net>
References:  <49D1B261.6010406@FreeBSD.org> <49D1B57F.8050903@FreeBSD.org> <200903311025.22219.mel.flynn%2Bfbsd.current@mailing.thruhere.net>

next in thread | previous in thread | raw e-mail | index | archive | help
Mel Flynn wrote:
> Hi Doug,
> 
> On Tuesday 31 March 2009 08:17:35 Doug Barton wrote:
> 
>>> In addition to enabling auto_forward you can also enable
>>> auto_forward_only which changes from the default 'forward first' to
>>> (you guessed it) 'forward only'.
> 
>> And of course, the patch:
>> http://dougbarton.us/Downloads/rcd-named.diff
> 
> Snippet:
> +				if [ -z "$firstns" ]; then
> +					if [ ! "$nsip" = '127.0.0.1' ]; then
> +						echo 'nameserver 127.0.0.1'
> +						echo "		${nsip};" >> /var/run/auto_forward.conf
> +					fi
> 
> I think the hardcoded 127.0.0.1 should be configurable especially considering 
> prepend-domain-nameservers option for dhclient.conf(5).

I'm not sure you understand the goal. The idea here is to use the
local resolver first, as a forwarder. If that usage would conflict
with something that you prepend in dhclient.conf, don't enable both
options.

> Now you risk using 
> yourself as forwarder if you expose the resolver to the internal network 

Sorry, I'm not parsing this. The 127.0.0.1 address is not added to the
forwarders list, if that's what you're concerned about. Come to think
of it, the lines you pasted handle that address only if it's first. I
just updated the patch to handle 127.0.0.1 coming later in the file,
thanks!

> (whether it be through dhclient or statically).
> Also, maybe the combo of autoforward and dhclient should be guarded against, 
> since there's no telling which comes up first

Ummmm.... that's completely false. rcorder determines that the network
will be up first, so not only is there no harm in using both, it's how
I've done all my testing. There is really no point in using this
option if you are on a static network, you could just configure
forwarders in named.conf yourself.

> and both dhclient and 
> /etc/rc.d/named might be writing /etc/resolv.conf at the same time / after 
> eachother.

Completely impossible, but I'm glad to see you're thinking about it at
least.

> Lastly, 127.0.0.1 and ::1 aren't equal, yet they are the same thing ;)


I have no idea what you're trying to say here. However, we currently
don't support (TMK anyway) IPv6-only configurations, although I'd like
to see us do so sometime soon ...


Doug

-- 

    This .signature sanitized for your protection





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49D27B95.7030209>