[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ipv6 maybe has arrived.

On Thu, Feb 09, 2023 at 02:54:01AM -0500, gene heskett wrote:
> Where you run a dns of sorts, I don't, resolv.conf says check host first,
> then query the router which forwards it to the nameserver at my isp.

Gene, we've been over this MANY times in the last several years.  I'll
repeat it once more here:

Whatever you think you've done in resolv.conf to change the name service
order has NO EFFECT in reality.  You are conflating things from the old
libc5 days with their modern equivalents, and you've got them all mixed
together in a nonsense configuration.

And every time I tell you this, it just slides right off.  Nevertheless,
I'm trying again.

Name service switch configuration in the modern libc6 days is contained
in the /etc/nsswitch.conf file.  This is where your system defines
"local files first, then DNS" or whatever other order you want.

It USED TO BE in the /etc/host.conf file.  See for example
<https://tldp.org/LDP/nag/node82.html>, last updated in 1996.

Somehow, you have taken configuration that would have been in the
/etc/host.conf file in 1996, and moved it to /etc/resolv.conf on
your system, and you have convinced yourself that this actually does
something.

Name service order is defined by the "hosts:" line in /etc/nsswitch.conf.
Mine says this:

unicorn:~$ grep hosts /etc/nsswitch.conf 
hosts:          files mdns4_minimal [NOTFOUND=return] dns

which means "local files first, then this mdns4_minimal thing, and if
that says notfound, then stop and use that result, but if it doesn't
work at all, then use DNS".

(I have no idea what mdns4_minimal is, but Debian put it there, and it
hasn't caused a problem yet so I left it alone.)

The /etc/resolv.conf file is used by the DNS resolver, to decide what
nameserver(s) to use (their IP addresses must be listed), and in some
cases, what domain names to append to the input, and when to append
them (or not append them).

unicorn:~$ cat /etc/resolv.conf
search wooledge.org
nameserver 127.0.0.1
nameserver 10.0.0.1
nameserver 8.8.8.8

Mine says "append .wooledge.org to any name without any dots in it, and
try the nameserver at 127.0.0.1 first, then the nameserver at 10.0.0.1,
and finally the nameserver at 8.8.8.8".

I use this nameserver configuration because I run a dnscache locally
(127.0.0.1) which should be the primary and preferred source of DNS
information.  But if for some reason that's not available, it should
try the router's forwarding nameserver (10.0.0.1), which is configured
by my ISP's DHCP server, and forwards to my ISP.  And if *that's* not
available or not working, then fall back to Google's 8.8.8.8 nameserver
as the last resort.

I also go out of my way to ensure that this file is never modified
by anything other than me.  This is not a laptop or a phone.  It
doesn't move around to various networks, so I don't want a dynamic
nameserver configuration.  I want THIS configuration, at all times,
period.  If anyone else wants help doing that, see
<https://wiki.debian.org/resolv.conf>.
Reply to: