BIND/login question

Goddard, David David.Goddard at
Tue Jan 25 12:34:33 GMT 2000


I posted this question to -questions last week but got a big fat zero by way
of response so I thought I'd try it out on you nice UK guys instead... (Hi,
by the way, my name's Dave and I've been lurking here for a little while now

The problem is Yet Another Unwanted Dialups With ppp -auto issue, with the
finger being pointed at DNS lookups.  What I'm not sure of is where the
blame lies for this - my BIND config, the behavious of login or my shelll or

Put another way - should BIND actually be expected to return an IP for the
query being made given that there is some logic in the relative domain being

The basic architecture is a FreBSD box using ppp (with -auto and -alias
flags) acting as an Internet gateway to a small LAN.  The box is also
running BIND to provide DNS.  The LAN machines all use 10.0.0.* IPs while
the gateway box also has a proper IP assigned by the ISP on its dialup

Both a 3.2-RELEASE box and a slightly ageing snap of 4.0-CURRENT seem to
show the same symptoms.

Basically, the issue is that when I log in via telnet, a DNS query is done
for a truncated version of the client's host name - i.e. if I log in to the
server ( from another machine (say, a query is done for jaka.lan.  This isn't
recognised by named on zero, so it queries the ISPs server.

The DNS query seems to be happening as soon as I enter the password, as the
login hangs at this point while the server dials out.  The session looks
like this:

  jaka% telnet
  Connected to
  Escape character is '^]'.

  FreeBSD/i386 ( (ttyp3)

  login: dg
<hangs here>
  Last login: Sun Jan 16 22:26:57 from jaka.lan
  Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
          The Regents of the University of California.  All rights reserved.

  FreeBSD 4.0-CURRENT (DMG_KERNEL) #1: Mon Jan 10 13:42:55 GMT 2000

Personally, I suspect the Last login section - it is this truncated name
that is being queried and this is what is getting stored in wtmp and other
places.  Casting a very inexpert eye over the source for login, it seems
that some shortening of the domain is being done deliberately, but I'm not
sure why a lookup would be done on this when I log on.

Checking out the archives, there are a few references to similar problems,
but they are mostly related to reverse lookups, which seem fine on my
setup.  There was also an old (1996) mention of an issue with tcsh (my
shell), but I'm not sure if this is it.

There are some obvious workarounds to this, but I'd really appreciate some
pointers as to what is wrong (or more likely what I've done wrong!)

I've appended some more info about the setup etc.



Snippet from named.query.log:

12-Jan-2000 22:47:16.515 XX+/
12-Jan-2000 22:47:16.517 XX+/
12-Jan-2000 23:19:32.595 XX+/
12-Jan-2000 23:19:32.597 XX+/

Edited zone file for the domain held on the gateway server:

$ORIGIN com.
somedomain	43200	IN	SOA (
		118687026 21600 10800 604800 43200 )
	43200	IN	NS
zero	43200	IN	A
localhost	43200	IN	A
jaka	43200	IN	CNAME
ns	43200	IN	CNAME
zero	43200	IN	A
jaka	43200	IN	A
elrod	43200	IN	A
astoria	43200	IN	A
elf 	43200	IN	A
gateway	43200	IN	CNAME	zero

Reverse lookup:

0       86400   IN      SOA (
                2216956931 10800 3600 604800 86400 )
        86400   IN      NS
1       86400   IN      PTR
2       86400   IN      PTR
3       86400   IN      PTR
4       86400   IN      PTR
9       86400   IN      PTR
10      86400   IN      PTR

Edited named.conf:

// $Id: named.conf,v 1.5 1998/12/23 06:06:13 dillon Exp $
// Refer to the named(8) man page for details.  If you are ever going
// to setup a primary server, make sure you've understood the hairy
// details of how DNS is working.  Even with simple mistakes, you can
// break connectivity for affected parties, or cause huge amount of
// useless Internet traffic.

options {
	directory "/etc/namedb";

	dialup yes;
	use-id-pool yes;
	treat-cr-as-space yes;
// In addition to the "forwarders" clause, you can force your name
// server to never initiate queries of its own, but always ask its
// forwarders only, by enabling the following line:
      forward only;

// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below.  This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.

	forwarders {;



zone "." {
	type hint;
	file "named.root";

zone "0.0.127.IN-ADDR.ARPA" {
	type master;
	file "localhost.rev";

zone "" {
	type master;
	file "s/";
	notify no;


zone "" {
        type master;
        file "s/";
	notify no;

Random nslookup stuff:

Script started on Wed Jan 12 23:23:24 2000
dg has logged on ttyp0 from jaka.
zero% nslookup
Default Server:

> jaka

Non-authoritative answer:



> set type=any
> jaka
Address:	canonical name =	nameserver =	internet address =
> exit

More information about the Ukfreebsd mailing list