subject:"apparent change in hostnames on LAN without admin intervention"

On Mon 16 Dec 2019 at 12:28:13 (+), Bonno Bloksma wrote:
> > > I could be quite wrong, but I thought that "local" was actually 
> > > suggested as a domain name at one time by the installer. (And I 
> 
> Don't know if Debian did that but ... a LOONG time ago, at least looong in 
> "internet years", it was indeed recommended to use the "real" domain name for 
> the servers that could be reached from the internet and to use the same corp 
> part but .local as TLD for the internal network. That was supposed to avoid 
> confusion with duplicate names in use for different servers/services.
> In our case I was supposed to use tio.nl for public stuff and tio.local for 
> internal stuff.

Sounds like:
https://www.microsoftpressstore.com/articles/article.aspx?p=2195190=2
dated May 15, 2011.

> Me, I never understood that. If it has the same name it should be the same 
> server/service, both internal and external. For internal stuff I simply use a 
> subdomain name like staff.tio.nl for stuff that relates to the staff and 
> student.tio.nl for stuff that relates to the students.
> But at one time it was the "official policy" to use .local for internal 
> stuff. It was even in documentation and course material in those days.
> That was of course years before someone decided to use .local for mDns which 
> then led to the current confusion. :-(

Actually the example above looks as it lasted about 3 weeks,
whereupon:

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc738121(v=ws.10)?redirectedfrom=MSDN
dated June 6, 2011.

Not quite seven days in May, but close.

I've read that using {staff,student}.tio.nl, as you do, is the correct
thing to do, using a technique called "split-horizon", which is
something I'd prefer not to involve myself in.

If Debian is into making suggestions, perhaps "If you are setting up a
home network, you can make something up, but make sure you use the
same domain name on all your computers" could be replaced by something
like "… … home network, it's recommended that you use the domain name
home.arpa on all your computers".

Cheers,
David.

RE: apparent change in hostnames on LAN without admin intervention

2019-12-16 Thread Bonno Bloksma

Hi,

> > I could be quite wrong, but I thought that "local" was actually 
> > suggested as a domain name at one time by the installer. (And I 

Don't know if Debian did that but ... a LOONG time ago, at least looong in 
"internet years", it was indeed recommended to use the "real" domain name for 
the servers that could be reached from the internet and to use the same corp 
part but .local as TLD for the internal network. That was supposed to avoid 
confusion with duplicate names in use for different servers/services.
In our case I was supposed to use tio.nl for public stuff and tio.local for 
internal stuff.

Me, I never understood that. If it has the same name it should be the same 
server/service, both internal and external. For internal stuff I simply use a 
subdomain name like staff.tio.nl for stuff that relates to the staff and 
student.tio.nl for stuff that relates to the students.
But at one time it was the "official policy" to use .local for internal 
stuff. It was even in documentation and course material in those days.
That was of course years before someone decided to use .local for mDns which 
then led to the current confusion. :-(

Bonno Bloksma

Re: apparent change in hostnames on LAN without admin intervention

2019-12-16 Thread Jape Person

On 12/16/19 3:25 PM, David Wright wrote:

On Mon 16 Dec 2019 at 13:36:27 (-0500), Jape Person wrote:

On 12/16/19 11:39 AM, David Wright wrote:

On Mon 16 Dec 2019 at 10:53:02 (-0500), Jape Person wrote:

On 12/16/19 12:42 AM, David Wright wrote:

On Sat 14 Dec 2019 at 13:49:25 (-0500), Jape Person wrote:

On 12/14/19 1:24 AM, john doe wrote:

...

The file '/etc/resolv.conf' should let you know what TLD is sent from
the DHCP server.

Debian shouldn't modify your configuration files '/etc' without your nolage.

Depending on the packages chosen, /etc/resolv.conf is one file in /etc
that is modified by Debian. The resolvconf package lists 23 other
programs that it is designed to adjudicate between, for want of a
better term.

...

That has been my understanding, and it's why I never edit /etc/resolv.conf
myself.

Note that the TLD '.lan' is sometime used.

That's another choice, like .local, that could always be issued as a
real TLD at some point in the future.

1) https://www.xfinity.com/support/articles/list-of-approved-cable-modems

I'm using my own router behind the modem provided by the ISP. I've
never used a router provided by an ISP for controlling my network.

I'm using a Luxul XWR-1750 which has been kept on the latest firmware
available. Last upgrade was done early this year, long before the
noted change in names.

The router is set to provide static IP addresses and has the names of
each of the systems associated with their MAC Addresses and IP
Addresses.

Can you just clarify this? My router provides static IP addresses on
the basis of the MAC addresses, all the information being typed in¹
by me. It also lists the names of the other hosts, but only because
those hosts told it their names. IOW the router (cheap, $35) doesn't
issue hostnames, nor provide a DNS service itself. It also neither
knows nor cares what the domain name of the network is.

How much of this is the same on the router in your network?

¹ actually, of course, it deduces all but the last number in the
dotted quad.

Yes, it's my understanding that my router does provide DNS on the
local network and will provide the 208.67.222.222, 208.67.220.220
OpenDNS servers or whatever the ISP provides for DNS servers,
depending upon entries made in its setup pages. I do not think that it
actually issues the hostnames, but it does detect whatever hostnames
the devices provide and shows them associated with the IP addresses
its DHCP server issues in a table. Do you think that I'm
misunderstanding the arrangement? Could well be. I have ASSumed that
it worked this way from the appearance of the tables in the setup
software.

The software running the router is licensed under Luxul Open Source Code for
Programmers (GPL).

Others will have to comment on the functionality provided by this
software as I'm not familiar with it.

But a table of names doesn't convince me that your router is providing
a DNS service (or a domain name). My router maintains a list of names,
but they're not strictly hostnames unless I edit them to be so. For
example, when we bought our last Roku¹, it told the router it was
called "ROKU PREMIEREPLUS - 964" which I edited to "rokupw²", the name
by which I can ping it if I want to know whether it's powered up.

Try typing
$ nslookup chip-nuc 192.168.1.1
where 192.168.1.1 is the IP address for *your* router.

¹ a TV streamer. ² and "rokupe" for its ethernet interface.

Okay. I reset all of the hostnames on the network to avoid using
improper names for the domain and to correct an issue where I would
have had a user name and hostname being the same.

I did what you suggested and got the following.

$ nslookup hostname 192.168.0.1
Server: 192.168.0.1
Address:192.168.0.1#53

Name: hostname
Address: 192.168.0.116

Note: I replaced the actual hostname with the word "hostname" in the example.

My understanding is that you do have a DNS server in the router then,
so you could avoid having to maintain lists of hostnames and IP
addresses on any of the other hosts if the router is always on.

I assume you can expand this to include the domain name, because the
default dhclient.conf appears to ask for it from the dhcp server.
But I certainly prefer to have each host know its own hostname and
domain name before it configures the network, and IIRC the default
Debian configuration is to put
127.0.1.1 hostname.domain hostname
into /etc/hosts which ensures this.

Understood. I have my /etc/hosts files set that way, and I add a list of domains I want blocked to
these files as well.

I can't really help with what changed and when, but can only point out
that people who've used .local seem to report intermittent behaviour
in various forums that google has turned up.

Cheers,
David.

Understood. I have had "weirdness" on this network for quite a while. Have assumed it was something
amiss in the wireless drivers because it always corrected itself when systems were rebooted. I
should have known that

Re: apparent change in hostnames on LAN without admin intervention

On Mon 16 Dec 2019 at 13:36:27 (-0500), Jape Person wrote:
> On 12/16/19 11:39 AM, David Wright wrote:
> > On Mon 16 Dec 2019 at 10:53:02 (-0500), Jape Person wrote:
> > > On 12/16/19 12:42 AM, David Wright wrote:
> > > > On Sat 14 Dec 2019 at 13:49:25 (-0500), Jape Person wrote:
> > > > > On 12/14/19 1:24 AM, john doe wrote:
> > > ...
> > > > > > The file '/etc/resolv.conf' should let you know what TLD is sent 
> > > > > > from
> > > > > > the DHCP server.
> > > > > > 
> > > > > > Debian shouldn't modify your configuration files '/etc' without 
> > > > > > your nolage.
> > > > 
> > > > Depending on the packages chosen, /etc/resolv.conf is one file in /etc
> > > > that is modified by Debian. The resolvconf package lists 23 other
> > > > programs that it is designed to adjudicate between, for want of a
> > > > better term.
> > > > 
> > > ...
> > > 
> > > That has been my understanding, and it's why I never edit 
> > > /etc/resolv.conf myself.
> > > 
> > > > > > Note that the TLD '.lan' is sometime used.
> > > > 
> > > > That's another choice, like .local, that could always be issued as a
> > > > real TLD at some point in the future.
> > > > 
> > > > > > 1)  
> > > > > > https://www.xfinity.com/support/articles/list-of-approved-cable-modems
> > > > > 
> > > > > I'm using my own router behind the modem provided by the ISP. I've
> > > > > never used a router provided by an ISP for controlling my network.
> > > > > 
> > > > > I'm using a Luxul XWR-1750 which has been kept on the latest firmware
> > > > > available. Last upgrade was done early this year, long before the
> > > > > noted change in names.
> > > > > 
> > > > > The router is set to provide static IP addresses and has the names of
> > > > > each of the systems associated with their MAC Addresses and IP
> > > > > Addresses.
> > > > 
> > > > Can you just clarify this? My router provides static IP addresses on
> > > > the basis of the MAC addresses, all the information being typed in¹
> > > > by me. It also lists the names of the other hosts, but only because
> > > > those hosts told it their names. IOW the router (cheap, $35) doesn't
> > > > issue hostnames, nor provide a DNS service itself. It also neither
> > > > knows nor cares what the domain name of the network is.
> > > > 
> > > > How much of this is the same on the router in your network?
> > > > 
> > > > ¹ actually, of course, it deduces all but the last number in the
> > > > dotted quad.
> > > 
> > > Yes, it's my understanding that my router does provide DNS on the
> > > local network and will provide the 208.67.222.222, 208.67.220.220
> > > OpenDNS servers or whatever the ISP provides for DNS servers,
> > > depending upon entries made in its setup pages. I do not think that it
> > > actually issues the hostnames, but it does detect whatever hostnames
> > > the devices provide and shows them associated with the IP addresses
> > > its DHCP server issues in a table. Do you think that I'm
> > > misunderstanding the arrangement? Could well be. I have ASSumed that
> > > it worked this way from the appearance of the tables in the setup
> > > software.
> > > 
> > > The software running the router is licensed under Luxul Open Source Code 
> > > for Programmers (GPL).
> > 
> > Others will have to comment on the functionality provided by this
> > software as I'm not familiar with it.
> > 
> > But a table of names doesn't convince me that your router is providing
> > a DNS service (or a domain name). My router maintains a list of names,
> > but they're not strictly hostnames unless I edit them to be so. For
> > example, when we bought our last Roku¹, it told the router it was
> > called "ROKU PREMIEREPLUS - 964" which I edited to "rokupw²", the name
> > by which I can ping it if I want to know whether it's powered up.
> > 
> > Try typing
> > $ nslookup chip-nuc 192.168.1.1
> > where 192.168.1.1 is the IP address for *your* router.
> > 
> > ¹ a TV streamer. ² and "rokupe" for its ethernet interface.
> > 
> Okay. I reset all of the hostnames on the network to avoid using
> improper names for the domain and to correct an issue where I would
> have had a user name and hostname being the same.
> 
> I did what you suggested and got the following.
> 
> $ nslookup hostname 192.168.0.1
> Server:   192.168.0.1
> Address:  192.168.0.1#53
> 
> Name: hostname
> Address: 192.168.0.116
> 
> Note: I replaced the actual hostname with the word "hostname" in the example.

My understanding is that you do have a DNS server in the router then,
so you could avoid having to maintain lists of hostnames and IP
addresses on any of the other hosts if the router is always on.

I assume you can expand this to include the domain name, because the
default dhclient.conf appears to ask for it from the dhcp server.
But I certainly prefer to have each host know its own hostname and
domain name before it configures the network, and IIRC the default
Debian configuration is to put
  127.0.1.1  hostname.domain  hostname
into

Re: apparent change in hostnames on LAN without admin intervention

2019-12-16 Thread Jape Person


On 12/16/19 11:39 AM, David Wright wrote:

On Mon 16 Dec 2019 at 10:53:02 (-0500), Jape Person wrote:

On 12/16/19 12:42 AM, David Wright wrote:

On Sat 14 Dec 2019 at 13:49:25 (-0500), Jape Person wrote:

On 12/14/19 1:24 AM, john doe wrote:

...

The file '/etc/resolv.conf' should let you know what TLD is sent from
the DHCP server.

Debian shouldn't modify your configuration files '/etc' without your nolage.


Depending on the packages chosen, /etc/resolv.conf is one file in /etc
that is modified by Debian. The resolvconf package lists 23 other
programs that it is designed to adjudicate between, for want of a
better term.


...

That has been my understanding, and it's why I never edit /etc/resolv.conf 
myself.


Note that the TLD '.lan' is sometime used.


That's another choice, like .local, that could always be issued as a
real TLD at some point in the future.


1)  https://www.xfinity.com/support/articles/list-of-approved-cable-modems


I'm using my own router behind the modem provided by the ISP. I've
never used a router provided by an ISP for controlling my network.

I'm using a Luxul XWR-1750 which has been kept on the latest firmware
available. Last upgrade was done early this year, long before the
noted change in names.

The router is set to provide static IP addresses and has the names of
each of the systems associated with their MAC Addresses and IP
Addresses.


Can you just clarify this? My router provides static IP addresses on
the basis of the MAC addresses, all the information being typed in¹
by me. It also lists the names of the other hosts, but only because
those hosts told it their names. IOW the router (cheap, $35) doesn't
issue hostnames, nor provide a DNS service itself. It also neither
knows nor cares what the domain name of the network is.

How much of this is the same on the router in your network?

¹ actually, of course, it deduces all but the last number in the
dotted quad.


Yes, it's my understanding that my router does provide DNS on the
local network and will provide the 208.67.222.222, 208.67.220.220
OpenDNS servers or whatever the ISP provides for DNS servers,
depending upon entries made in its setup pages. I do not think that it
actually issues the hostnames, but it does detect whatever hostnames
the devices provide and shows them associated with the IP addresses
its DHCP server issues in a table. Do you think that I'm
misunderstanding the arrangement? Could well be. I have ASSumed that
it worked this way from the appearance of the tables in the setup
software.

The software running the router is licensed under Luxul Open Source Code for 
Programmers (GPL).


Others will have to comment on the functionality provided by this
software as I'm not familiar with it.

But a table of names doesn't convince me that your router is providing
a DNS service (or a domain name). My router maintains a list of names,
but they're not strictly hostnames unless I edit them to be so. For
example, when we bought our last Roku¹, it told the router it was
called "ROKU PREMIEREPLUS - 964" which I edited to "rokupw²", the name
by which I can ping it if I want to know whether it's powered up.

Try typing
$ nslookup chip-nuc 192.168.1.1
where 192.168.1.1 is the IP address for *your* router.

¹ a TV streamer. ² and "rokupe" for its ethernet interface.

Cheers,
David.

Okay. I reset all of the hostnames on the network to avoid using improper names for the domain and 
to correct an issue where I would have had a user name and hostname being the same.


I did what you suggested and got the following.

$ nslookup hostname 192.168.0.1
Server: 192.168.0.1
Address:192.168.0.1#53

Name:   hostname
Address: 192.168.0.116

Note: I replaced the actual hostname with the word "hostname" in the example.

Thanks,
JP

Re: apparent change in hostnames on LAN without admin intervention

On Mon 16 Dec 2019 at 10:53:02 (-0500), Jape Person wrote:
> On 12/16/19 12:42 AM, David Wright wrote:
> > On Sat 14 Dec 2019 at 13:49:25 (-0500), Jape Person wrote:
> > > On 12/14/19 1:24 AM, john doe wrote:
> ...
> > > > The file '/etc/resolv.conf' should let you know what TLD is sent from
> > > > the DHCP server.
> > > > 
> > > > Debian shouldn't modify your configuration files '/etc' without your 
> > > > nolage.
> > 
> > Depending on the packages chosen, /etc/resolv.conf is one file in /etc
> > that is modified by Debian. The resolvconf package lists 23 other
> > programs that it is designed to adjudicate between, for want of a
> > better term.
> > 
> ...
> 
> That has been my understanding, and it's why I never edit /etc/resolv.conf 
> myself.
> 
> > > > Note that the TLD '.lan' is sometime used.
> > 
> > That's another choice, like .local, that could always be issued as a
> > real TLD at some point in the future.
> > 
> > > > 1)  
> > > > https://www.xfinity.com/support/articles/list-of-approved-cable-modems
> > > 
> > > I'm using my own router behind the modem provided by the ISP. I've
> > > never used a router provided by an ISP for controlling my network.
> > > 
> > > I'm using a Luxul XWR-1750 which has been kept on the latest firmware
> > > available. Last upgrade was done early this year, long before the
> > > noted change in names.
> > > 
> > > The router is set to provide static IP addresses and has the names of
> > > each of the systems associated with their MAC Addresses and IP
> > > Addresses.
> > 
> > Can you just clarify this? My router provides static IP addresses on
> > the basis of the MAC addresses, all the information being typed in¹
> > by me. It also lists the names of the other hosts, but only because
> > those hosts told it their names. IOW the router (cheap, $35) doesn't
> > issue hostnames, nor provide a DNS service itself. It also neither
> > knows nor cares what the domain name of the network is.
> > 
> > How much of this is the same on the router in your network?
> > 
> > ¹ actually, of course, it deduces all but the last number in the
> > dotted quad.
> 
> Yes, it's my understanding that my router does provide DNS on the
> local network and will provide the 208.67.222.222, 208.67.220.220
> OpenDNS servers or whatever the ISP provides for DNS servers,
> depending upon entries made in its setup pages. I do not think that it
> actually issues the hostnames, but it does detect whatever hostnames
> the devices provide and shows them associated with the IP addresses
> its DHCP server issues in a table. Do you think that I'm
> misunderstanding the arrangement? Could well be. I have ASSumed that
> it worked this way from the appearance of the tables in the setup
> software.
> 
> The software running the router is licensed under Luxul Open Source Code for 
> Programmers (GPL).

Others will have to comment on the functionality provided by this
software as I'm not familiar with it.

But a table of names doesn't convince me that your router is providing
a DNS service (or a domain name). My router maintains a list of names,
but they're not strictly hostnames unless I edit them to be so. For
example, when we bought our last Roku¹, it told the router it was
called "ROKU PREMIEREPLUS - 964" which I edited to "rokupw²", the name
by which I can ping it if I want to know whether it's powered up.

Try typing
$ nslookup chip-nuc 192.168.1.1
where 192.168.1.1 is the IP address for *your* router.

¹ a TV streamer. ² and "rokupe" for its ethernet interface.

Cheers,
David.

Re: apparent change in hostnames on LAN without admin intervention

On Mon 16 Dec 2019 at 12:03:58 (+0530), tv.deb...@googlemail.com wrote:
> I am not the OP, but questions seems directed to me, see inline answers.

Yes, it's interesting to see what people's configurations are when
they make suggestions, because that affects whether they apply in
other cases (including mine).

