Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Local address lookup

0 views
Skip to first unread message

Mike Kuhar

unread,
Sep 10, 2002, 4:00:14 PM9/10/02
to
Hi Jan,

I'll assume that you have the default gateway setup and a static route to
your local net. Check /etc/nsswitch.conf to insure that you have the entry:

hosts: files dns

Also, for hosts on the same network, you don't have to specify domain names.
So your entries should look like this /etc/hosts:

127.0.0.1 localhost
192.168.2.2 saturn
192.168.2.1 jupiter

Hope this helps. -mk

> -----Original Message-----
> From: Jan Willem Stumpel [mailto:jstu...@planet.nl]
> Sent: Tuesday, September 10, 2002 3:08 PM
> To: debia...@lists.debian.org
> Subject: Local address lookup
>
>
> This is a follow-up to the thread "Local Net - delays in telnet
> login" of last month.
>
> I have a local (home) network containing machines jupiter and
> saturn. Saturn has a connection to the Internet (ADSL) which may
> or may not be functioning. Both machines are running Woody.
>
> Symptom: if saturn's Internet connection is down, from jupiter,
> "telnet saturn" succeeds, but only after a long delay. If the
> connection is up, "telnet saturn" succeeds immediately. Saturn has
> IP address 192.168.2.2. If I use the numerical address (telnet
> 192.168.2.2) it *always* succeeds immediately, no matter if there
> is an Internet connection or not.
>
> This suggests a DNS type problem. Everywhere (on jupiter and
> saturn) /etc/host.conf has "order hosts,bind" (I also tried "order
> hosts bind", space instead of comma, as stated by an old version
> of the *Linux Network Administrator's Guide*).
>
> /etc/hosts on both machines has
>
> 127.0.0.1 localhost
> 192.168.2.2 saturn.my.home saturn
> 192.168.2.1 jupiter.my.home jupiter
>
> /etc/resolv/conf on jupiter has
>
> cache . root.cache
> nameserver aaa.bbb.ccc.ddd
> nameserver aaa.bbb.ccc.eee
>
> These are the ISP's name servers; of course when there is no
> Internet connection they do not work, but I assume that the
> /etc/hosts file will get priority anyway.
>
> I have installed the Debian package *host* so I can type from jupiter
>
> host saturn
>
> I get the answer
>
> saturn does not exist, try again
>
> But if I type
>
> host 192.168.2.2
>
> I get (at once)
>
> Name: saturn.my.home
> Address: 192.168.2.2
> Aliases: saturn
>
> So it seems the identification "saturn --> 192.168.2.2" cannot be
> made locally (i.e. on jupiter) although the identification
> "192.168.2.2 --> saturn" can. What is wrong with my "address
> lookup set-up"?
>
> regards, Jan
>
>
> --
> To UNSUBSCRIBE, email to debian-us...@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listm...@lists.debian.org
>


--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org

Jan Willem Stumpel

unread,
Sep 11, 2002, 2:30:13 PM9/11/02
to
I seem to have a DNS problem indeed. When I run tcpdump in an X
window on jupiter and call

telnet saturn

in another window, I get a lot of packets beginning with

19:35:30.080780 jupiter.my.home.1024 > ns1.myisp.nl.domain:
19522+ AAAA? saturn. (23)
19:35:30.081839 jupiter.my.home.1025 > ns1.myisp.nl.domain:
17118+ PTR? 34.1.121.195.in-addr.arpa. (43)
19:35:30.107275 ns1.myisp.nl.domain > jupiter.my.home.1024:
19522 NXDomain 0/1/0 (98) (DF)

So a private telnet to an entirely local computer involves my
ISP's name server (ns1.myisp.nl), i.e. the outside world. I do not
like this at all. It is in fact pretty frightening. I had supposed
that "order hosts,bind" in /etc/host.conf would keep local address
lookups local, but apparently it does not.

Maybe there is some connection with xinetd as Nate suggested. In
the past I had an xinetd directly from xinetd.org, not "linked
with libwrap". Now I have a stock Woody xinetd. And I am pretty
certain (but cannot prove it of course) that my telnet delay
problem is fairly recent. Am going to experiment (with compiling
xinetd from source, without libwrap), will report .. BTW, (in
response to Mike Kuhar), in nsswitch.conf I had the proper order
(hosts: files dns) all along.

Carlos Henriques dos Santos

unread,
Sep 12, 2002, 2:40:06 AM9/12/02
to
Hello,

On Wed, 2002-09-11 at 20:19, Jan Willem Stumpel wrote:
> I seem to have a DNS problem indeed. When I run tcpdump in an X
> window on jupiter and call
>
> telnet saturn
>
> in another window, I get a lot of packets beginning with
>
> 19:35:30.080780 jupiter.my.home.1024 > ns1.myisp.nl.domain:
> 19522+ AAAA? saturn. (23)
> 19:35:30.081839 jupiter.my.home.1025 > ns1.myisp.nl.domain:
> 17118+ PTR? 34.1.121.195.in-addr.arpa. (43)
> 19:35:30.107275 ns1.myisp.nl.domain > jupiter.my.home.1024:
> 19522 NXDomain 0/1/0 (98) (DF)
>
> So a private telnet to an entirely local computer involves my
> ISP's name server (ns1.myisp.nl), i.e. the outside world. I do not
> like this at all. It is in fact pretty frightening. I had supposed
> that "order hosts,bind" in /etc/host.conf would keep local address
> lookups local, but apparently it does not.

