/etc/resolv.conf
Kevin Darcy
kcd at daimlerchrysler.com
Tue Dec 21 02:10:10 UTC 1999
Evans, Shawn wrote:
> resolv.conf:
> domain mydomain.com
> searchpath in.mickeymouse.net #some dns totally outside of mydomain.com
> nameserver 111.222.333.444 #primary DNS for mydomain.com
> nameserver 222.333.444.555 #secondary DNS for mydomain.com
>
> Could I add on the primary DNS a searchpath line pointing to another domain
> all-together, (in this case in.mickeymouse.net as seen above) and then
> assume that any machine that uses the primary DNS would also get searched
> results from that other searchpath? ie:
>
> user on MachineA who happens to resolv DNS from 111.222.333.444 and
> 222.333.444.555 does 'nslookup somewhere' Would the DNS resolv that to
> 'somewhere.in.mickeymouse.net' or would it just bomb out?
>
> This would seem like a logical solution to me, because if it could be done
> on the primary DNS then each machine that needs to search for
> in.mickeymouse.net would not have to have there resolv.conf changed to
> include a searchpath.
>
> We have many servers using a domain and Oracle and the DBA's are installing
> 'Names' within Oracle so I am looking for the "Best" solution for everyone
> involved so we can search outside our current domain and searchpath just
> seems like the answer.
>
> Opinions/Ideas welcome.. =)
As already pointed out, named doesn't use /etc/resolv.conf so it can't have a
searchlist the way a resolver can. You can set up aliases, of course, which is
manageable as long as all of your users are in one domain or at least a small
number of domains, but it doesn't fly here because we have users scattered
overy many dozens of domains, and I'll be damned if we're going to add all of
those aliases to all of those domains.
The other solution, which some of our vendors brazenly recommend, is to
"simply" ensure that the domain for their server(s) is in the search list of
every resolver. But searchlists are wasteful and slow, and once you hit 6
search list components, you're screwed. How's that for a scalable solution? So
maybe I should gather all of these names into a single zone -- let's call it
"crappysoftware.chrysler.com" -- containing nothing but aliases to all of the
servers running the products which use shortnames exclusively, and then ensure
that this domain is in the searchlist of every resolver? Thanks but no thanks.
The *proper* way for this to work is for the applications and the products to
use fully-qualified names for everything. And that's what I tell every vendor
and every developer whenever this "shortname" issue comes up. If Oracle can't
handle fully-qualified DNS names (we're historically a Sybase shop, so I don't
know), then someone should tar and feather its creators.
Hey, you asked for opinions as well as ideas... :-)
- Kevin
More information about the bind-users
mailing list