> On 16/12/2019 11:12, David Wright wrote:
> > On Sun 15 Dec 2019 at 11:49:55 (+0530), tv.deb...@googlemail.com wrote:
> > > On 15/12/2019 00:35, Jape Person wrote:
> > > > On 12/14/19 3:56 AM, Andrei POPESCU wrote:
> > > > > On Vi, 13 dec 19, 19:33:51, Jape Person wrote:
> > > > > > Hi folks. Did I miss something?
> > > > > > 
> > > > > > I've had 3 Sid/testing systems running on the same LAN behind the 
> > > > > > same
> > > > > > router for just shy of 3 years. Their static IP addresses
> > > > > > have always been
> > > > > > issued by the DHCP server on the router. Everything has
> > > > > > been copacetic among
> > > > > > the systems, with local and outside name resolution
> > > > > > working with no issue.
> > > > > > 
> > > > > > A little over a week ago the systems stopped being able to
> > > > > > access each other
> > > > > > by name. No changes were made in the settings or firmware
> > > > > > of the router or
> > > > > > of the local network settings on the systems.
> > > > > > 
> > > > > > I discovered that all of the hostnames had changed from 
> > > > > > xx.local to
> > > > > > xx. I've tried to determine the cause of this alteration in the
> > > > > > hostnames on the LAN.
> > > > > 
> > > > > Please provide more info on this, specifically where / how are the
> > > > > hostnames configured and where / how did you discover they changed.
> > > > > 
> > > > > Do note that .local is typically used by mDNS and in my understanding 
> > > > > it
> > > > > should not be used with a DNS server.
> > > > > 
> > > > > https://en.wikipedia.org/wiki/.local
> > > > 
> > > > The hostnames and local domain name were used during installation.
> > > > 
> > > > The static DHCP addresses are issued by a Luxul XWR-1750 router
> > > > which associates the hostnames with the MAC and IP addresses.
> > > > 
> > > > Contents of /etc/resolv.conf:
> > > > 
> > > > search local
> > > > nameserver 208.67.220.220
> > > > 
> > > > I discovered the change a few days ago when I was doing my daily
> > > > check for updates by using SSH to connect to two of the systems. I
> > > > received the following response to the connection command:
> > > > 
> > > > ssh: Could not resolve hostname chip-nuc.local: Name or service not 
> > > > known
> > > > 
> > > > I checked to make sure I could connect to everything by IP
> > > > address, and I checked DNS on the outside world. Everything looked
> > > > okay.
> > > > 
> > > > On a hunch I tried omitting the .local from the connection
> > > > command, and it work on each client.
> > > > 
> > > > I figured any time the name of a client changes without deliberate
> > > > action on the part of the network admin (however incompetent he
> > > > may be), that could be a security issue. That's why I asked here.
> > > 
> > > Hi, I am running a very similar setup, also on Sid/Testing (updated
> > > daily), and didn't notice any change. My local domain is not ".local"
> > > or ".home", it is custom.
> > 
> > That might be a reason for no change to have occurred.
> > 
> > Just out of curiosity, is your custom name registered or just made up?
> 
> Made up, it exists only on my LAN.

OK. so that's the same as me.

> > > My resolv.conf looks like yours (modulo the domain name), I have an
> > > additional nameserver line for my router address. My router only
> > > resolves names for the local network, public DNS is resolved though a
> > > VPN.
> > > 
> > > My hosts file is just standard :
> > > 
> > >  
> > > 
> > > one line per host on the network, the router has the same hosts file,
> > > the IP are reserved by the router DHCP and associated with (static
> > > spoofed) MAC addresses. Routers are running on Asuswrt-Merlin and
> > > openWRT (one is AP mode only).
> > 
> > Again, curious, why do you maintain hosts files on each host? As you
> > resolve that other hosts on your network by DNS at the router, I
> > would have expected all your hosts files to look like:
> > 
> > 127.0.0.1   localhost
> > 127.0.1.1   foo.custom   foo
> > 
> > for host foo.
> > 
> 
> One of the PC is serving various services to the LAN, some bypassing
> the router for load/performances reason,

Fair enough. (I do that between hosts using IPv6 over Cat5, and have
been scolded here for it.)

> this PC is carrying an up to
> date version of the hosts file.

But does it need to? If your router runs a DNS server (you say it
does), it can provide that (DNS) service to the PC that's providing
the various other services.

> It's not one hosts file on every
> machines on the network, it's one hosts file with every machines on
> the LAN registered in it on one of the node on the LAN.

… which

Re: apparent change in hostnames on LAN without admin intervention

2019-12-16 Thread Jape Person


On 12/16/19 12:42 AM, David Wright wrote:

On Sat 14 Dec 2019 at 13:49:25 (-0500), Jape Person wrote:

On 12/14/19 1:24 AM, john doe wrote:

...

The file '/etc/resolv.conf' should let you know what TLD is sent from
the DHCP server.

Debian shouldn't modify your configuration files '/etc' without your nolage.


Depending on the packages chosen, /etc/resolv.conf is one file in /etc
that is modified by Debian. The resolvconf package lists 23 other
programs that it is designed to adjudicate between, for want of a
better term.


...

That has been my understanding, and it's why I never edit /etc/resolv.conf 
myself.


Note that the TLD '.lan' is sometime used.


That's another choice, like .local, that could always be issued as a
real TLD at some point in the future.


1)  https://www.xfinity.com/support/articles/list-of-approved-cable-modems


I'm using my own router behind the modem provided by the ISP. I've
never used a router provided by an ISP for controlling my network.

I'm using a Luxul XWR-1750 which has been kept on the latest firmware
available. Last upgrade was done early this year, long before the
noted change in names.

The router is set to provide static IP addresses and has the names of
each of the systems associated with their MAC Addresses and IP
Addresses.


Can you just clarify this? My router provides static IP addresses on
the basis of the MAC addresses, all the information being typed in¹
by me. It also lists the names of the other hosts, but only because
those hosts told it their names. IOW the router (cheap, $35) doesn't
issue hostnames, nor provide a DNS service itself. It also neither
knows nor cares what the domain name of the network is.

How much of this is the same on the router in your network?

¹ actually, of course, it deduces all but the last number in the
dotted quad.

Cheers,
David.



Yes, it's my understanding that my router does provide DNS on the local network and will provide the 
208.67.222.222, 208.67.220.220 OpenDNS servers or whatever the ISP provides for DNS servers, 
depending upon entries made in its setup pages. I do not think that it actually issues the 
hostnames, but it does detect whatever hostnames the devices provide and shows them associated with 
the IP addresses its DHCP server issues in a table. Do you think that I'm misunderstanding the 
arrangement? Could well be. I have ASSumed that it worked this way from the appearance of the tables 
in the setup software.


The software running the router is licensed under Luxul Open Source Code for 
Programmers (GPL).

Thanks, David.

JP

Re: apparent change in hostnames on LAN without admin intervention

2019-12-16 Thread John Hasler

John Doe writes:
> In the above example 'try' is the hostname while 'example.com' is the
> domainname. From other e-mail, it looks like your DHCP server was
> sending as 'local' as domainname.

