[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#343140: libc6: resolver always checks search list in /etc/resolv.conf

Marco d'Itri wrote:
> On Dec 21, Gabor Gombas <gombasg@sztaki.hu> wrote:
> 
>>It's not a bug. It may be inefficient, but that's not a bug in itself.
> 
> I find this reasoning very peculiar. If an algorithm is inefficient and
> this causes problems then it is obviously buggy.
> And it's doubly buggy if its inefficiencies cause are harmful for
> third parties.

I won't get into the debate of whether this constitutes a debian bug but
I can tell you that this bug causes significant problems for those who:

* use search lines for host management
* have busy machines

On the first point, I (and thus my company) use search lines in
combination with LAN-only DNS subdomains for internal address
management.  It allows us to use internal IP addresses for hosts without
fiddling with /etc/hosts.  All our host subdomains are managed in DNS.
A LOT of scripts, i.e. for backup, rsync, load balancing, use short
hostnames that get their address information from internal DNS zones, a
process that depends on the search functionality in /etc/resolv.conf.
This bug effectively forces us to discard this internal process on
certain machines, which means the process is no longer a good one.  A
bug (or design flaw or whatever) that causes re-evaluation of internal
processes is pretty significant in my mind.

On the 2nd point, the increase in DNS load is not something that normal
users may appreciate or notice.  But those who manage DNS servers know
that a 2x or 3x increase in DNS load has consequences.  For those who
are unlucky enough to have 5 domains in their search path (not an
uncommon scenario I would think), you're looking at 6 extraneous DNS
lookups for every legitimate lookup!

To give you an idea of impact, I was recently greeted with an e-mail
from a DNS service provider that I use saying that I was getting close
to my query quota.  It surprised me that I got this e-mail because I was
never close to hitting the quota before.  It turns out that 90% of the
queries were coming from 1 server where I unwittingly added the domain
to the search path!  It took me a while to figure this out but
eventually I did and it was the impetus for resubmitting this bug report
(my first bug report was for postfix back in June).  After removing the
domain from the search line on this machine, the query lookups suddenly
have dropped to insignificant levels again.

On the subject of work-arounds, I'm not having much luck finding one
without recompiling glibc, which is not a good option IMO.  If anyone
has any ideas on this, please let me know.

Thanks.
Regards,
Ed
Reply to: