Re: /etc/resolv.conf, /etc/ppp/resolv.conf, dhcp3-server and dnsmasq

To: debian-user@lists.debian.org
Subject: Re: /etc/resolv.conf, /etc/ppp/resolv.conf, dhcp3-server and dnsmasq
From: "Douglas A. Tutty" <dtutty@porchlight.ca>
Date: Sun, 30 Dec 2007 21:36:12 -0500
Message-id: <[🔎] 20071231023612.GA8481@titan.hooton>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <"171055198.66914.53319."@heaviside.shaw.ca>
References: <"171055198.66914.53319."@heaviside.shaw.ca>

On Sun, Dec 30, 2007 at 04:21:34PM -0700, peasthope@shaw.ca wrote:

> dt> I also have the dnsmasq package ...
> 
> My setup is almost the same.  A machine I'll 
> call Router has dnsmasq.  Another machine, 
> LANite, runs dhcp-client and is connected to 
> Router by an Ethernet crossover cable.  LANite 
> can ping Router and Router can now ping 
> google.ca but the connection is not transistive;  
> LANite can not ping google.ca.  LANite shows 
> the address for google.ca but gets 0 replies 
> from n packets.  Apparently packets are not 
> passed through Router.  So probably I must 
> install ipmasq or create some routing.  Any 
> suggestions?

DNS and IP forwarding are two separate issues.  Normally, however, your
DNS requests will follow the same route to the Net as other IP packets
(since DNS requests are themselves IP packets).  You need to enable IP
forwarding as well as: see /etc/sysctl.conf.

> 
> dt> The magic for all this is done by resolvconf.  See the man page for all
> the gory details ... With eth? and ppp? interfaces coming up and going
> down, the resolvconf package does a good job of keeping things working.
> 
> Appears that the design aims for deterministic 
> access to dns servers;  but as the network becomes 
> more complex and dynamic, certainty is more 
> difficult.  Being naive, I wonder whether anyone
> has thought of an approach which is  simpler  
> and more reliable and easier to troubleshoot.
> For example, maintain a central list of nameservers 
> with a reliability index on each.  PPP, dhcp, 
> dnsmasq & etc. could each add nameservers to the 
> list and adjust the reliability index.  A client 
> needing an address would try the "best" server
> first and work down.  The client would be able 
> to adjust the reliability index according to the 
> response it gets from the server.
> 

Yes, but, at any given point in time, there should only be one
"upstream" route and the upstream DNS servers should be somewhere along
that route.  Networking is by necessity deterministic.  Once things get
complicated enough that you have multiple routes to this that and the
other thing with multiple DNS servers, you're at the level of an ISP or
at least a datacentre with redundant connections and all the baggage
that entails.  At that level, you wouldn't trust any pre-packaged
solution.  You would figure out what commands are required for each
possible transition and write you own scripts.  

Someone who does run a datacentre is now going to call in and tell the
world what a fool I am; that they use the WizzBangUltra Universal
Configurator.  Go figure.

> dt> ... connect to the internet with ppp at the same 
> time [as with eth], default routing and dns servers 
> will not change and life gets interesting.
> 
> Ref. paragraph above.
> 

Doug.

Reply to:

References:
- Re: /etc/resolv.conf, /etc/ppp/resolv.conf, dhcp3-server and dnsmasq
  - From: peasthope@shaw.ca

Prev by Date: Re: OOo window in fluxbox
Next by Date: Re: debian how-to
Previous by thread: Re: /etc/resolv.conf, /etc/ppp/resolv.conf, dhcp3-server and dnsmasq
Next by thread: Tunnel between two IPv6 islands in an IPv4 ocean?
Index(es):
- Date
- Thread