Re: Can't find the DNS Servers
On Mon, Sep 25, 2017 at 02:12:07PM -0700, Don Armstrong wrote:
> On Mon, 25 Sep 2017, Greg Wooledge wrote:
> > On Mon, Sep 25, 2017 at 12:20:45PM -0700, Don Armstrong wrote:
> > > as is documented in dhclient-script(8):
> >
> > Well now that's just EVIL. :-(
>
> It's much more powerful than a single variable because you can have it
> do *anything*.
No, you don't understand. I had no idea that man page EXISTED!
For years, I have been searching back and forth and up and down in
dhclient(8) and dhclient.conf(5) and finding NOTHING.
Turns out the REASON I couldn't find anything was because some bright
spark decided to split the documentation into multiple man pages.
> > Well now that's just EVIL. :-(
So, apparently the only way to find anything is to open umpteen terminal
windows, one man page in each terminal window. Jump to the bottom of
each man page, find the SEE ALSO section, open EVERY linked man page in
another terminal window. Recursively. Then perform your searches in
every single window in parallel until one of them hits.
So let's see... I'll assume dhclient(8) is the root of the search
tree. This links to dhcpd(8), dhcrelay(8), dhclient-script(8),
dhclient.conf(5), dhclient.leases(5), dhcp-eval(5). So now I need
to open 6 more windows, or 7 total.
dhcpd(8) doesn't exist, because this isn't a server, so make it 6.
dhcrelay(8) doesn't exist. Don't even know what that is. 5.
dhclient-script(8) links to dhclient(8), dhcpd(8), dhcrelay(8),
dhclient.conf(5), dhclient.leases(5). No new windows.
dhclient.conf(5) links to dhcp-options(5), dhcp-eval(5),
dhclient.leases(5), dhcpd(8), dhcpd.conf(5). dhcpd.conf(5) doesn't exist,
so just one new window, for dhcp-options(5). I'm up to 6 open now.
dhclient.leases(5) links to dhclient(8), dhcp-options(5), dhclient.conf(5),
dhcpd(8), dhcpd.conf(5). No new ones.
dhcp-eval(5) links to dhcpd.conf(5), dhcpd.leases(5), dhclient.conf(5),
dhcp-options(5), dhcpd(8), dhclient(8). dhcpd.leases(5) doesn't exist,
so no new ones.
dhcp-options(5) links to dhcpd.conf(5), dhcpd.leases(5), dhclient.conf(5),
dhcp-eval(5), dhcpd(8), dhclient(8). No new ones.
So I've got my 6 terminal windows open. I've spent 10 minutes so far,
and I haven't even READ a single bit of any of the pages. Just the
SEE ALSOs.
Now I get to try to wrack my brain for keywords, and repeat my keyword
searches 6 times, once in every window.
Turns out "resolv" (my first keyword) pops up in window #2, which is
dhclient-script(8), and also in window #6, dhcp-options(5).
>From there, you can guess what the next steps are, because apparently
you were already aware of the existence of dhclient-script(8). If I'm
lucky, I'll focus on that page rather than dhcp-options(5) which is
very confusing, and seems to be talking in abstractions. It sure as
hell doesn't clearly define what options go in what files, nor even
which options are for the client and which are for the server. Their
only mentions of resolv.conf are in a DHCPV6 section. What the hell
is DHCPV6? Does it have something to do with IPv6? How would I know
whether I'm using DHCPV6 or not? Try searching for V6 in the other
five windows... nothing at all! And so on.
All this grief and agony because they couldn't just put all the
information that THE MOST COMMON USE CASES will need into a single
document.
What are the most common use cases? An excellent question. Here's
my guess:
1) Client is plugged into the network without being configured. Simply
uses whatever the DHCP server spits out. If that's wrong, too bad.
2) Client uses what the DHCP server spits out, but the administrator
of the client will try to work around whichever bits of the DHCP
server's responses are wrong. In my experience, it's the nameservers
that are most likely to need local adjustment. That's why you have
this thread. And all the previous threads. And all the web pages
out there that advise people to use chattr +i. And all the people
who use chattr +i. And all the self-proclaimed experts who say "No,
you're doing it wrong!" but then don't offer a better way.
3) Client uses what the DHCP server spits out, but the administrator
of the client is also the administrator of the DHCP server, and can
correct things in the DHCP server to make all the clients happy.
The first use case needs no documentation at all.
The second use case needs some way for the admin of the client to be able
to search for resolv.conf in the documentation and actually FIND IT.
I searched in dhclient(8) and in dhclient.conf(5) and fid not find it.
I honestly, truly believed that I had done my best. That I had put
in the required effort. That I had been intelligent and diligent and
resourceful. That I had given the software the benefit of the doubt,
but this feature was simply not present, or not documented anywhere.
The third use case... well, that's not me right now. In the past I
have set up a DHCP server on an OpenBSD machine, and found things to
be fairly straightforward. I was able to find the options I needed,
and what file to put them in, and so on. It's really obvious and simple
where you put the nameservers when you have control of the server.
It's clear that the INTENDED way is for the configuration to be done
on the server.
But, you see, most people DO NOT HAVE CONTROL OF THE SERVER.
So, my conclusion based on my experiences was that the only way to
configure ISC's DHCP to end up with correct nameservers on the client
was to have control of the server, or to subvert the client's execution
environment in such a way that dhclient cannot modify resolv.conf at all
(e.g. chattr +i).
I believed this for YEARS.
And then you said this:
> > > as is documented in dhclient-script(8):
Which, by the way, is NOT referenced from dhclient.conf(5)'s SEE ALSO
section. Because, why would the primary client configuration document
make it easy to find the instructions for configuring the client?
> > Well now that's just EVIL. :-(
And then you didn't even understand my response. Which just shows how
completely out of touch with each other the various groups are.
Reply to: