Re: How *not* to concatenate my domain name?
On Sat, 08 Nov 2014 20:05:05 +0000, Joe wrote:
> On Sat, 8 Nov 2014 18:49:50 +0000 (UTC)
> Hendrik Boom <hendrik@topoi.pooq.com> wrote:
>
>> When I do a web search from my laptop, connected via wifi to my server
>> and then too the rest of the world, if it for any reason fails to find,
>> say, aspidistraonion.com, it ends up giving me the IP number of my own
>> server, and thus the wrong web page.
>>
>> This can happen because of a temporary network problem, and if I'm
>> using chrome, it puts the wrong IP number into its own DNS cache, and
>> the cache remains poisoned for a long time. (anyone know how to remove
>> things from the chrome's DNS cache, by the way?)
>>
>> Now I suspect the cause is that my DNS lookup appends .topoi.pooq.com
>> to every unsuccessful search, in case I'm looking for something on my
>> LAN. And then it does find 69.165.131.134, which is the externally
>> known gateway IP number for everything on the LAN. (let the server
>> figure out where the packet really goes).
>>
>> I suspect this dates back to installation time, when I was separately
>> asked for the machine's name (notlookedfor) and the domain name
>> (topoi.pooq.com), presumably so it could set up this alleged
>> convenience.
>> Is there any way to get my local DNS lookup *not* to append the wider
>> domain name to anything (or, at least, to anything already containing a
>> dot)?
>>
>> I'm running a jessie system with systemv init and systemd-shim, in case
>> it matters.
>>
>> -- hendrik
>>
>>
> What DNS server is your laptop consulting? Do you have a local BIND or
> similar running on a server, or are you forwarding requests to your
> Internet router, which in turn will forward to your ISP? A default DNS
> search domain can come from more than one location, on a workstation you
> would typically find it in /etc/resolv.conf, but this should only be
> appended to bare hostnames, never to an existing FQDN.
>
> My /etc/resolv.conf files always contain a search domain name, and I've
> never seen a DNS failure try to append it to anything but a hostname.
>
> I ask because an increasing number of routers, particularly those
> supplied by ISPs, are now taking it upon themselves to take some kind of
> action of their own if a DNS lookup fails, instead of passing on the
> authoritative DNS server's failure message as they should, so your
> browser can tell you what really happened. It may not be your laptop
> which is causing the problem.
I appear to be using Google's DNS.
hendrik@notlookedfor:~$ cat /etc/resolv.conf
domain topoi.pooq.com
search topoi.pooq.com
nameserver 8.8.8.8
nameserver 8.8.4.4
hendrik@notlookedfor:~$
As far as I know, I've let Debian install its preferred packages for DNS
lookup, and haven't interfered with it. The system has been continually
upgraded as testing since the days of wheezy, and possibly earlier.
For the record, I do have packages libbind9-90, bind9-host, libdns100,
libbind9-80, libdns-export100, libnss-mdns, libapache2-mod-dnssd, dnsmasq-
base, dnsutils, libdns81, libdns88, libnss3, libnss-mdnsbut, libcurl3-
nss, libnss3-1d, libnss3-dev, but not package bind9 itself.
-- hendrik
Reply to: