Printable View
Suppose I'm a 1 machine local network: 192.16.1.55
I give myself a host name like mypc.mydomain.com
Also, resolve.conf has 2 dns's listed and lastly a line that
reads: search mydomain.com
If i ping mydomain.com shouldnt it send the pings to
192.168.1.55?
All my postfix traffic, ping and so forth are not going to
myself but off my network to another unrelated place on the net.
I must have something mis-configured?
Thanks
Eric
On Sat, 16 Aug 2008 00:06:17 -0700, Eric wrote:
[color=blue]
> Suppose I'm a 1 machine local network: 192.16.1.55 I give myself a host
> name like mypc.mydomain.com Also, resolve.conf has 2 dns's listed and
> lastly a line that reads: search mydomain.com
> If i ping mydomain.com shouldnt it send the pings to 192.168.1.55?
> All my postfix traffic, ping and so forth are not going to myself but
> off my network to another unrelated place on the net. I must have
> something mis-configured? Thanks
> Eric[/color]
You have used a domainname that is in use.
mydomain.com is registered and has a dns of 66.150.120.131, so ping
mydomain.com should try to get an answer from 66.150.120.131.
--
I don't think I'm gonna agree with that. Way too much visual confusion...
-- Larry Wall in <199709021627.JAA11966@wall.org>
----------------------
Mandriva Linux release 2008.1 (Official) for x86_64
2.6.24.7-server-1mnb AMD Athlon(tm) 64 X2 Dual Core Processor 5000+
----------------------
Jim Whitby wrote:
[color=blue]
> On Sat, 16 Aug 2008 00:06:17 -0700, Eric wrote:
>[color=green]
>> Suppose I'm a 1 machine local network: 192.16.1.55 I give myself a host
>> name like mypc.mydomain.com Also, resolve.conf has 2 dns's listed and
>> lastly a line that reads: search mydomain.com
>> If i ping mydomain.com shouldnt it send the pings to 192.168.1.55?
>> All my postfix traffic, ping and so forth are not going to myself but
>> off my network to another unrelated place on the net. I must have
>> something mis-configured? Thanks
>> Eric[/color]
>
> You have used a domainname that is in use.
>
> mydomain.com is registered and has a dns of 66.150.120.131, so ping
> mydomain.com should try to get an answer from 66.150.120.131.
>
>
>
>
>[/color]
Dont take mydomain.com literally, i just made it up as an example
Eric
Jim Whitby wrote:
[color=blue]
> On Sat, 16 Aug 2008 00:06:17 -0700, Eric wrote:
>[color=green]
>> Suppose I'm a 1 machine local network: 192.16.1.55 I give myself a host
>> name like mypc.mydomain.com Also, resolve.conf has 2 dns's listed and
>> lastly a line that reads: search mydomain.com
>> If i ping mydomain.com shouldnt it send the pings to 192.168.1.55?
>> All my postfix traffic, ping and so forth are not going to myself but
>> off my network to another unrelated place on the net. I must have
>> something mis-configured? Thanks
>> Eric[/color]
>
> You have used a domainname that is in use.
>
> mydomain.com is registered and has a dns of 66.150.120.131, so ping
> mydomain.com should try to get an answer from 66.150.120.131.
>
>
>
>
>[/color]
Actually, you are right, awhile after i read your post i went and and
checked the actual domain name i was using and had been using for a long
time, and found that some jerk registered over 1.6 million domain names
yesterday that he never intends to actually use. Mine was one of them.
I thought you could use any name you wanted on a non-internet, local
network behind a router. Shouldnt it check my hosts file and use that
information before it checks internet dns?
On Sat, 16 Aug 2008 00:06:17 -0700, Eric wrote:
[color=blue]
> Suppose I'm a 1 machine local network: 192.16.1.55 I give myself a host
> name like mypc.mydomain.com Also, resolve.conf has 2 dns's listed and
> lastly a line that reads: search mydomain.com If i ping mydomain.com
> shouldnt it send the pings to 192.168.1.55? All my postfix traffic, ping
> and so forth are not going to myself but off my network to another
> unrelated place on the net. I must have something mis-configured? Thanks
> Eric[/color]
When I ping my hostname:
[wes@wes2 ~]$ hostname
wes2.com
[wes@wes2 ~]$ ping wes2.com
PING wes2.com (127.0.0.1) 56(84) bytes of data. 64 bytes from wes2.com
(127.0.0.1): icmp_seq=1 ttl=64 time=0.041 ms 64 bytes from wes2.com
(127.0.0.1): icmp_seq=2 ttl=64 time=0.048 ms 64 bytes from wes2.com
(127.0.0.1): icmp_seq=3 ttl=64 time=0.053 ms 64 bytes from wes2.com
(127.0.0.1): icmp_seq=4 ttl=64 time=0.047 ms 64 bytes from wes2.com
(127.0.0.1): icmp_seq=5 ttl=64 time=0.051 ms
--- wes2.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 3999ms rtt
min/avg/max/mdev = 0.041/0.048/0.053/0.004 ms [wes@wes2 ~]$
--
Want the ultimate in free OTA SD/HDTV Recorder? [url]http://mythtv.org[/url]
My Tivo Experience [url]http://wesnewell.no-ip.com/tivo.htm[/url]
Tivo HD/S3 compared [url]http://wesnewell.no-ip.com/mythtivo.htm[/url]
AMD cpu help [url]http://wesnewell.no-ip.com/cpu.php[/url]
On Sat, 16 Aug 2008 04:05:35 -0700, Eric wrote:
[color=blue]
> Actually, you are right, awhile after i read your post i went and and
> checked the actual domain name i was using and had been using for a long
> time, and found that some jerk registered over 1.6 million domain names
> yesterday that he never intends to actually use. Mine was one of them.[/color]
That is why you should use whatever.invalid or whatever.test
[url]http://www.rfc-editor.org/rfc/rfc2606.txt[/url]
[color=blue]
> I thought you could use any name you wanted on a non-internet, local
> network behind a router.[/color]
And what happens if a packet/message escapes your LAN. :(
Use 192.168.x.x and xxxx.invalid or xxxx.test
just to keep your experiments from getting out on the Internet.
[color=blue]
> Shouldnt it check my hosts file and use that
> information before it checks internet dns?[/color]
Depends on what/how is doing the look up.
Something else which affects resolution order:
/etc/host.conf and /etc/nsswitch.conf
Line of interest in nsswitch.conf found with
$ grep hosts: /etc/nsswitch.conf
Bit Twister wrote:
[color=blue]
> On Sat, 16 Aug 2008 04:05:35 -0700, Eric wrote:
>[color=green]
>> Actually, you are right, awhile after i read your post i went and and
>> checked the actual domain name i was using and had been using for a long
>> time, and found that some jerk registered over 1.6 million domain names
>> yesterday that he never intends to actually use. Mine was one of them.[/color]
>
> That is why you should use whatever.invalid or whatever.test
> [url]http://www.rfc-editor.org/rfc/rfc2606.txt[/url]
>[color=green]
>> I thought you could use any name you wanted on a non-internet, local
>> network behind a router.[/color]
>
> And what happens if a packet/message escapes your LAN. :(
>
> Use 192.168.x.x and xxxx.invalid or xxxx.test
> just to keep your experiments from getting out on the Internet.
>
>[color=green]
>> Shouldnt it check my hosts file and use that
>> information before it checks internet dns?[/color]
>
> Depends on what/how is doing the look up.
>
> Something else which affects resolution order:
> /etc/host.conf and /etc/nsswitch.conf
>
> Line of interest in nsswitch.conf found with
> $ grep hosts: /etc/nsswitch.conf[/color]
In everything i have ever seen concerning local private networks (the ones
on 192.168.x.x) I have never heard an admonishment to use .invalid or .test
If that were going to be a problem i would thing it would be very common
as people generally make up and use whatever name they want.
What your saying, in so many words, is: you must go and register a domain
name to use on your local network.
My nsswitch.conf
passwd: files compat
shadow: files
group: files compat
hosts: files nis dns
networks: files
services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files
publickey: files
bootparams: files
automount: files
aliases: files
hosts:
127.0.0.1 wgf1.mypersonaldomain.net wgf1 localhost localhost.localdomain
I also tried
127.0.0.1 localhost localhost.localdomain
192.168.1.55 wgf1.mypersonaldomain.net wgf1
resolv.conf:
nameserver 68.87.69.146
search localhost
ping wgf1 will ping an internet host somewhere out there and not my system
host
host mypersonaldomain.net will return the address of some internet company
out there and not my system
The system is acting like /etc/hosts is being ignored
Eric
On Sat, 16 Aug 2008 13:02:45 -0700, Eric wrote:
[color=blue]
> In everything i have ever seen concerning local private networks (the ones
> on 192.168.x.x) I have never heard an admonishment to use .invalid or .test[/color]
Ok, consider my reply to be your first. :-)
I do admit, I do not bother to verify /every one's/ domain when working
a network problem. I have more than once suggested .invalid or .test.
I have noticed more and more people using .invalid
[color=blue]
> If that were going to be a problem i would thing it would be very common
> as people generally make up and use whatever name they want.[/color]
Heheheh, and look what happened when your's suddenly broke. :(
[color=blue]
> What your saying, in so many words, is: you must go and register a domain
> name to use on your local network.[/color]
Not suggesting that at all.
I suggest adding .invalid or .test to whatever domain you want on the LAN.
If you were to run your own DNS resolver (say named/bind) then you can
have whatever you like and not bother anyone else on the Internet.
Assuming all nodes on the LAN use it.
[color=blue]
> ping wgf1 pings an internet host somewhere out there and not my system host[/color]
Based on your nsswitch, I would have thought so.
What is the output from
cat /etc/host.conf
[color=blue]
> host mypersonaldomain.net will return the address of some internet company
> out there and not my system[/color]
That I could believe.
One, mypersonaldomain.net is not in your hosts file.
Two, that will cause external DNS server querys.
$ host $(hostname)
wm81.home.test has address 192.168.1.131
$ hostname -d
home.test
$ host $(hostname -d)
$
See, attempting to look up my domain returned nothing.
It is not registered and I did not setup my DNS server named to
respond with a value.
$ host mail
mail.home.test is an alias for wm81.home.test.
wm81.home.test has address 192.168.1.131
but
$ grep mail /etc/hosts
$
returned nothing.
[color=blue]
> The system is acting like /etc/hosts is being ignored[/color]
What is the contents of
cat /etc/sysconfig/network
and
hostname --fqdn
On Sat, 16 Aug 2008 16:02:45 -0400, Eric <none@email.net> wrote:
[color=blue]
> The system is acting like /etc/hosts is being ignored[/color]
The host and nslookup commands will ignore the /etc/hosts file, however the ping
command should check /etc/hosts ...
[dave@hodgins ~]$ cat /etc/hosts
127.0.0.1 hodgins.homeip.net hodgins localhost localhost.localdomain
193.193.193.3 fred.invalid
[dave@hodgins ~]$ host fred.invalid
Host fred.invalid not found: 3(NXDOMAIN)
[dave@hodgins ~]$ nslookup fred.invalid
** server can't find fred.invalid: NXDOMAIN
[dave@hodgins ~]$ ping -c 1 fred.invalid
PING fred.invalid (193.193.193.3) 56(84) bytes of data
[dave@hodgins ~]$ grep hosts /etc/nsswitch.conf
hosts: files dns
You should not be using email.net for usenet, unless you have permission
from the registered owner.
You can register a hostname for free. I have done so for hodgins.homeip.net
at [url]http://www.dyndns.com/[/url] and nomail.afraid.org at [url]https://freedns.afraid.org:443/[/url]
In the case of hodgins.homeip.net, I've selected the wildcard option, so I can
use anything.hodgins.homeip.net.
I setup nomail.afraid.org specifically for use in usenet. Any email sent to it
is going to a spamtrap. I've given permission to everyone to use it in their from
addresses on usenet.
If you don't want to register a domain then you should follow
[url]http://www.rfc-editor.org/rfc/rfc2606.txt[/url]
The only domain names reserved for "non-existent" domains are
..test, .example, .invalid and .localhost, and only those names.
