Re: rc.firsttime after package daemons

2021-11-03 Thread Sean Kamath 



> On Nov 3, 2021, at 01:42, Kapetanakis Giannis  
> wrote:
> Anyway, I followed Stuart's advice of adding a second DNS server in 
> resolv.conf apart from 127.0.0.1
> which was my usual practice for caching servers. I see no harm on this.

I generally always run resolving and authoritative servers as pairs.  For 
authoritative servers, that’s obvious.  For resolving servers, it’s less 
obvious, but it’s so I can do maintenance on one of them (at a time) and not 
kill everything that uses them.

And if you run two resolving servers, point both of them at both of them. :-)

Sean

Re: rc.firsttime after package daemons

2021-11-03 Thread Kapetanakis Giannis 
On 03/11/2021 06:53, cho...@jtan.com wrote:
> ...
>
> On the gripping hand, all it does is run fw_update and syspatch.

This. Unless there is something more.

Anyway, I followed Stuart's advice of adding a second DNS server in resolv.conf 
apart from 127.0.0.1
which was my usual practice for caching servers. I see no harm on this.

Thanks for comments on unbound/nsd. I'm familiar and using those in another 
setup but it adds complexity when you want your caching servers to also have 
live copies (+live updates) of internal authoritative zones. You setup the 
zones twice (nsd and unbound stub-zone), which is not that bad, but you also 
have caching/negative caching on unbound until TTL or flush to see the 
updates/changes, which is more disturbing.

G

Re: rc.firsttime after package daemons

2021-11-01 Thread Stuart Henderson 
On 2021-11-01, Kapetanakis Giannis  wrote:
> Hi,
>
> Just a notice for this.
> I have a system which is a DNS server it self and runs isc-bind, so the 
> daemon is started from $pkg_scripts.
>
> rc.firsttime is run before pkg daemons are started so the system cannot (yet) 
> resolve since it lists itself in /etc/resolv.conf
>
> If there is no other reason, maybe rc.firsttime could be moved after package 
> daemons are started.

rc.firsttime has to be earlier.

I strongly recommend listing a second nameserver in resolv.conf

rc.firsttime after package daemons

2021-11-01 Thread Kapetanakis Giannis 
Hi,

Just a notice for this.
I have a system which is a DNS server it self and runs isc-bind, so the daemon 
is started from $pkg_scripts.

rc.firsttime is run before pkg daemons are started so the system cannot (yet) 
resolve since it lists itself in /etc/resolv.conf

If there is no other reason, maybe rc.firsttime could be moved after package 
daemons are started.

best,

Giannis