From owner-freebsd-hackers  Sat Aug 23 20:02:59 1997
Return-Path: <owner-freebsd-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id UAA01293
          for hackers-outgoing; Sat, 23 Aug 1997 20:02:59 -0700 (PDT)
Received: from word.smith.net.au (ppp20.portal.net.au [202.12.71.120])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id UAA01286
          for <freebsd-hackers@FreeBSD.ORG>; Sat, 23 Aug 1997 20:02:40 -0700 (PDT)
Received: from word.smith.net.au (localhost.smith.net.au [127.0.0.1])
	by word.smith.net.au (8.8.7/8.8.5) with ESMTP id MAA00846;
	Sun, 24 Aug 1997 12:30:58 +0930 (CST)
Message-Id: <199708240300.MAA00846@word.smith.net.au>
X-Mailer: exmh version 2.0zeta 7/24/97
To: Brian Somers <brian@awfulhak.org>
cc: freebsd-hackers@FreeBSD.ORG
Subject: Re: Broken resolver/named 
In-reply-to: Your message of "Sun, 24 Aug 1997 01:19:30 +0100."
             <199708240019.BAA00819@awfulhak.org> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Sun, 24 Aug 1997 12:30:55 +0930
From: Mike Smith <mike@smith.net.au>
Sender: owner-freebsd-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

> 
> I have a bit of a problem - that I can only put down to being the 
> fault of either the resolver library or named.

Neither.

> My /etc/resolv.conf says (in 2.2.2 & -current):
> 
> domain lan.awfulhak.org

Have you read the resolver documentation on what this means?

> If I try to resolve an unqualified name that doesn't exist (such as 
> ``x''), the resolver sends two DNS queries (because the first fails). 
> The first query is for ``x.lan.awfulhak.org'', and when that fails, 
> it sends a query for ``x''.  The resolver then says "Dunno who ``x'' 
> is, I'll ask someone else.....".
> 
> This is a bit of a dumb thing to do (I'm on a dial-up to real life).....

It is, however, the _correct_ thing to do.  If you don't want to dial 
to resolve names, use the dfilter stuff in user-mode ppp (do I need to 
tell *you* this?)

> There is a compile-time option for named called "LOCALDOM" that 
> allows you to say "domain lan.awfulhak.org" in named.boot, and have 
> the second query answered with "dunno" immediately, but according to 
> named, only broken resolvers send unqualified names to the DNS.

I don't understand how this would be useful.  If you say "x", and "x" 
is not a local name, you _must_ consult someone else to determine if 
it's a valid name at all.  How else are you supposed to know one way or 
the other?

If you never want to consult an outside nameserver, disable your 
forwarders; this is pretty dumb though.

> IMHO, the resolver shouldn't be sending the second query.  Should I 
> look at fixing the resolver ?

There's nothing there needs fixing, AFAICT.

mike