Hi!
I am not that happy with the suggested postinst script.
Two things:
First, please use "mdns4" and "mdns4_minimal" modules instead of
"mdns" and "mdns_minimal". Why? Because many broken programs (one of
them being "telnet") do host name lookups in a broken way: they first
try an ipv6 lookup and if that fails fall back to ipv4. In mDNS host
name lookups for nonexistant host names take a long time to
timeout. In a network where only IPv4 names are published this will
cause these tools to take many seconds to do a connection to an mDNS
name if the host didn't registers both ipv6 and ipv4 names.
Unfortunately do neither Avahi nor Apple Bonjour register both ipv6
and ipv4 addresses by default. (The reason for that is that this would
cause all services to show up twice, once for each protocol. But
that's a different story).
So, in short, because most people with run nss-mdns together with
Avahi or Bonjour hosts with default configurations, please do not
enable Ipv6 address lookups by default. i.e. use only "mdns4" and not
"mdns" and the same for the _minimal flavour.
And secondly, please make mdns4_minimal authoritative for .local and
IPv4LL hosts. This can be done by adding [NOTFOUND=return] to the
invocation for mdns4_minimal. Why? If you don't pass it lookups for
nonexistant mdns host names will take twice as long as necessary,
because first mdns4_minimal has to timeout and than mdns4 as
well. Since the timeout is 5s or so, this will increase the total
timeout to 10s which really hurts I would argue. In addition making
mDNS authritative for .local has security advantages and removes
unnecessary load from unicast DNS servers.
The ideal line has to look like this:
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
I strongly suggest following this advice of mine. To my knowledge this
line is nearly "optimal". I know that Anand Kumria doesn't really
follow me in my argumentation and added some misleading documentation
to README.Debian. However, I am very unhappy with this situation.
Yes, it is a pity that we cannot add proper out-of-the-box support for
IPv6 to our zeroconf stack. But humm, that's the situation we have to
deal with.
Thank you very much,
Lennart (who happens to be upstream of nss-mdns)
--
Lennart Poettering; lennart [at] poettering [dot] net
ICQ# 11060553; GPG 0x1A015CC4; http://0pointer.net/lennart/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
