Re: Question to new network device names
On Friday 25 August 2017 01:27:47 David Wright wrote:
> On Fri 25 Aug 2017 at 00:54:11 (-0400), Gene Heskett wrote:
> > On Thursday 24 August 2017 22:15:53 David Wright wrote:
> > > On Thu 24 Aug 2017 at 20:58:18 (-0400), Gene Heskett wrote:
> > > > On Thursday 24 August 2017 12:30:37 Dan Ritter wrote:
> > > > > On Thu, Aug 24, 2017 at 10:43:56AM -0500, David Wright wrote:
> > > > > > The history of computing is littered with statements like
> > > > > > "virtually every computer has exactly one or two NICs".
> > > > >
> > > > > It used to be zero.
> > > > >
> > > > > We are currently in the phase of history where this statement
> > > > > is true. NICs are both ubiquitous and cheap, yet devices tend
> > > > > to come with one (only an ethernet port or only a wifi radio)
> > > > > or two (one of each of those, or a wifi radio and a cell
> > > > > radio).
> > > > >
> > > > > Devices can add more, but they are always special cases: my
> > > > > Debian-running firewall has 5 ethernet ports. I occasionally
> > > > > add a USB ethernet frob in order to isolate a device that I
> > > > > want to talk to directly. Special cases deserve special
> > > > > treatment.
> > > > >
> > > > > I expect the statement to remain true for the next ten years.
> > > > >
> > > > > Do you expect differently? If so, why?
> > > > >
> > > > > > This list is full of postings about the complex DNS system.
> > > > > > But how long did /etc/hosts last? Some complexity is
> > > > > > unavoidable, but if you try to avoid it, you pay for it
> > > > > > later. Look at timezones. Ever allowing computers' internal
> > > > > > clocks to run on local time was, with hindsight, a big
> > > > > > mistake. Leap seconds might also be seen the same way (still
> > > > > > under debate).
> > > > >
> > > > > /etc/hosts still acts the way it always did -- put in an
> > > > > entry, it overrides DNS.
> > > >
> > > > That depends entirely on who wrote your /etc/resolv.conf and
> > > > whether or not your did a sudo chattr +i /etc/resolv.conf,
> > > > immediately after verifying that it works. (and of course that
> > > > implies it is a real file, not a softlink to something else.
> > > > With N-M in the mix and active that is the only way to keep it
> > > > from tearing down your network configuration and leaving you
> > > > empty files, and no network, if it cannot find a dhcpd server)
> > >
> > > (We've heard about your problems concerning /etc/resolv.conf
> > > several times now.)
> > >
> > > I think the file that affects the priority of /etc/hosts is
> > > /etc/nsswitch.conf which typically contains a line like:
> > >
> > > hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
> >
> > But what has that to do with having the proper entry's
> > in /etc/resolv.conf? Whose active lines are:
> >
> > nameserver 192.168.71.1
> > search host,dns
>
> I can't parse ↑ this line. Are you sure your resolver can?
> Why does it contain a comma? Are "host" and "dns" domain names?
From man resolv.conf:
> search Search list for host-name lookup.
The search list is normally determined from the local domain name; by default, it contains only the local domain
name. This may be changed by listing the desired domain search path following the search keyword with spaces or
tabs separating the names.
So I have it wrong with my comma, but its been working for about 20 years that way. I'll fix it for S&G. To continue
Resolver queries having fewer than ndots dots (default is 1) in them will be attempted
using each component of the search path in turn until a match is found. For environments with multiple subdomains
please read options ndots:n below to avoid man-in-the-middle attacks and unnecessary traffic for the root-dns-
servers. Note that this process may be slow and will generate a lot of network traffic if the servers for the
listed domains are not local, and that queries will time out if no server is available for one of the domains.
The search list is currently limited to six domains with a total of 256 characters.
> > domain coyote.den
> >
> > I am willing to learn IF there is a simpler, even faster and more
> > secure way to do it than what I preach. If those 3 criteria can be
> > satisfied, show me how.
> >
> > That search line "hosts,dns" draws a fine line between my local
> > network, which is all in the /etc/hosts file, and the rest of this
> > planet for which I need a dns server. dd-wrt in my router relays the
> > resolution requests on to my ISP's assigned dns servers, and relays
> > the results back to whatever asked for it on my home network
> > regardless of which machine or program on that machine originated
> > the request.
> >
> > AFAIK, no other processing seems to be involved. According to htop
> > (root session) no trace of named or any other dns helper can be
> > found running on any of the machines(5) running here ATM. Pure,
> > boiled it down to the simplest way I know how, and it Just
> > Works(TM). FWIW, denyhosts and portsentry still work just fine.
> >
> > Whats not to like?
>
> Cheers,
> David.
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>
Reply to: