BIND/login question

Goddard, David David.Goddard at cognos.com
Tue Jan 25 12:34:33 GMT 2000


Hi,

I posted this question to -questions last week but got a big fat zero by way
of response so I thought I'd try it out on you nice UK guys instead... (Hi,
by the way, my name's Dave and I've been lurking here for a little while now
:)

The problem is Yet Another Unwanted Dialups With ppp -auto issue, with the
finger being pointed at DNS lookups.  What I'm not sure of is where the
blame lies for this - my BIND config, the behavious of login or my shelll or
whatever.

Put another way - should BIND actually be expected to return an IP for the
query being made given that there is some logic in the relative domain being
queried?

The basic architecture is a FreBSD box using ppp (with -auto and -alias
flags) acting as an Internet gateway to a small LAN.  The box is also
running BIND to provide DNS.  The LAN machines all use 10.0.0.* IPs while
the gateway box also has a proper IP assigned by the ISP on its dialup
interface.

Both a 3.2-RELEASE box and a slightly ageing snap of 4.0-CURRENT seem to
show the same symptoms.

Basically, the issue is that when I log in via telnet, a DNS query is done
for a truncated version of the client's host name - i.e. if I log in to the
server (zero.somedomain.com) from another machine (say,
jaka.lan.somedomain.com) a query is done for jaka.lan.  This isn't
recognised by named on zero, so it queries the ISPs server.

The DNS query seems to be happening as soon as I enter the password, as the
login hangs at this point while the server dials out.  The session looks
like this:

  jaka% telnet 10.0.0.1
  Trying 10.0.0.1...
  Connected to zero.lan.somedomain.com.
  Escape character is '^]'.

  FreeBSD/i386 (zero.somedomain.com) (ttyp3)

  login: dg
  Password:
<hangs here>
  Last login: Sun Jan 16 22:26:57 from jaka.lan
  Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
          The Regents of the University of California.  All rights reserved.

  FreeBSD 4.0-CURRENT (DMG_KERNEL) #1: Mon Jan 10 13:42:55 GMT 2000

Personally, I suspect the Last login section - it is this truncated name
that is being queried and this is what is getting stored in wtmp and other
places.  Casting a very inexpert eye over the source for login, it seems
that some shortening of the domain is being done deliberately, but I'm not
sure why a lookup would be done on this when I log on.

Checking out the archives, there are a few references to similar problems,
but they are mostly related to reverse lookups, which seem fine on my
setup.  There was also an old (1996) mention of an issue with tcsh (my
shell), but I'm not sure if this is it.

There are some obvious workarounds to this, but I'd really appreciate some
pointers as to what is wrong (or more likely what I've done wrong!)

I've appended some more info about the setup etc.

Thanks,

Dave


Snippet from named.query.log:

12-Jan-2000 22:47:16.515 XX+/10.0.0.1/jaka.lan/A/IN
12-Jan-2000 22:47:16.517 XX+/10.0.0.1/jaka.lan.somedomain.com/A/IN
[...]
12-Jan-2000 23:19:32.595 XX+/10.0.0.1/jaka.lan/A/IN
12-Jan-2000 23:19:32.597 XX+/10.0.0.1/jaka.lan.somedomain.com/A/IN


Edited zone file for the domain held on the gateway server:

$ORIGIN com.
somedomain	43200	IN	SOA	zero.somedomain.com.
name.someisp.co.uk. (
		118687026 21600 10800 604800 43200 )
	43200	IN	NS	zero.somedomain.com.
$ORIGIN somedomain.com.
zero	43200	IN	A	195.256.256.256
localhost	43200	IN	A	127.0.0.1
jaka	43200	IN	CNAME	jaka.lan.somedomain.com.
ns	43200	IN	CNAME	zero.somedomain.com.
$ORIGIN lan.somedomain.com.
zero	43200	IN	A	10.0.0.1
jaka	43200	IN	A	10.0.0.2
elrod	43200	IN	A	10.0.0.3
astoria	43200	IN	A	10.0.0.9
elf 	43200	IN	A	10.0.0.10
gateway	43200	IN	CNAME	zero



Reverse lookup:

$ORIGIN 0.10.in-addr.arpa.
0       86400   IN      SOA     ns.somedomain.com. name.someisp.co.uk. (
                2216956931 10800 3600 604800 86400 )
        86400   IN      NS      ns.somedomain.com.
$ORIGIN 0.0.10.in-addr.arpa.
1       86400   IN      PTR     zero.lan.somedomain.com.
2       86400   IN      PTR     jaka.lan.somedomain.com.
3       86400   IN      PTR     elrod.lan.somedomain.com.
4       86400   IN      PTR     julius.lan.somedomain.com.
9       86400   IN      PTR     astoria.lan.somedomain.com.
10      86400   IN      PTR     jaka.lan.somedomain.com.



Edited named.conf:

// $Id: named.conf,v 1.5 1998/12/23 06:06:13 dillon Exp $
//
// Refer to the named(8) man page for details.  If you are ever going
// to setup a primary server, make sure you've understood the hairy
// details of how DNS is working.  Even with simple mistakes, you can
// break connectivity for affected parties, or cause huge amount of
// useless Internet traffic.



options {
	directory "/etc/namedb";


	dialup yes;
	use-id-pool yes;
	treat-cr-as-space yes;
[...]
// In addition to the "forwarders" clause, you can force your name
// server to never initiate queries of its own, but always ask its
// forwarders only, by enabling the following line:
//
      forward only;

// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below.  This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.

	forwarders {
		195.256.256.256;
	};

[...]
};


[...]


zone "." {
	type hint;
	file "named.root";
};

zone "0.0.127.IN-ADDR.ARPA" {
	type master;
	file "localhost.rev";
};

[...]
zone "somedomain.com" {
	type master;
	file "s/somedomain.com";
	notify no;

};


zone "0.0.10.in-addr.arpa" {
        type master;
        file "s/0.0.10.in-addr.arpa";
	notify no;
};




Random nslookup stuff:

Script started on Wed Jan 12 23:23:24 2000
dg has logged on ttyp0 from jaka.
zero% nslookup
Default Server:  zero.lan.somedomain.com
Address:  10.0.0.1

> jaka
Server:  zero.lan.somedomain.com
Address:  10.0.0.1

Non-authoritative answer:
Name:    jaka.lan.somedomain.com
Address:  10.0.0.10
Aliases:  jaka.somedomain.com

> 10.0.0.10
Server:  zero.lan.somedomain.com
Address:  10.0.0.1

Name:    jaka.lan.somedomain.com
Address:  10.0.0.10

> set type=any
> jaka
Server:  zero.lan.somedomain.com
Address:  10.0.0.1

jaka.somedomain.com	canonical name = jaka.lan.somedomain.com
somedomain.com	nameserver = zero.somedomain.com
zero.somedomain.com	internet address = 195.256.256.256
> exit
zero%







More information about the Ukfreebsd mailing list