Re: Gene's avahi bogeyman is not real (Was Re: how to find outregdomain/country of wifi network)

2023-05-15 Thread Tom Dial 

Sometimes I can't resist ...

On 5/14/23 16:20, gene heskett wrote:

On 5/14/23 17:21, Andy Smith wrote:

Dear debian-user archives,

On Sun, May 14, 2023 at 02:42:05PM -0400, gene heskett wrote:

I've literally spent a frigging week trying to get iproute to
over-ride the broken 169.xx.xx.xx primary route that earlier
avahi's insisted on putting into a network config, that is why to
this day the first thing I do after an install, is find avahi and
rm it and reboot. rm because you could not remove it with apt w/o
tearing down the system far enough the only recourse was to
reinstall.  That is obviously an endless loop.


Routine note for the archive that avahi is another one of Gene's
Demons and the above is not in any way true. I have 50+ Debian hosts
that do not have avahi installed at all, and several more that
intentionally do and work fine.

As usual, Gene's experiences are due to a misconfiguration that
Gene made and cannot be helped with, despite many people trying over
a period of years.

When you see a post from Gene mentioning liberal use of "rm" and
"chattr +i" on parts of the operating system, do begin to question
what you are reading.

Thanks,
Andy


Thanks for the vote of no confidence Andy.

The diff as I see it, is that I refuse to actually run a dns server here, bind 
and I agreed to disagree nearly 25 years ago when bind was at 4 something and 
half the planet was cleaning after attacks on bind. The other half wasn't aware 
of anything except the net was dead, no dns.


I've been running DNS on two or three local hosts for around 25 years, roughly 
since the number of images on my local net grew beyond about 4 or 5. I don't 
knowingly allow access from the public Internet or configure it to resolve any 
but local addresses. As I recall, I set it up based on the Debian HOWTO of the 
time, it worked upon deployment, it never has faulted except for hardware 
failure or my own mistypes. It is as easy to maintain as two or three hosts 
files, and easier to maintain consistency across what now are a couple of dozen 
system images.

Rejecting DNS now, and for local use, because there were failures or successful 
or unsuccessful attacks on public DNS servers a quarter century ago makes no 
sense.



The box in question was running rh 6.1 so that might give you a time frame. 
2001 maybe. IDK, IDC.

We bought a block of 16 ipv4 addresses and registered & ran the tv stations net 
access, about 40 mostly windoze boxes preferring /etc/host files for local lookups. 
It works if the router relays, its fast, and bulletproof. The way I've configured 
is to first check the hosts file for a match, and failing that, fwd the lookup 
request to my dd-wrt router, and if dnsmasq doesn't know it, forward it to my ISP. 
And its all transparent in about 30 milliseconds.  The reason I used rm on it is 
because back about wheezy I tried to remove it with apt, and its dependencies took 
247 other packages with it totally killing the system.


DNS performs similarly to hosts files, is not hard to set up, and is easier to 
maintain once set up.

I checked a couple of my images and found they have one or more avahi* packages 
installed (avahi-daemon is there in all cases, I assume due to a connection 
with installation of CUPS). CUPS works fine, and if Ahavi contributes to that, 
it's fine by me.



I screamed about it at the time, years ago, everybody sneered and made fun of 
me, and ever so slowly the dependencies went away and I can now remove it with 
apt, but it appears I no longer need to. So it has been reinstalled.


On several of my system images, removing avahi-daemon would also remove Gnome, 
so I wouldn't do it. But I have found no need: the only times I have noticed 
169.x.x.x IPv4 addresses is when something went wrong with network setup at 
boot, mostly cable or switch malfunctions.



Take care & stay well Andy.

Cheers, Gene Heskett.


Regards,
Tom Dial

Re: Gene's avahi bogeyman is not real (Was Re: how to find outregdomain/country of wifi network)

2023-05-14 Thread gene heskett 

On 5/14/23 17:21, Andy Smith wrote:

Dear debian-user archives,

On Sun, May 14, 2023 at 02:42:05PM -0400, gene heskett wrote:

I've literally spent a frigging week trying to get iproute to
over-ride the broken 169.xx.xx.xx primary route that earlier
avahi's insisted on putting into a network config, that is why to
this day the first thing I do after an install, is find avahi and
rm it and reboot. rm because you could not remove it with apt w/o
tearing down the system far enough the only recourse was to
reinstall.  That is obviously an endless loop.


Routine note for the archive that avahi is another one of Gene's
Demons and the above is not in any way true. I have 50+ Debian hosts
that do not have avahi installed at all, and several more that
intentionally do and work fine.

As usual, Gene's experiences are due to a misconfiguration that
Gene made and cannot be helped with, despite many people trying over
a period of years.

When you see a post from Gene mentioning liberal use of "rm" and
"chattr +i" on parts of the operating system, do begin to question
what you are reading.

Thanks,
Andy


Thanks for the vote of no confidence Andy.

The diff as I see it, is that I refuse to actually run a dns server 
here, bind and I agreed to disagree nearly 25 years ago when bind was at 
4 something and half the planet was cleaning after attacks on bind. The 
other half wasn't aware of anything except the net was dead, no dns.


The box in question was running rh 6.1 so that might give you a time 
frame. 2001 maybe. IDK, IDC.


We bought a block of 16 ipv4 addresses and registered & ran the tv 
stations net access, about 40 mostly windoze boxes preferring /etc/host 
files for local lookups. It works if the router relays, its fast, and 
bulletproof. The way I've configured is to first check the hosts file 
for a match, and failing that, fwd the lookup request to my dd-wrt 
router, and if dnsmasq doesn't know it, forward it to my ISP. And its 
all transparent in about 30 milliseconds.  The reason I used rm on it is 
because back about wheezy I tried to remove it with apt, and its 
dependencies took 247 other packages with it totally killing the system.


I screamed about it at the time, years ago, everybody sneered and made 
fun of me, and ever so slowly the dependencies went away and I can now 
remove it with apt, but it appears I no longer need to. So it has been 
reinstalled.


Take care & stay well Andy.

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page