On Wed, Dec 21, 2005 at 10:42:03AM -0800, Edward Buck wrote: > On the first point, I (and thus my company) use search lines in > combination with LAN-only DNS subdomains for internal address > management. It allows us to use internal IP addresses for hosts without > fiddling with /etc/hosts. All our host subdomains are managed in DNS. > A LOT of scripts, i.e. for backup, rsync, load balancing, use short > hostnames that get their address information from internal DNS zones, a > process that depends on the search functionality in /etc/resolv.conf.
My personal opinion is that this is wrong, and now you are trying to paper over an initial design flaw. Should you had a policy to always use full host names everywhere, you'd not have this problem now. In my experience relying on lookup service configuration is never good. > To give you an idea of impact, I was recently greeted with an e-mail > from a DNS service provider that I use saying that I was getting close > to my query quota. It surprised me that I got this e-mail because I was > never close to hitting the quota before. It turns out that 90% of the > queries were coming from 1 server where I unwittingly added the domain > to the search path! Well, resolv.conf(5) says about search lines that they "will generate a lot of network traffic if the servers for the listed domains are not local". You should not add a search line for a domain not server by a local name server. In most cases this can be solved by installing a local caching-only name server. > On the subject of work-arounds, I'm not having much luck finding one > without recompiling glibc, which is not a good option IMO. If anyone > has any ideas on this, please let me know. Did you try "apt-get install bind9" and putting "nameserver 127.0.0.1" in /etc/resolv.conf? You can also try lwresd & libnss-lwres if you need something smaller, or djbdns if you like its author :-) This may reduce your DNS traffic even more than changing the lookup order in glibc would. Of course you have to pay with some memory and a little CPU usage. Gabor -- --------------------------------------------------------- MTA SZTAKI Computer and Automation Research Institute Hungarian Academy of Sciences, Laboratory of Parallel and Distributed Systems Address : H-1132 Budapest Victor Hugo u. 18-22. Hungary Phone/Fax : +36 1 329-78-64 (secretary) W3 : http://www.lpds.sztaki.hu --------------------------------------------------------- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]