Your MTA should be rewriting headers to use your external email domain.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: apparent change in hostnames on LAN without admin intervention

2019-12-16 Thread john doe

On 12/14/2019 7:49 PM, Jape Person wrote:
> On 12/14/19 1:24 AM, john doe wrote:
>>
>> Assuming that you are using the router from your ISP, it is possible
>> that the firmware has been upgraded without your nolage.
>>
>> One way to prevent this could be (1), that is, use your own
>> router/server/gateway so you control everything on your LAN.
>>
>> I use an EMTA modem only from my ISP which is plugged into a perimiter
>> firewall.
>>
>> If you can't have an modem from your ISP, look at 'bridgemode'.
>>
>> If your not comfortable building your server from scratch, you can
>> simply buy a router that is accepted by your ISP .
>>
>> In other words, you need to choose one or the other if you go this way:
>> - Modem connected to router (most flexible of all)
>> - Combo modem/router in one box (les flexible but is more compact)
>>
>>
>> If you use DHCP static lease, you should look at what the DHCP server is
>> providing as hostname and 'TLD', and also in the dhcp client (dhclient'
>> to see what you get from the DHCP server.
>>
>> The file '/etc/resolv.conf' should let you know what TLD is sent from
>> the DHCP server.
>>
>> Debian shouldn't modify your configuration files '/etc' without your
>> nolage.
>>
>> Note that the TLD '.lan' is sometime used.
>>
>> 1) 
>> https://www.xfinity.com/support/articles/list-of-approved-cable-modems
>>
>> --
>> John Doe
>>
>
> Hi, John Doe.
>
> I'm using my own router behind the modem provided by the ISP. I've never
> used a router provided by an ISP for controlling my network.
>
> I'm using a Luxul XWR-1750 which has been kept on the latest firmware
> available. Last upgrade was done early this year, long before the noted
> change in names.
>
> The router is set to provide static IP addresses and has the names of
> each of the systems associated with their MAC Addresses and IP Addresses.
>

You can set a hostname per IP/MAC, but that is not the domain name:

try.example.com

In the above example 'try' is the hostname while 'example.com' is the
domainname. From other e-mail, it looks like your DHCP server was
sending as 'local' as domainname.

Look at the lease of your DHCP client (/var/lib/dhcp/*).

As other as pointed out, why are you using the 'host' file if your are
using DHCP?

What domain name is your DHCP server dishing out to your clients?

In anycase, using '.home.arpa' as domainname is the way to go for a
private LAN.

--
John Doe

Re: apparent change in hostnames on LAN without admin intervention

2019-12-15 Thread mick crane

On 2019-12-16 05:43, David Wright wrote:

On Sat 14 Dec 2019 at 10:08:56 (+), mick crane wrote:

On 2019-12-14 03:04, Jape Person wrote:

> I could be quite wrong, but I thought that "local" was actually
> suggested as a domain name at one time by the installer. (And I could
> be remembering a different distro, though I've been using Debian for a
> long time -- at least 10 years, I think.) I suppose I just continued
> to use it over the years out of habit.

I had the same thing a while back. I too always thought .local was the
recommendation and at the time .home was used by a phone company so
thought it best not to use that.

Which phone company was that, and when?

That would have been BT 15 years or so ago.
I know they use home.bt.com but I must have seen ( or thought I did 
).home as the top level domain somewhere to do with them.

mick

--
Key ID4BFEBB31

Re: apparent change in hostnames on LAN without admin intervention

2019-12-15 Thread tv.deb...@googlemail.com


I am not the OP, but questions seems directed to me, see inline answers.

On 16/12/2019 11:12, David Wright wrote:

On Sun 15 Dec 2019 at 11:49:55 (+0530), tv.deb...@googlemail.com wrote:

On 15/12/2019 00:35, Jape Person wrote:

On 12/14/19 3:56 AM, Andrei POPESCU wrote:

On Vi, 13 dec 19, 19:33:51, Jape Person wrote:

Hi folks. Did I miss something?

I've had 3 Sid/testing systems running on the same LAN behind the same
router for just shy of 3 years. Their static IP addresses
have always been
issued by the DHCP server on the router. Everything has
been copacetic among
the systems, with local and outside name resolution
working with no issue.

A little over a week ago the systems stopped being able to
access each other
by name. No changes were made in the settings or firmware
of the router or
of the local network settings on the systems.

I discovered that all of the hostnames had changed from xx.local to
xx. I've tried to determine the cause of this alteration in the
hostnames on the LAN.


Please provide more info on this, specifically where / how are the
hostnames configured and where / how did you discover they changed.

Do note that .local is typically used by mDNS and in my understanding it
should not be used with a DNS server.

https://en.wikipedia.org/wiki/.local


The hostnames and local domain name were used during installation.

The static DHCP addresses are issued by a Luxul XWR-1750 router
which associates the hostnames with the MAC and IP addresses.

Contents of /etc/resolv.conf:

search local
nameserver 208.67.220.220

I discovered the change a few days ago when I was doing my daily
check for updates by using SSH to connect to two of the systems. I
received the following response to the connection command:

ssh: Could not resolve hostname chip-nuc.local: Name or service not known

I checked to make sure I could connect to everything by IP
address, and I checked DNS on the outside world. Everything looked
okay.

On a hunch I tried omitting the .local from the connection
command, and it work on each client.

I figured any time the name of a client changes without deliberate
action on the part of the network admin (however incompetent he
may be), that could be a security issue. That's why I asked here.


Hi, I am running a very similar setup, also on Sid/Testing (updated
daily), and didn't notice any change. My local domain is not ".local"
or ".home", it is custom.


That might be a reason for no change to have occurred.

Just out of curiosity, is your custom name registered or just made up?


Made up, it exists only on my LAN.


My resolv.conf looks like yours (modulo the domain name), I have an
additional nameserver line for my router address. My router only
resolves names for the local network, public DNS is resolved though a
VPN.

My hosts file is just standard :

   

one line per host on the network, the router has the same hosts file,
the IP are reserved by the router DHCP and associated with (static
spoofed) MAC addresses. Routers are running on Asuswrt-Merlin and
openWRT (one is AP mode only).


Again, curious, why do you maintain hosts files on each host? As you
resolve that other hosts on your network by DNS at the router, I
would have expected all your hosts files to look like:

127.0.0.1   localhost
127.0.1.1   foo.custom   foo

for host foo.



One of the PC is serving various services to the LAN, some bypassing the 
router for load/performances reason, this PC is carrying an up to date 
version of the hosts file. It's not one hosts file on every machines on 
the network, it's one hosts file with every machines on the LAN 
registered in it on one of the node on the LAN.



ssh here works with both hostnames short alias (no domain), full name or IP.

 

works as expected and return the host IP.

Since we probably have the same packages versions let me know if you
need me to check anything that could differ from your system.


Cheers,
David.


Hope it satisfies your curiosity.

