Subject: Re: dns search paths with KAME
To: Ronald Khoo <ronald@chersonese.com>
From: None <itojun@iijlab.net>
List: current-users
Date: 07/14/1999 15:30:42
>Now that KAME has been integrated and work done on making NetBSD userland
>IPv6 aware, I've got a problem with dns search paths. Note that I'm
>not an IPv6 hacker, nor do I have an IPv6 network, I'm simply
>an ordinary -current user with a tiny IPv4 network at home :-)
>The problem goes like this:
> % telnet broccoli
>previously just worked. It found broccoli.chersonese.com IN A in my
>local name server and everything worked. Now, however, it fails
>to find broccoli.chersonese.com IN AAAA and looks for broccoli. IN AAAA
>before failing on that and looking for broccoli.chersonese.com IN A.
>When my modem is switched off, this takes a while :-)
>(oh, and you won't find those hosts in the real world DNS -- this is
> private DNS in a rfc1918 network)
It looks that the right thing to do is to put unauthorized secondary
nameserver for chersonese.com in your home, by having the following
line in your /etc/named.boot (or write similar thing in named.conf
if you using bind8):
secondary chersonese.com. x.y.z.u bak/chersonese.com.zone
>telnet now uses getaddrinfo(3) which is documented in RFC 2553.
>RFC 2553 doesn't seem to mention DNS search paths.
Search path is implemented, but it is handled like:
AAAA from /etc/hosts
AAAA from DNS
A from /etc/hosts
A from DNS
I dunno if this is the right order, or
AAAA from /etc/hosts
A from /etc/hosts
AAAA from DNS
A from DNS
is the right order. The latter one is hard to implement at this moment
(getaddrinfo using gethostbyname2 inside), but once we implement
getipnodebyname in libc, we may be able to do the latter.
itojun