Howdy, On Wed, Mar 14, 2007 at 09:36:19AM +0100, Martin Steigerwald wrote: > Am Dienstag, 13. M?rz 2007 11:40 schrieb Sjoerd Simons: > > > > > Added to that I would be more reluctant to add an option to nsswitch that > > > delays reverse lookups where the DNS server returns not found in a > > > fraction of a second by 5 seconds or more. > > > > Avahi doesn't query the dns server for the reverse lookup, but uses > > Multicast DNS.. Because that's what avahi is, a multicast dns daemon :).. > > Hello Sjoerd, > > I know that. And sure as stated in nsswitch.conf mdns is asked afterwards and > thus observed behavior is to be expected. I didn't think this to its logical > end. > > > I'll ask upstream why avahi doesn't cache negative lookups for some time.. > > But even if it did it wouldn't really solve your problem, as the timeout > > will keep occuring from time to time. > > I think it would make the critical difference between unusable and quite > usable if the timeout would be 5 minutes or so. Actually I do not see much > other alternatives if one wants to use mdns in a network with incomplete > reverse DNS configuration. For us right now its no problem to go without mdns > and we also can complete the reverse DNS configuration. > > But caching negative results also has a negative impact on the mdns > functionality I think. Imagine you try to reach a host that you forgot to > connect to the network, then you connect it, and you have to wait for the > negative lookup cache entry timeout before you can get a positive result from > Avahi, unless Avahi passively gets notice of the new host. > > > I'm reassigning this bug to nss-mdns.. I need to discuss with some others > > what to do about this.. Your suggestion of not adding the final mdns > > fallback does make sense for your network, but it will break some > > functionality on others.. (Where mdns can actually rev. resolv the ip > > because the other machine also uses mdns..) > > Thats the problem here. While I agree that having complete reverse DNS > configuration is generally a good idea and we recently installed a tool to > ensure it in the future, the default configuration of libnss-mdns may make > network workstations and possibly servers quite unusable in such networks and > I bet there might be quite some out there. And to my knowledge a complete > reverse DNS configuration is not a strict requirement. If thats really the > case libnss-mdns by default places a requirement upon the network > configuration that hasn't been there before. > > OTOH not having it configured that way breaks mdns functionality on other > networks. > > The only other compromise than timeout for negative lookups I can think of is > to have avahi-daemon running in passive mode. I do not know enough about how > multicast DNS works to say whether thats possible at all. In this mode > avahi-daemon would collect mdns announcements (if mdns capable machines > announce themselves at all which I do not know) in a cache and will serve > requests from this cache. If an entry is not in the cache it would return > immediately.
Avahi has an ability to return results and then say thats 'the end of my cache' or 'thats all the results i think your going to get for the minute' although the way the simple API nss-mdns uses is different. in short, technically this is possible, practically not yet implemented. Trent > > Regards, > -- > Martin Steigerwald - team(ix) GmbH - http://www.teamix.de > gpg: 19E3 8D42 896F D004 08AC A0CA 1E10 C593 0399 AE90 > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
