On Thu, Dec 26, 2013 at 6:09 AM, Peter J. Philipp <[email protected]> wrote: > On 12/24/13 22:08, Andres Perera wrote: >> i think further investigation is due on OP's part > > OK. I first removed the domain keyword out of the /etc/resolv.conf and > updated /etc/resolv.conf.tail. > > Then I stuck "search centroid.eu" in there instead so that it looked > like this: > > ---- > # Generated by re0 dhclient > search centroid.eu > nameserver 192.168.34.1 > search centroid.eu > lookup file bind > family inet6 inet4 > ---- > > I turned up logs on the immediate nameserver (192.168.34.1) and watched > them a bit. Here is what I then read: > > Dec 26 11:17:31 uranus named[12220]: client 192.168.34.4#22419: query: > www.spiegel.de.centroid.eu IN AAAA + > > so the "leak" I described earlier was happening here too.
it would be easier if you work on isolating why is this happening; don't worry about interim servers and other variables, just configure a machine with a nameserver running on localhost while trying to sort this out > Then I adjusted the search keyword to only do "search ." and that > stopped the leak, however it still created 2 queries where one would > suffice: > > ---- > # Generated by re0 dhclient > search centroid.eu > nameserver 192.168.34.1 > search . > lookup file bind > family inet6 inet4 > ---- > > queries were: > > Dec 26 11:27:54 uranus named[12220]: client 192.168.34.4#38177: query: > www.spiegel.de IN AAAA + > Dec 26 11:27:54 uranus named[12220]: client 192.168.34.4#24662: query: > www.spiegel.de IN AAAA + > > So reasonable, just as I want them. Too bad there is 2 of the same, so > it's not exactly perfect. what browser are you using? how is it calling resolver(3) routines? it seems strange that the cache would allow for two identical queries in such a short time span (both on the same second, 11:27:54) > > I'm wondering if this hint can be included into the resolv.conf manpage > somehow, something like: > > ---- > "search ." stops leaking quad-A queries to the domain's nameserver. > ---- > > But I'm looking for proper wording and place to put it into the manpage. > > Thanks, > > -peter
