Re: CVS commit: src/etc/rc.d

To: Alan Barrett <apb%cequrux.com@localhost>
Subject: Re: CVS commit: src/etc/rc.d
From: "Steven M. Bellovin" <smb%cs.columbia.edu@localhost>
Date: Sat, 8 Aug 2009 13:49:35 -0400

On Sat, 8 Aug 2009 19:23:38 +0200
Alan Barrett <apb%cequrux.com@localhost> wrote:

> On Sat, 08 Aug 2009, Tonnerre LOMBARD wrote:
> > I don't think any sysadmin in the right mind would put _solely_ the
> > local host into that file.
> 
> It has been my practice for may years to have "127.0.0.1" as the only
> nameserver in /etc/resolv.conf.  I highly recommend this practice.
> 
> If I am behind a broken firewall or DNS interceptor, then I put
> the addresses DHCP told me about into "forwarders" in named.conf,
> not into resolv.conf.
> 
That is *precisely* what I do.

Apart from anything else, last time I looked our resolver library
(unlike OpenBSD's) did not notice if resolv.conf changed; thus, on
laptops that move to different locations, standing applications would
get confused.  Running a local named is the easiest bypass.


                --Steve Bellovin, http://www.cs.columbia.edu/~smb

References:
- Re: CVS commit: src/etc/rc.d
  - From: Joerg Sonnenberger
- Re: CVS commit: src/etc/rc.d
  - From: Perry E. Metzger
- Re: CVS commit: src/etc/rc.d
  - From: Tonnerre LOMBARD
- Re: CVS commit: src/etc/rc.d
  - From: Alan Barrett

Prev by Date: Re: CVS commit: src/etc/rc.d
Next by Date: Re: CVS commit: src/etc/rc.d
Previous by Thread: Re: CVS commit: src/etc/rc.d
Next by Thread: Re: CVS commit: src/etc/rc.d
Indexes:

Home | Main Index | Thread Index | Old Index