Re: apparent change in hostnames on LAN without admin intervention

On Sun 15 Dec 2019 at 11:49:55 (+0530), tv.deb...@googlemail.com wrote:
> On 15/12/2019 00:35, Jape Person wrote:
> > On 12/14/19 3:56 AM, Andrei POPESCU wrote:
> > > On Vi, 13 dec 19, 19:33:51, Jape Person wrote:
> > > > Hi folks. Did I miss something?
> > > > 
> > > > I've had 3 Sid/testing systems running on the same LAN behind the same
> > > > router for just shy of 3 years. Their static IP addresses
> > > > have always been
> > > > issued by the DHCP server on the router. Everything has
> > > > been copacetic among
> > > > the systems, with local and outside name resolution
> > > > working with no issue.
> > > > 
> > > > A little over a week ago the systems stopped being able to
> > > > access each other
> > > > by name. No changes were made in the settings or firmware
> > > > of the router or
> > > > of the local network settings on the systems.
> > > > 
> > > > I discovered that all of the hostnames had changed from xx.local to
> > > > xx. I've tried to determine the cause of this alteration in the
> > > > hostnames on the LAN.
> > > 
> > > Please provide more info on this, specifically where / how are the
> > > hostnames configured and where / how did you discover they changed.
> > > 
> > > Do note that .local is typically used by mDNS and in my understanding it
> > > should not be used with a DNS server.
> > > 
> > > https://en.wikipedia.org/wiki/.local
> > 
> > The hostnames and local domain name were used during installation.
> > 
> > The static DHCP addresses are issued by a Luxul XWR-1750 router
> > which associates the hostnames with the MAC and IP addresses.
> > 
> > Contents of /etc/resolv.conf:
> > 
> > search local
> > nameserver 208.67.220.220
> > 
> > I discovered the change a few days ago when I was doing my daily
> > check for updates by using SSH to connect to two of the systems. I
> > received the following response to the connection command:
> > 
> > ssh: Could not resolve hostname chip-nuc.local: Name or service not known
> > 
> > I checked to make sure I could connect to everything by IP
> > address, and I checked DNS on the outside world. Everything looked
> > okay.
> > 
> > On a hunch I tried omitting the .local from the connection
> > command, and it work on each client.
> > 
> > I figured any time the name of a client changes without deliberate
> > action on the part of the network admin (however incompetent he
> > may be), that could be a security issue. That's why I asked here.
> 
> Hi, I am running a very similar setup, also on Sid/Testing (updated
> daily), and didn't notice any change. My local domain is not ".local"
> or ".home", it is custom.

That might be a reason for no change to have occurred.

Just out of curiosity, is your custom name registered or just made up?

> My resolv.conf looks like yours (modulo the domain name), I have an
> additional nameserver line for my router address. My router only
> resolves names for the local network, public DNS is resolved though a
> VPN.
> 
> My hosts file is just standard :
> 
>  
> 
> one line per host on the network, the router has the same hosts file,
> the IP are reserved by the router DHCP and associated with (static
> spoofed) MAC addresses. Routers are running on Asuswrt-Merlin and
> openWRT (one is AP mode only).

Again, curious, why do you maintain hosts files on each host? As you
resolve that other hosts on your network by DNS at the router, I
would have expected all your hosts files to look like:

127.0.0.1   localhost
127.0.1.1   foo.custom   foo

for host foo.

> ssh here works with both hostnames short alias (no domain), full name or IP.
> 
>
> 
> works as expected and return the host IP.
> 
> Since we probably have the same packages versions let me know if you
> need me to check anything that could differ from your system.

Cheers,
David.

Re: apparent change in hostnames on LAN without admin intervention

On Sat 14 Dec 2019 at 13:36:28 (-), Curt wrote:
> On 2019-12-14, David Wright  wrote:
> > On Fri 13 Dec 2019 at 19:33:51 (-0500), Jape Person wrote:
> >> Hi folks. Did I miss something?
> >
> > Perhaps a couple of references:
> > https://features.icann.org/addressing-new-gtld-program-applications-corp-home-and-mail
> > which points out that any of .home, .mail and .corp are ideal for the
> > domain name of a home LAN, and RFC 6762 on Multicast DNS which
> > explains why .local is not a good choice.
> 
> I'm trying to fathom why .home would remain ideal for home LAN users in
> light of RFC 8375, which replaces the previously advised '.home' with
> 'home.arpa' as the default domain name for homenets, the former being
> known to often leak out to the root name servers.
> 
> https://tools.ietf.org/html/rfc8375

As I see it, what you're looking for in choosing a domain name at home
is a name¹ that isn't already a TLD on the Internet, and is not going
to become one in the future. In addition, you don't want something
that's going to become the domain name² for some new protocol that's
around the corner.

My understanding of RFC 8375 is that .home got hit as a category ²,
but that this was seen as a mistake which this RFC corrected.

As for leaking out to the root name servers, this is the reason that
ICANN chose not to issue .home, .mail and .corp as TLDs, but instead
to refund any money taken from organisations trying to register such
domains. That intention is what makes them good candidates for being
future-proof in category ¹.

> Or does RFC 8378[5] only apply to toasters and the like (what will they
> think of next)?

I think the idea is that toasters and so on will configure themselves
on homenet, but this means that people doing their own configuration
have to steer clear rather than get in their way. AIUI that is why
mDNS resulted in pushing .local into category ², to the dismay of the
many who thought .local to be a good choice under category ¹.

Cheers,
David.

Re: apparent change in hostnames on LAN without admin intervention

On Sat 14 Dec 2019 at 10:08:56 (+), mick crane wrote:
> On 2019-12-14 03:04, Jape Person wrote:
> 
> > I could be quite wrong, but I thought that "local" was actually
> > suggested as a domain name at one time by the installer. (And I could
> > be remembering a different distro, though I've been using Debian for a
> > long time -- at least 10 years, I think.) I suppose I just continued
> > to use it over the years out of habit.
> 
> I had the same thing a while back. I too always thought .local was the
> recommendation and at the time .home was used by a phone company so
> thought it best not to use that.

Which phone company was that, and when?

> Seem to remember having trouble tracking down everywhere it is
> mentioned.

That's one reason I use corp: grepping /etc hits occurrences of home
and mail, but none of corp (except the ones I've added).

Cheers,
David.