All other domain names may, eventually be put into use.
I also have bind installed and running. In
/var/lib/named/etc/adblock.conf I have ...
adblock.conf:zone "hodgins.homeip.net" { type master; notify no; file "/etc/db.adblock"; };
so anything running on the localhost will get 127.0.0.1 as the ip for the
hostname. Anything running from another system will get the last ip my
ppp connect script has updated at dyndns.
Regards, Dave Hodgins
--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)
On Sat, 16 Aug 2008 16:46:25 -0400, Bit Twister <BitTwister@mouse-potato.com> wrote:
[color=blue]
> On Sat, 16 Aug 2008 13:02:45 -0700, Eric wrote:
>[color=green]
>> In everything i have ever seen concerning local private networks (the ones
>> on 192.168.x.x) I have never heard an admonishment to use .invalid or .test[/color]
>
> Ok, consider my reply to be your first. :-)[/color]
One warning that should be added to this thread. If you do use a hostname
ending with .invalid, or .example, some programs like leafnode will refuse
to work. See [url]http://groups.google.ca/group/alt.os.linux.mandriva/msg/1aec916f19438eec?[/url]
It's best to register and use your own hostname.
Regards, Dave Hodgins
--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)
On Sat, 16 Aug 2008 17:16:03 -0400, David W. Hodgins wrote:[color=blue]
> On Sat, 16 Aug 2008 16:46:25 -0400, Bit Twister <BitTwister@mouse-potato.com> wrote:
>[color=green]
>> On Sat, 16 Aug 2008 13:02:45 -0700, Eric wrote:
>>[color=darkred]
>>> In everything i have ever seen concerning local private networks (the ones
>>> on 192.168.x.x) I have never heard an admonishment to use .invalid or .test[/color]
>>
>> Ok, consider my reply to be your first. :-)[/color]
>
> One warning that should be added to this thread. If you do use a hostname
> ending with .invalid, or .example, some programs like leafnode will refuse
> to work. See [url]http://groups.google.ca/group/alt.os.linux.mandriva/msg/1aec916f19438eec?[/url]
>[/color]
I still say .test should be valid in leafnode. :-D
In ether case, setting the hostname variable in leafnode.conf will let
leafnode run.
David W. Hodgins wrote:
[color=blue]
> On Sat, 16 Aug 2008 16:46:25 -0400, Bit Twister
> <BitTwister@mouse-potato.com> wrote:
>[color=green]
>> On Sat, 16 Aug 2008 13:02:45 -0700, Eric wrote:
>>[color=darkred]
>>> In everything i have ever seen concerning local private networks (the
>>> ones on 192.168.x.x) I have never heard an admonishment to use .invalid
>>> or .test[/color]
>>
>> Ok, consider my reply to be your first. :-)[/color]
>
> One warning that should be added to this thread. If you do use a hostname
> ending with .invalid, or .example, some programs like leafnode will refuse
> to work. See
> [url]http://groups.google.ca/group/alt.os.linux.mandriva/msg/1aec916f19438eec?[/url]
>
> It's best to register and use your own hostname.
>
> Regards, Dave Hodgins
>[/color]
What about the millions of windows users who just make up a name?
surely this would have generated a flood of queries about mis-directed pings
to their own systems by now.
Another example: if i cant use any name i want, why does my laptop work
properly when it has my employers domain name?
My local network, being on 192.168.x.x behind a router (and a cable modem)
is address isolated from the internet. If my neighbor is on the same
192.168.x.x address and behind a router and cable modem it matters not a
bit and I'll never be able to resolve any host on his network. e.g ping
joe.whatever.net wont ever return a 192.168.x.x address. If joe pings
joe.whatever.net it will *always* return the 192.168.x.x address of joes
system and not my system of 192.168.x.x, not only that, but if joe decides
to name his network google.com then the only adverse effect he should see
is that he wont be able to get to the real google because the resolver will
always say "HEY! google.com is right here on 192.168.x.x" on joes network.
