On 12/24/13 22:08, Andres Perera wrote: > i think further investigation is due on OP's part
OK. I first removed the domain keyword out of the /etc/resolv.conf and updated /etc/resolv.conf.tail. Then I stuck "search centroid.eu" in there instead so that it looked like this: ---- # Generated by re0 dhclient search centroid.eu nameserver 192.168.34.1 search centroid.eu lookup file bind family inet6 inet4 ---- I turned up logs on the immediate nameserver (192.168.34.1) and watched them a bit. Here is what I then read: Dec 26 11:17:31 uranus named[12220]: client 192.168.34.4#22419: query: www.spiegel.de.centroid.eu IN AAAA + so the "leak" I described earlier was happening here too. Then I adjusted the search keyword to only do "search ." and that stopped the leak, however it still created 2 queries where one would suffice: ---- # Generated by re0 dhclient search centroid.eu nameserver 192.168.34.1 search . lookup file bind family inet6 inet4 ---- queries were: Dec 26 11:27:54 uranus named[12220]: client 192.168.34.4#38177: query: www.spiegel.de IN AAAA + Dec 26 11:27:54 uranus named[12220]: client 192.168.34.4#24662: query: www.spiegel.de IN AAAA + So reasonable, just as I want them. Too bad there is 2 of the same, so it's not exactly perfect. I'm wondering if this hint can be included into the resolv.conf manpage somehow, something like: ---- "search ." stops leaking quad-A queries to the domain's nameserver. ---- But I'm looking for proper wording and place to put it into the manpage. Thanks, -peter