host.conf is obsolete, i think it was used by old libc5. You must edit
/etc/nsswitch.conf:
hosts: files dns

regards,

Carlos dos Santos

signature.asc

Jan Willem Stumpel

unread,
Sep 12, 2002, 2:50:04 PM9/12/02
to
Carlos Henriques dos Santos wrote:

> host.conf is obsolete, i think it was used by old libc5.
> You must edit /etc/nsswitch.conf:
>
> hosts: files dns

1. When was this change made? Is it documented anywhere? (I
could find no references on the Web).
2. There must be some truth in Carlos's remarks, because renaming
nsswitch.conf to something else makes it impossible to telnet
to a machine on my local net at all.
3. But it is not the whole truth, because (as I said) I have an
/etc/nsswitch.conf file on my machine, and it says
hosts: files dns
and still local lookups do not work (i.e. outside name servers
are consulted first).

So I am still hoping for a lecture from somebody on "local address
lookup on a modern Linux system".

Regards, Jan

Bob Proulx

unread,
Sep 12, 2002, 3:40:07 PM9/12/02
to
Jan Willem Stumpel <jstu...@planet.nl> [2002-09-12 20:38:41 +0200]:

> 3. But it is not the whole truth, because (as I said) I have an
> /etc/nsswitch.conf file on my machine, and it says
> hosts: files dns
> and still local lookups do not work (i.e. outside name servers
> are consulted first).

Just something that might add to the confusion if you don't know about
it. If you are using a tool like nslookup, host, or dig then all of
those will use dns only. That is the only purpose of those commands.
Therefore you cannot use them for checking local files. Using telnet
which should just be using the libc gethostbyname() and friends should
in libc use /etc/nsswitch.conf et al. You probably already knew
that. But if not then it can be confusing.

Bob

Jan Willem Stumpel

unread,
Sep 13, 2002, 6:10:04 PM9/13/02
to
Mmm.. If I read Bob Proulx's message correctly, telnet should use
gethostbyname() and therefore pay due regard to nsswitch.conf.
My problem is that (on my system) telnet to a local network host
still involves dns (as shown by tcpdump), even though "files" is
specified first in /etc/nsswitch.conf.

I am already thoroughly confused.. Anyway I am still looking for a
solution:

-- I do not want to set up a local nameserver (well, by now more
a point of principle than anything).
-- I want to keep local telnets local.

So I would be grateful for any pointers to configuration mistakes
I might have made. Or is there a bug in telnet? I do not think so.
Lots of people (especially the ones with modems and dial-on-
demand) would have complained already -- and I cannot find
anything about "unnecessary dial-outs when telnetting to a local
machine" in the archives.

nate

unread,
Sep 13, 2002, 6:20:05 PM9/13/02
to
Jan Willem Stumpel said:

> So I would be grateful for any pointers to configuration mistakes I
> might have made. Or is there a bug in telnet? I do not think so. Lots of
> people (especially the ones with modems and dial-on-
> demand) would have complained already -- and I cannot find
> anything about "unnecessary dial-outs when telnetting to a local
> machine" in the archives.


it is I believe perfectly normal operation. Unix/Linux systems are
made for networks, part of which is host resolution provided by
DNS. from the tcpd manpage:

tcpd verifies the client host name that is returned by the
address->name DNS server by looking at the host name and
address that are returned by the name->address DNS server.
If any discrepancy is detected, tcpd concludes that it is
dealing with a host that pretends to have someone elses
host name.

your best options, since you don't seem to want to run a DNS I think
would be:

- use inetd, but edit inetd.conf so inetd doesn't load tcpd for whatever
services you want
- edit /etc/hosts.allow and add something like
ALL: 10.10.10.0/255.255.255.0
(where ^^^ is your local network mask)
- edit /etc/hosts.deny and comment out ALL: PARANOID


#2 and #3 will affect all services which use tcp wrappers, whereas
#1 will only affect stuff loaded from inetd.conf

nate

Marc Wilson

unread,
Sep 15, 2002, 1:50:05 AM9/15/02
to
On Wed, Sep 11, 2002 at 08:19:57PM +0200, Jan Willem Stumpel wrote:

<deleted>

> So a private telnet to an entirely local computer involves my
> ISP's name server (ns1.myisp.nl), i.e. the outside world. I do not
> like this at all. It is in fact pretty frightening. I had supposed
> that "order hosts,bind" in /etc/host.conf would keep local address
> lookups local, but apparently it does not.

It keeps local lookups that *succeed* local. That lookup didn't succeed,
so the box took the logical next step and went to the authority you'd told
it to use. That authority, of course, wasn't able to resolve it either. :)

--
Marc Wilson
m...@cox.net

0 new messages