Domain Name from DHCP server problem

Glenn Satchell glenn.satchell at uniq.com.au
Thu Oct 17 15:19:23 UTC 2013 

On Fri, October 18, 2013 1:37 am, /dev/rob0 wrote:
> [top-posting fixed]
>
> On Thu, Oct 17, 2013 at 04:13:22PM +0530, Maruthi Thotad wrote:
>> On Thu, Oct 17, 2013 at 3:50 PM, Steven Carr <sjcarr at gmail.com>
>> wrote:
>> > On 17 October 2013 10:46, Maruthi Thotad <maruthi.tr at gmail.com>
>> > wrote:
>> > > I am getting Domain Name as "." from one of the DHCP server on
>> > > the internet. But my client network module rejects this Domain
>> > > Name "." as per RFC 1034 and doesn't updates to
>> > > /etc/resolv.conf.  But it seems windows PC can accept "."
>> > > Domain Name and works fine. As per RFC1034, "." is invalid
>> > > domain name (section 3.5).
>> > >
>> > > Please let me know if Domain Name "." is valid domain name or
>> > > not? Or in any other latest RFC's this syntax is updated?
>> >
>> > . is a valid domain name, it is root. Nothing in RFC1034 section
>> > 3.5 states that "." is invalid.
>> >
>> > There would be very little point adding it to resolv.conf,
>> > although not technically invalid in practice you would never use
>> > it. As for Windows, yeah, it does weird unconventional stuff.
>> >
>> > You probably want to speak with your Network/DHCP administrator
>> > to have them fix your DHCP domain-name field, or override it in
>> > your local configuration.
>>
>> Sorry if i am misunderstanding, RFC1034 section 3.5 for preferred
>> name syntax says that domain names should be alphanumeric separated
>> with ".". As you mentioned if "." is valid domain name (root),
>> writing "search ." manually in /etc/resolv.conf shows warning in
>> both centos and ubuntu. and it doesn't cares this "search ." option
>> while sending DNS query.
>
> "search ." would be exactly the same as ""; that is: no search line
> at all. That's what Steven meant, "in practice you would never use
> it." What is the point in querying for "isc.org" and then for
> "isc.org."? The answer is the same.
>
> (In truth I am not a fan of the resolver(5) "search" feature. My
> choice would always be to disable it.)
>
>> Basically in my client network module, we validate Domain Name and
>> Domain Name servers which are received from DHCP server and if
>> anyone of them fails, then we wont write any configuration to
>> resolv.conf. So even if domain name servers are valid and only
>> domain name is not valid like i mentioned ("."), our resolv.conf
>> will be empty and internet will be not reachable.
>
> Obviously you're not going to do well with an empty resolv.conf,
> unless perhaps you're running a caching named on 127.0.0.1. I guess
> you'll have to strip out the "search ." line and insert the
> "nameserver" line[s].
>
> I'm not sure what you're asking here ...

So, is the question "my dhcp server sends through a search domain of ".",
I mark it invalid and end up with no entries in resolv.conf"?

If so, then you need to change the dhcp server config to either send
through a valid search domain, or not send it at all.

On the other hand, perhaps your checking on the client is too strict.
Maybe you should write out nameserver entries to resolv.conf if they are
valid, and then write out search if the domain is valid, rather than
writing nothing?

regards,
-glenn

More information about the dhcp-users mailing list