Date: Fri, 30 Sep 2016 09:20:44 -0500 From: Tim Daneliuk <tundra@tundraware.com> To: Matthew Seaman <matthew@FreeBSD.org>, freebsd-questions@freebsd.org Subject: Re: [Mildly OT] Userland Control Of getbostbyname() Message-ID: <089e1154-317f-6462-095b-35403ba944b0@tundraware.com> In-Reply-To: <12a5cae8-8aa1-68a1-5130-a6813c07c972@freebsd.org> References: <a0681443-0282-48ac-5884-6d1f3868787a@tundraware.com> <12a5cae8-8aa1-68a1-5130-a6813c07c972@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --Bubiw35IukP8QU4vw9txo0KkGJiVFTtth Content-Type: multipart/mixed; boundary="180VsPbQtE3BkUHB5ATts1n8dEFVj0eOW"; protected-headers="v1" From: Tim Daneliuk <tundra@tundraware.com> To: Matthew Seaman <matthew@FreeBSD.org>, freebsd-questions@freebsd.org Message-ID: <089e1154-317f-6462-095b-35403ba944b0@tundraware.com> Subject: Re: [Mildly OT] Userland Control Of getbostbyname() References: <a0681443-0282-48ac-5884-6d1f3868787a@tundraware.com> <12a5cae8-8aa1-68a1-5130-a6813c07c972@freebsd.org> In-Reply-To: <12a5cae8-8aa1-68a1-5130-a6813c07c972@freebsd.org> --180VsPbQtE3BkUHB5ATts1n8dEFVj0eOW Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 09/30/2016 09:15 AM, Matthew Seaman wrote: > On 09/30/16 14:47, Tim Daneliuk wrote: >> Is it possible to control *which* DNS server (and port) a userland pro= gram >> queries for DNS resolution when doing gethosbyname() and gethostbyip()= >> calls? dig and nslookup seem capable of defining the DNS server to qu= ery, >> but I don't know if they're doing the call directly or via the gethost= by... >> calls. >> >> In a perfect world, I'd get a solution to this that was language agnos= tic - >> a way to tell my userland programs - in C, Java, Python, perl, go ... = >> always use this server:port when doing name resolution. >=20 > Server, yes but not port, and only globally -- by editing /etc/resolv.c= onf >=20 > However, if you're running with the standard local_unbound enabled, the= n > you can specify a forward-addr including a port in > /var/unbound/forward.conf like so: >=20 > forward-addr: 192.0.2.1@1053 >=20 > Note: this is an all or nothing solution, although it does fulfil your > criterion of being language agnostic. Every application will get > directed to your alternative DNS server+port, not just some chosen one.= >=20 > You can override the resolvers per application if you're willing to cod= e > that per application. Of course the API used is language specific, and= > you can't use gethostbyname(3) and that ilk, (which can do lookups from= > many sources other than the DNS) but only by doing DNS lookups directly= > from your code. >=20 > Cheers, >=20 > Matthew >=20 >=20 >=20 Thanks Matthew, that's kind of what I figured. The fundamental requireme= nt for my use case is that all the config changes be do-able without root or sudo access. It's sounds like this is not possible short of - as you point out - writing custom query code. This breaks the other half of my use case - existing code should just run and use the newly selected resolver. Sigh ... I suspect more people are going to run into this as the industry moves mo= re and more to containerized microservices. There are any number of scenari= os where you want to be able to spin up custom compute topologies on-demand without having to go through the administrative overhead of getting a DNS= admin to make your changes every time. --=20 -------------------------------------------------------------------------= --- Tim Daneliuk tundra@tundraware.com PGP Key: http://www.tundraware.com/PGP/ --180VsPbQtE3BkUHB5ATts1n8dEFVj0eOW-- --Bubiw35IukP8QU4vw9txo0KkGJiVFTtth Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJX7nS8AAoJEMLZ2alfelsnbDoP/1+ji/qwOfdnGuGUvJ2P+CV9 2fcV/0125p4VTf8KHVPkbM/2elCGQPba5fM7/MlC4nlCtsssk+WfpjEbkWirA25M fs+B2Hg5BVvKcgAV4ehGVny3ggmsqrTBwN9WKRHrLroQLL+0xa1g1+UaLR2ee6Ov YpLNRLK0Mk7pIajg95vT7kNKTS4nuHyXdbLTaMCJ6+KJ5yuVTG7yAM+fLvf8WwNd mELZYr++krV6JhD/fRvOyjnWhoz4XAy1P9r4Uww9lgyaJnLVkn/Eim/UKFPJcZcY xvWl0LUWW49EEjKIx0u53CpjP3uQmiNaaWILr4BvlOlVPkzZ5vFzCCxqRSvTuVj6 q/qly/bXmF0PPHB9bYhD8zfutWhEDYxbvH5AF/9PqdNGrXAoYNCZcgIoBeNfk8nr w+G+VTgI4o15faM9XLBdCimyAK/8O/pYKiaS+auFRE1AQYz6/tWReosaGGaikasE YtPep38vkC6g22d+tx7nxevJsoIUPel2A8NoAvMCPcA6om/gWmPH4QMKPdibjcnP 4ub5OTRwxWzRNJqsFGVhIFTdsOQHo8E4ZR7iVfQST7UNTme9D2oeTWh5hib/Bvia 9af/l0XAihG7ax/i/uVugnnR+79sjBLeiuRXqYvFiMlPBnjpjL432vBeV1ryvA8r KUOeNJwTqfpdySRAuEWo =SjPb -----END PGP SIGNATURE----- --Bubiw35IukP8QU4vw9txo0KkGJiVFTtth--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?089e1154-317f-6462-095b-35403ba944b0>