From owner-freebsd-hackers Sun Aug 24 09:24:54 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id JAA07478 for hackers-outgoing; Sun, 24 Aug 1997 09:24:54 -0700 (PDT) Received: from verdi.nethelp.no (verdi.nethelp.no [195.1.171.130]) by hub.freebsd.org (8.8.7/8.8.7) with SMTP id JAA07473 for ; Sun, 24 Aug 1997 09:24:42 -0700 (PDT) From: sthaug@nethelp.no Received: (qmail 28459 invoked by uid 1001); 24 Aug 1997 16:24:39 +0000 (GMT) To: brian@awfulhak.org Cc: mike@smith.net.au, freebsd-hackers@FreeBSD.ORG Subject: Re: Broken resolver/named In-Reply-To: Your message of "Sun, 24 Aug 1997 12:54:02 +0100" References: <199708241154.MAA00755@awfulhak.org> X-Mailer: Mew version 1.05+ on Emacs 19.28.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Sun, 24 Aug 1997 18:24:39 +0200 Message-ID: <28457.872439879@verdi.nethelp.no> Sender: owner-freebsd-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > So I send a query to my forwarder that asks for "x", and it looks it > up ? What's it likely to find ? The worst case would be > ``x.demon.co.uk'' (my ISP's domain) which is dumb (and why named > disables the LOCALDOM stuff by default). The normal case would be > the generation of a load of useless DNS traffic. How can your resolver know which queries are useless, unless it asks the DNS? How can it know that "no" is a valid top level domain, while "nx" is not? > > There's nothing there needs fixing, AFAICT. Maybe the manual pages, but the resolver itself is doing what it should. > Well, if anything, the "domain ..." isn't behaving - it should try > x.lan.awfulhak.org, x.awfulhak.org and x.org. I also suggest that > "search ..." is broken either in a similar way or because it should > behave as I originally suggested. Read RFC 1535 to see why having this search behavior as default is not a good idea (it's a security hole, and generates a lot of unecessary traffic). Steinar Haug, Nethelp consulting, sthaug@nethelp.no