Re: apparent change in hostnames on LAN without admin intervention

On Sat 14 Dec 2019 at 13:49:25 (-0500), Jape Person wrote:
> On 12/14/19 1:24 AM, john doe wrote:
> > 
> > Assuming that you are using the router from your ISP, it is possible
> > that the firmware has been upgraded without your nolage.
> > 
> > One way to prevent this could be (1), that is, use your own
> > router/server/gateway so you control everything on your LAN.
> > 
> > I use an EMTA modem only from my ISP which is plugged into a perimiter
> > firewall.
> > 
> > If you can't have an modem from your ISP, look at 'bridgemode'.
> > 
> > If your not comfortable building your server from scratch, you can
> > simply buy a router that is accepted by your ISP .
> > 
> > In other words, you need to choose one or the other if you go this way:
> > - Modem connected to router (most flexible of all)
> > - Combo modem/router in one box (les flexible but is more compact)
> > 
> > If you use DHCP static lease, you should look at what the DHCP server is
> > providing as hostname and 'TLD', and also in the dhcp client (dhclient'
> > to see what you get from the DHCP server.
> > 
> > The file '/etc/resolv.conf' should let you know what TLD is sent from
> > the DHCP server.
> > 
> > Debian shouldn't modify your configuration files '/etc' without your nolage.

Depending on the packages chosen, /etc/resolv.conf is one file in /etc
that is modified by Debian. The resolvconf package lists 23 other
programs that it is designed to adjudicate between, for want of a
better term.

> > Note that the TLD '.lan' is sometime used.

That's another choice, like .local, that could always be issued as a
real TLD at some point in the future.

> > 1)  https://www.xfinity.com/support/articles/list-of-approved-cable-modems
> 
> I'm using my own router behind the modem provided by the ISP. I've
> never used a router provided by an ISP for controlling my network.
> 
> I'm using a Luxul XWR-1750 which has been kept on the latest firmware
> available. Last upgrade was done early this year, long before the
> noted change in names.
> 
> The router is set to provide static IP addresses and has the names of
> each of the systems associated with their MAC Addresses and IP
> Addresses.

Can you just clarify this? My router provides static IP addresses on
the basis of the MAC addresses, all the information being typed in¹
by me. It also lists the names of the other hosts, but only because
those hosts told it their names. IOW the router (cheap, $35) doesn't
issue hostnames, nor provide a DNS service itself. It also neither
knows nor cares what the domain name of the network is.

How much of this is the same on the router in your network?

¹ actually, of course, it deduces all but the last number in the
dotted quad.

Cheers,
David.

Re: apparent change in hostnames on LAN without admin intervention

2019-12-15 Thread Jape Person


On 12/15/19 1:19 AM, tv.deb...@googlemail.com wrote:
...


Hi, I am running a very similar setup, also on Sid/Testing (updated
daily), and didn't notice any change. My local domain is not ".local" or
".home", it is custom.

My resolv.conf looks like yours (modulo the domain name), I have an
additional nameserver line for my router address. My router only
resolves names for the local network, public DNS is resolved though a VPN.

My hosts file is just standard :

   

one line per host on the network, the router has the same hosts file,
the IP are reserved by the router DHCP and associated with (static
spoofed) MAC addresses. Routers are running on Asuswrt-Merlin and
openWRT (one is AP mode only).

ssh here works with both hostnames short alias (no domain), full name or IP.

 

works as expected and return the host IP.

Since we probably have the same packages versions let me know if you
need me to check anything that could differ from your system.



Thank you very much for your kind offer! I am interested in figuring this out, but it will probably 
be at least after the first of the year before I'll be able to devote much time to it.


I'm happy to have things apparently working as they should, for now. But this experience has made me 
curious.


The information you provided, and your offer of help are much appreciated!

Best,
JP

Re: apparent change in hostnames on LAN without admin intervention

2019-12-14 Thread tv.deb...@googlemail.com


On 15/12/2019 00:35, Jape Person wrote:

On 12/14/19 3:56 AM, Andrei POPESCU wrote:

On Vi, 13 dec 19, 19:33:51, Jape Person wrote:

Hi folks. Did I miss something?

I've had 3 Sid/testing systems running on the same LAN behind the same
router for just shy of 3 years. Their static IP addresses have always 
been
issued by the DHCP server on the router. Everything has been 
copacetic among
the systems, with local and outside name resolution working with no 
issue.


A little over a week ago the systems stopped being able to access 
each other
by name. No changes were made in the settings or firmware of the 
router or

of the local network settings on the systems.

I discovered that all of the hostnames had changed from xx.local to
xx. I've tried to determine the cause of this alteration in the
hostnames on the LAN.


Please provide more info on this, specifically where / how are the
hostnames configured and where / how did you discover they changed.

Do note that .local is typically used by mDNS and in my understanding it
should not be used with a DNS server.

https://en.wikipedia.org/wiki/.local

Kind regards,
Andrei


Hi, Andrei.

The hostnames and local domain name were used during installation.

The static DHCP addresses are issued by a Luxul XWR-1750 router which 
associates the hostnames with the MAC and IP addresses.


Contents of /etc/resolv.conf:

search local
nameserver 208.67.220.220

I discovered the change a few days ago when I was doing my daily check 
for updates by using SSH to connect to two of the systems. I received 
the following response to the connection command:


ssh: Could not resolve hostname chip-nuc.local: Name or service not known

I checked to make sure I could connect to everything by IP address, and 
I checked DNS on the outside world. Everything looked okay.


On a hunch I tried omitting the .local from the connection command, and 
it work on each client.


I figured any time the name of a client changes without deliberate 
action on the part of the network admin (however incompetent he may be), 
that could be a security issue. That's why I asked here.


Thanks,
JP



Hi, I am running a very similar setup, also on Sid/Testing (updated 
daily), and didn't notice any change. My local domain is not ".local" or 
".home", it is custom.


My resolv.conf looks like yours (modulo the domain name), I have an 
additional nameserver line for my router address. My router only 
resolves names for the local network, public DNS is resolved though a VPN.


My hosts file is just standard :

   

one line per host on the network, the router has the same hosts file, 
the IP are reserved by the router DHCP and associated with (static 
spoofed) MAC addresses. Routers are running on Asuswrt-Merlin and 
openWRT (one is AP mode only).


ssh here works with both hostnames short alias (no domain), full name or IP.

 

works as expected and return the host IP.

Since we probably have the same packages versions let me know if you 
need me to check anything that could differ from your system.

Re: apparent change in hostnames on LAN without admin intervention

2019-12-14 Thread Andrei POPESCU

On Sb, 14 dec 19, 14:05:01, Jape Person wrote:
> 
> The hostnames and local domain name were used during installation.

Ok, so they are probably configured in /etc/hostname, possibly also 
/etc/hosts.

> The static DHCP addresses are issued by a Luxul XWR-1750 router which
> associates the hostnames with the MAC and IP addresses.

So the same host names are configured also in the router.

> Contents of /etc/resolv.conf:
> 
> search local
> nameserver 208.67.220.220
> 
> I discovered the change a few days ago when I was doing my daily check for
> updates by using SSH to connect to two of the systems. I received the
> following response to the connection command:
> 
> ssh: Could not resolve hostname chip-nuc.local: Name or service not known

Depending also on how you manage the network configuration (ifupdown, 
network-manager, systemd-networkd, etc.) it could be a lot of things. 

