Re: resolv.conf.head
On January 9, 2015 6:31:13 PM CET, Libertas liber...@mykolab.com wrote: I'm relatively new to OpenBSD, so please correct any mistakes below. As you may know, resolv.conf.tail is appended to resolv.conf. This is convenient because the last 'search' and 'domain' keywords listed are used. However, nameservers are queried in the order they are listed. This means (if I understand correctly) that if DHCP adds a nameserver to your resolv.conf, it will supersede anything you include in resolv.conf.tail. Wanting to specify the nameserver is common, because many of us are otherwise sending all of our DNS queries to lovely companies like Comcast and Verizon. Nameserver overrides be done with dhclient.conf, but it seems more clear and Unixy to just have a resolv.conf.head counterpart to resolv.conf.tail. It already exists in a certain other Unix-like operating system of great popularity. Is this a good idea? If so, I can try writing a patch. Configure your dhclient.conf with an appropriate supersede directive instead. I commonly override the search domain with .. /Alexander
resolv.conf.head
I'm relatively new to OpenBSD, so please correct any mistakes below. As you may know, resolv.conf.tail is appended to resolv.conf. This is convenient because the last 'search' and 'domain' keywords listed are used. However, nameservers are queried in the order they are listed. This means (if I understand correctly) that if DHCP adds a nameserver to your resolv.conf, it will supersede anything you include in resolv.conf.tail. Wanting to specify the nameserver is common, because many of us are otherwise sending all of our DNS queries to lovely companies like Comcast and Verizon. Nameserver overrides be done with dhclient.conf, but it seems more clear and Unixy to just have a resolv.conf.head counterpart to resolv.conf.tail. It already exists in a certain other Unix-like operating system of great popularity. Is this a good idea? If so, I can try writing a patch.
Re: resolv.conf.head
On January 9, 2015 7:22:01 PM CET, Alexander Hall alexan...@beard.se wrote: On January 9, 2015 6:31:13 PM CET, Libertas liber...@mykolab.com wrote: I'm relatively new to OpenBSD, so please correct any mistakes below. As you may know, resolv.conf.tail is appended to resolv.conf. This is convenient because the last 'search' and 'domain' keywords listed are used. However, nameservers are queried in the order they are listed. This means (if I understand correctly) that if DHCP adds a nameserver to your resolv.conf, it will supersede anything you include in resolv.conf.tail. Wanting to specify the nameserver is common, because many of us are otherwise sending all of our DNS queries to lovely companies like Comcast and Verizon. Nameserver overrides be done with dhclient.conf, but it seems more clear and Unixy to just have a resolv.conf.head counterpart to resolv.conf.tail. It already exists in a certain other Unix-like operating system of great popularity. Is this a good idea? If so, I can try writing a patch. Configure your dhclient.conf with an appropriate supersede directive instead. Bah. I have no idea how I missed that you'd already mentioned that. Nevertheless, I find it very reasonable to let dhclient handle it. I commonly override the search domain with .. /Alexander
Re: resolv.conf.head
On 01/09/2015 12:49 PM, mar...@martinbrandenburg.com wrote: And you realize that your ISP (like Comcast or Verizon) can see your DNS queries even if you point them at another nameserver. Granted I've met enough ISP nameservers which return advertising instead of NXDOMAIN, and that is annoying. There are some services that prevent this. https://www.opendns.com/about/innovations/dnscrypt/ Disclaimer: am a paying customer of OpenDNS. No other affiliation. -- Those who do not understand Unix are condemned to reinvent it, poorly.
Re: resolv.conf.head
Libertas liber...@mykolab.com wrote: I'm relatively new to OpenBSD, so please correct any mistakes below. As you may know, resolv.conf.tail is appended to resolv.conf. This is convenient because the last 'search' and 'domain' keywords listed are used. However, nameservers are queried in the order they are listed. This means (if I understand correctly) that if DHCP adds a nameserver to your resolv.conf, it will supersede anything you include in resolv.conf.tail. Wanting to specify the nameserver is common, because many of us are otherwise sending all of our DNS queries to lovely companies like Comcast and Verizon. Nameserver overrides be done with dhclient.conf, but it seems more clear and Unixy to just have a resolv.conf.head counterpart to resolv.conf.tail. It already exists in a certain other Unix-like operating system of great popularity. Is this a good idea? If so, I can try writing a patch. The things you want to go at the top can go in dhclient.conf as prepend or supersede options. Other settings like family in resolv.conf can go at the bottom just fine. And you realize that your ISP (like Comcast or Verizon) can see your DNS queries even if you point them at another nameserver. Granted I've met enough ISP nameservers which return advertising instead of NXDOMAIN, and that is annoying. -- Martin
