Package: base-files
Version: 3.1.9
Severity: wishlist
Hi!
Since base-files 3.1.8 /etc/nsswitch.conf contains support for
libnss-mdns out of the box:
hosts: files dns mdns
I don't think this line is a good idea, because this way lookups for a
.local host are first issued using normal unicast DNS. This lookup,
however, will almost certainly fail and thus result in useless traffic
and a superfluous delay when accessing a slow DNS server.
Instead I would like to suggest to reverse the order of "dns" and
"mdns". This is not a security risk because the default configuration
of libnss-mdns doesn't allow host name lookups for hosts outside
.local.
In addition I would like to suggest to use the IPv4-only module of
libnss-mdns because looking up IPv6 addresses of a host which only
publishes IPv4 addresses will cause an extra timeout delay of three
seconds. All Macs, and all HOWL running machines publish only IPv4
addresses by default. Hosts running Avahi are the only exception right
now.
In summary, the following line is what I would like to propose:
hosts: files mdns4 dns
(As a side note: I am the upstream maintainer of libnss-mdns, that's
why this came to my attention)
Thank you,
Lennart
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Versions of packages base-files depends on:
ii base-passwd 3.5.11 Debian base system master password
ii gawk [awk] 1:3.1.5-1 GNU awk, a pattern scanning and pr
ii mawk [awk] 1.3.3-11 a pattern scanning and text proces
base-files recommends no packages.
-- no debconf information
--
Lennart Poettering; lennart [at] poettering [dot] net
ICQ# 11060553; GPG 0x1A015CC4; http://0pointer.net/lennart/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