Good point about email.net, i fixed it
for bittwister:
# cat /etc/host.conf
order hosts,bind
multi on
nospoof on
Thanks
Eric
On Sat, 16 Aug 2008 17:14:12 -0700, Eric wrote:
[color=blue]
> My local network, being on 192.168.x.x behind a router (and a cable modem)
> is address isolated from the internet. If my neighbor is on the same
> 192.168.x.x address and behind a router and cable modem it matters not a
> bit and I'll never be able to resolve any host on his network. e.g ping
> joe.whatever.net wont ever return a 192.168.x.x address.[/color]
That is correct, ISP gateway is supposed to drop 192.168.x.x address.
[color=blue]
> # cat /etc/host.conf
> order hosts,bind
> multi on
> nospoof on[/color]
Figured that was ok, still waiting for
cat /etc/sysconfig/network
and hostname --fqdn
results.
On Sat, 16 Aug 2008 13:02:45 -0700, Eric wrote:
[color=blue]
> ping wgf1 will ping an internet host somewhere out there and not my system
> host
> host mypersonaldomain.net will return the address of some internet company
> out there and not my system
>
> The system is acting like /etc/hosts is being ignored[/color]
Just for fun, put a # in front of your search line in /etc/resolv.conf,
save, and try the ping -c1 wgf1 again.
Do remember to remove the # on the search line.
On Sat, 16 Aug 2008 20:14:12 -0400, Eric <none@junkemail.net> wrote:
[color=blue]
> What about the millions of windows users who just make up a name?[/color]
Most of them are not running any real servers, where the name matters.
How many windows users do you know, who run a smtp server? Most use either
their isp's smtp server, or webmail.
[color=blue]
> Another example: if i cant use any name i want, why does my laptop work
> properly when it has my employers domain name?[/color]
It isn't that you cannot use any name you want, just that is is not a good idea
from a networking point of view, and can be abusive. There are two reasons for
using a valid hostname, or a rfc2606 compliant name.
The first reason, is that using a name that is registered to someone else
will break applications that pick up the ip address from a name server, that
is not under your control. Keep in mind that some applications, such as host
and nslookup will not use /etc/hosts, no matter what you have in /etc/resolv.conf,
so any scripts or programs that call them, also will fail.
The second reason, is that you may end up sending unwanted traffic to the
real owner.
[color=blue]
> Good point about email.net, i fixed it[/color]
Do you have permission for junkemail.net, from the registered owner, Lycos Inc?
The problem with making up names, even if you check to ensure they are not currently
in use, is that they may be registered in the future. Even if you pick an invalid
top level domain, that tld may someday become valid.
For usenet, you are welcome to use @nomail.afraid.org.
Regards, Dave Hodgins
--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)
On Sunday 17 August 2008 02:52, someone identifying as *David W. Hodgins*
wrote in /alt.os.linux.mandriva:/
[color=blue]
> How many windows users do you know, who run a smtp server?[/color]
About 85% of them, I'd say... ;-)
[url]http://en.wikipedia.org/wiki/Botnet[/url]
Sorry about that... With a cue like that, I just couldn't resist... :p
--
*Aragorn*
(registered GNU/Linux user #223157)
On Sun, 17 Aug 2008 03:46:32 +0200, Aragorn wrote:[color=blue]
> On Sunday 17 August 2008 02:52, someone identifying as *David W. Hodgins*
> wrote in /alt.os.linux.mandriva:/
>[color=green]
>> How many windows users do you know, who run a smtp server?[/color]
>
> About 85% of them, I'd say... ;-)
>
> [url]http://en.wikipedia.org/wiki/Botnet[/url]
>
> Sorry about that... With a cue like that, I just couldn't resist... :p[/color]
Heheheh, reminds me of when cracking boxes was for fun by the kids.
First thing they did was harden the box so no one else could crack it.
Newbie wound up with a more secure system.