My first guess is that something in your resolving infrastructure is now 
treating .local special whereas before it didn't. The other option would 
be that some mDNS package got installed.

You could look at the update logs since the last known previous state 
and see if something sticks out. 

That is, if you want to find out what happened as it seems to me that 
you fixed the immediate problem.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser

signature.asc
Description: PGP signature

Re: apparent change in hostnames on LAN without admin intervention

2019-12-14 Thread Brian

On Sat 14 Dec 2019 at 13:59:29 -0600, John Hasler wrote:

> Jape writes:
> > I live in a condo where I can see at least three dozen (no kidding)
> > printers advertising their services.
> 
> Take them up on their offer and print something on each of them.

Advertising a service does not mean it an be used by everyone.

-- 
Brian.

Re: apparent change in hostnames on LAN without admin intervention

2019-12-14 Thread John Hasler

Jape writes:
> I live in a condo where I can see at least three dozen (no kidding)
> printers advertising their services.

Take them up on their offer and print something on each of them.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: apparent change in hostnames on LAN without admin intervention

2019-12-14 Thread Brian

On Sat 14 Dec 2019 at 14:05:01 -0500, Jape Person wrote:

> Contents of /etc/resolv.conf:
> 
> search local
> nameserver 208.67.220.220

Why is "search local" required? .local is catered for with
avahi/libnss-mdns.

-- 
Brian.

Re: apparent change in hostnames on LAN without admin intervention


On 12/14/19 8:45 AM, Brian wrote:

On Fri 13 Dec 2019 at 22:04:18 -0500, Jape Person wrote:


On 12/13/19 8:55 PM, David Wright wrote:


But is it possible you've started using avahi/bonjour when previously
you didn't? Or has the router upgraded itself and now knows not to
issue names like that?


I'll check to see if avahi/bonjour are being used, but I haven't done
anything deliberately to start using them. I'm wondering if recent changes
to CUPS may be implicated in some way.


Depends what you mean by recent. :) avahi-daemon has been a Recommends:
of cups-daemon since jessie.


My Brother printer defaults to using
bonjour, but I turned it off because I deemed it to be not particularly
useful to me. It's connected by wire to the router. I live in a condo where
I can see at least three dozen (no kidding) printers advertising their
services. I'm getting ready to switch everything to wired connections.


Bonjour is a network protocol, not a wireless protocol.



Thanks,
JP

Re: apparent change in hostnames on LAN without admin intervention


On 12/14/19 8:02 AM, rhkra...@gmail.com wrote:

On Friday, December 13, 2019 10:04:18 PM Jape Person wrote:

Could this change be due to recent upgrades in software? (I upgrade
every day.) I've reviewed the recent upgrades listed in
/var/log/apt/history.log. I would have thought any deliberate change
of this behavior would have been flagged by listchanges, but I can't
find it.


 From the peanut gallery (I don't know why I sit here): Of course!  That is the
charm of sid / testing -- continuous changes, some of which might break your
system.


I'm just a home user / hobbyist, but this change occurring without any
deliberate administrative action on my part makes the hairs stand up
on my neck -- just a little bit.


Well, I don't know why you're using testing (I don't), but I'm surprised your
hairs on permanently up ;-)



I've been using Sid/testing since long before I established this little network -- at least 12 or 13 
years. I've always enjoyed seeing the changes to Debian as they come down the road. The worst 
problem I remember having was when the framebuffer was introduced. The nVidia graphics card I was 
running in my system at the time had to be appeased. Took maybe two hours to fix.


But this made the old hackles raise because of the possibility that it could have security 
implications. It turns out that this problem has probably been caused by my own misunderstanding of 
proper use of naming conventions.


Thanks,
JP

Re: apparent change in hostnames on LAN without admin intervention

On 12/14/19 3:56 AM, Andrei POPESCU wrote:

On Vi, 13 dec 19, 19:33:51, Jape Person wrote:

Hi folks. Did I miss something?

I've had 3 Sid/testing systems running on the same LAN behind the same
router for just shy of 3 years. Their static IP addresses have always been
issued by the DHCP server on the router. Everything has been copacetic among
the systems, with local and outside name resolution working with no issue.

A little over a week ago the systems stopped being able to access each other
by name. No changes were made in the settings or firmware of the router or
of the local network settings on the systems.

I discovered that all of the hostnames had changed from xx.local to
xx. I've tried to determine the cause of this alteration in the
hostnames on the LAN.

Please provide more info on this, specifically where / how are the
hostnames configured and where / how did you discover they changed.

Do note that .local is typically used by mDNS and in my understanding it
should not be used with a DNS server.

https://en.wikipedia.org/wiki/.local

Kind regards,
Andrei

Hi, Andrei.

The hostnames and local domain name were used during installation.

The static DHCP addresses are issued by a Luxul XWR-1750 router which associates the hostnames with
the MAC and IP addresses.

Contents of /etc/resolv.conf:

search local
nameserver 208.67.220.220

I discovered the change a few days ago when I was doing my daily check for updates by using SSH to
connect to two of the systems. I received the following response to the connection command:

ssh: Could not resolve hostname chip-nuc.local: Name or service not known

I checked to make sure I could connect to everything by IP address, and I checked DNS on the outside
world. Everything looked okay.

On a hunch I tried omitting the .local from the connection command, and it work
on each client.

I figured any time the name of a client changes without deliberate action on the part of the network
admin (however incompetent he may be), that could be a security issue. That's why I asked here.

Thanks,
JP

Re: apparent change in hostnames on LAN without admin intervention


On 12/14/19 4:40 AM, Curt wrote:

On 2019-12-14, Jape Person  wrote:


I could be quite wrong, but I thought that "local" was actually suggested as a 
domain name at one
time by the installer. (And I could be remembering a different distro, though 
I've been using Debian
for a long time -- at least 10 years, I think.) I suppose I just continued to 
use it over the years
out of habit.



https://tools.ietf.org/html/rfc6762

3.  Multicast DNS Names

...

  To remedy this problem [of home computer users generally lacking easy access
  to name creation in the global DNS namespace*], this document allows any
  computer user to elect to give their computers link-local Multicast DNS host
  names of the form: "single-dns-label.local".

...

  This document specifies that the DNS top-level domain ".local." is a
  special domain with special semantics, namely that any fully
  qualified name ending in ".local." is link-local, and names within
  this domain are meaningful only on the link where they originate.

Has RFC 6762 been superseded? Or have I gotten this wrong?



Hi, Curt.

I'm doing some homework. I can see the error of my ways and am planning to change the network 
accordingly.


Still stumped about why .local disappeared from the names, but am obviously not 
married to it.

Thanks,
JP

Re: apparent change in hostnames on LAN without admin intervention