On Sunday 17 August 2008 04:12, someone identifying as *Bit Twister* wrote
in /alt.os.linux.mandriva:/
[color=blue]
> On Sun, 17 Aug 2008 03:46:32 +0200, Aragorn wrote:[color=green]
>> On Sunday 17 August 2008 02:52, someone identifying as *David W. Hodgins*
>> wrote in /alt.os.linux.mandriva:/
>>[color=darkred]
>>> How many windows users do you know, who run a smtp server?[/color]
>>
>> About 85% of them, I'd say... ;-)
>>
>> [url]http://en.wikipedia.org/wiki/Botnet[/url]
>>
>> Sorry about that... With a cue like that, I just couldn't resist... :p[/color]
>
> Heheheh, reminds me of when cracking boxes was for fun by the kids.
> First thing they did was harden the box so no one else could crack it.
> Newbie wound up with a more secure system.[/color]
Well, one of the great things about UNIX systems and GNU/Linux in particular
is that the system itself is already so secure out of the box that a
serious system administrator doesn't have any difficulty at all at keeping
the system secure enough.
For instance, there's that whole firewall thing. For someone running
GNU/Linux on a box that's connected to the internet via a simple enduser
client connection, there's no need to run a firewall at all. A system
that's properly set up and that disallows root logins - especially remote
ones - is secure enough.
I've been running GNU/Linux since late November 1999, and I only got an
internet connection as of April 2000. I've never set up a firewall -
although I have used /iptables/ to set up NAT and PAT - and I've never had
any problems with malware or anyone trying to break into my system.
Of course - and as explained in my Partitioning Mini-HowTo posted in this
group recently - I do keep a lot of my filesystems mounted read-only, and
the ones mounted read/write all have carefully selected mount options.
Root logins over /ssh/ are disabled, as are direct root logins on the
console. Single user mode requires /sulogin./
I also don't believe in the "if I plug it in, it must be automagically
configured and set up" paradigm. That's single-user thinking, a Windows
mentality. I treat my system the way UNIX was developed, i.e. as a
multi-user system. No automounting, etc.
It's just that most users here come from the Windows world and some may even
still be using Windows alongside GNU/Linux. Windows is flawed by design,
and thus the experience with Windows makes people think that they are
exposed to the same kinds of threats in GNU/Linux that they were exposed to
in Windows.
And sadly enough, distromakers like Mandriva don't do anything to discourage
this misconception. If anything, they're actually feeding it.
Oh well... ;-)
--
*Aragorn*
(registered GNU/Linux user #223157)
On Sat, 16 Aug 2008 13:02:45 -0700, Eric wrote:
[color=blue]
> hosts:
> 127.0.0.1 wgf1.mypersonaldomain.net wgf1 localhost
> localhost.localdomain
> I also tried
> 127.0.0.1 localhost localhost.localdomain 192.168.1.55
> wgf1.mypersonaldomain.net wgf1[/color]
Change this to;
127.0.0.1 mypersonaldomain.net mypersonaldomain localhost
--
Want the ultimate in free OTA SD/HDTV Recorder? [url]http://mythtv.org[/url]
My Tivo Experience [url]http://wesnewell.no-ip.com/tivo.htm[/url]
Tivo HD/S3 compared [url]http://wesnewell.no-ip.com/mythtivo.htm[/url]
AMD cpu help [url]http://wesnewell.no-ip.com/cpu.php[/url]
Bit Twister wrote:
[color=blue]
> On Sat, 16 Aug 2008 17:16:03 -0400, David W. Hodgins wrote:[/color]
[snip][color=blue][color=green]
>> One warning that should be added to this thread. If you do use a
>> hostname ending with .invalid, or .example, some programs like
>> leafnode will refuse
>> to work. See
>>[/color][/color]
[url]http://groups.google.ca/group/alt.os.linux.mandriva/msg/1aec916f19438eec?[/url][color=blue][color=green]
>>[/color]
>
> I still say .test should be valid in leafnode. :-D
>
> In ether case, setting the hostname variable in leafnode.conf will
> let leafnode run.[/color]
It is quite easy to get a globally unique "FQDN" for free that
does not represent any real machine to identify posts from
your machine.
Point your browser to [url]http://motzarella.org/[/url] for an example.
Although, if your ISP was on the ball they should give you
one to put in leafnode's hostname variable. Don't hold
your breath.
--
Peter D.
Sig goes here...