/etc/dnsrewrite usage poll

Discussion:

Laurent Bercot

2010-07-19 11:38:10 UTC

Hello,

djbdns implements an elaborate qualification mechanism, described at
<URL: http://cr.yp.to/djbdns/qualify.html >, using a djbdns-specific
file named /etc/dnsrewrite (or another file named in the DNSREWRITE
environment variable).

Given the complexity of the stuff, and the wide usage of the "standard"
alternative (simply using 'domain' and 'search' lines in /etc/resolv.conf
to get an elementary qualification mechanism), my first reaction as a
programmer is "It's too complex for what it does".

But I'm not using DNS heavily enough to need the /etc/dnsrewrite features,
and DJB rarely forfeits simplicity without a good reason.
So, I would like to know, from users' viewpoints, how useful this really is.

If you, as an administrator (or programmer) who uses djbdns, have use
for the /etc/dnsrewrite qualification mechanism, please post (or e-mail
me if you don't want it to be public for any reason):
- what are you using /etc/dnsrewrite for ?
- what does it allow you to accomplish that basic /etc/resolv.conf-based
qualification does not ?
- is /etc/dnsrewrite the perfect tool for your needs, or would you design
it differently if you could ?

Thank you,

--
Laurent

Daryl Tester

2010-07-21 23:07:02 UTC

Permalink

Post by Laurent Bercot
But I'm not using DNS heavily enough to need the /etc/dnsrewrite features,
and DJB rarely forfeits simplicity without a good reason.
So, I would like to know, from users' viewpoints, how useful this really is.
From the screaming silence, that's possibly a "not much used" feature.

--
Regards,
Daryl Tester

"This is why I sell beer." -- jwz, http://jwz.livejournal.com/1224702.html

Chris Pugh

2010-07-22 00:00:19 UTC

Permalink

Post by Laurent Bercot

But I'm not using DNS heavily enough to need the /etc/dnsrewrite
features,
and DJB rarely forfeits simplicity without a good reason.
So, I would like to know, from users' viewpoints, how useful this really
is.

From the screaming silence, that's possibly a "not much used" feature.
--
Regards,
Daryl Tester
"This is why I sell beer." -- jwz, http://jwz.livejournal.com/1224702.html

<snip>
If you, as an administrator (or programmer) who uses djbdns, have use
for the /etc/dnsrewrite qualification mechanism, please post (or e-mail
me if you don't want it to be public for any reason)
</snip>

.. then again, maybe the screaming silence comes from all those
direct emails? ;o)

IHO it's quite useful ( and this being DJB )quite comprehensively
covers all bases. It's worth noting the contents of the Compatibility
Notes section of,

http://cr.yp.to/djbdns/qualify.html

Chris.

Laurent Bercot

2010-07-22 14:01:52 UTC

Permalink

Post by Chris Pugh

Post by Laurent Bercot
From the screaming silence, that's possibly a "not much used" feature.

Indeed. But it's summertime, and the living is easy, fish are jumping
and the cotton is high. So I'm giving it a bit more time before deciding
/etc/dnsrewrite is not used at all.

Post by Chris Pugh
.. then again, maybe the screaming silence comes from all those
direct emails? ;o)

I've had one e-mail answer so far (and I happen to disagree with the
idea that /etc/dnsrewrite is the right solution to the exposed problem).

Post by Chris Pugh
IHO it's quite useful

I want facts. Are you using it? Are you, in practice, solving problems
with it? what kind of problems?

Post by Chris Pugh
covers all bases. It's worth noting the contents of the Compatibility
Notes section of,
http://cr.yp.to/djbdns/qualify.html

Yes, but it's pretty easy to implement a basic qualification mechanism
based on 'domain' and 'search' lines in /etc/resolv.conf. Implementing
the whole /etc/dnsrewrite stuff, compatibility or not, is a lot more
effort and a lot more code.

--
Laurent

Daryl Tester

2010-07-22 21:35:01 UTC

Permalink

Post by Laurent Bercot
Indeed. But it's summertime, and the living is easy, fish are jumping
and the cotton is high. So I'm giving it a bit more time before deciding
/etc/dnsrewrite is not used at all.

It's actually winter, the fish are firmly frozen in their ponds, and we're
stuck indoors with nothing but a toasty 'net connection and two vlans to
rub together to keep warm.

--
Regards,
Daryl Tester

"This is why I sell beer." -- jwz, http://jwz.livejournal.com/1224702.html

Chris Pugh

2010-07-23 08:31:18 UTC

Permalink

Post by Daryl Tester

Indeed. But it's summertime, and the living is easy, fish are jumping
and the cotton is high. So I'm giving it a bit more time before deciding
/etc/dnsrewrite is not used at all.

It's actually winter, the fish are firmly frozen in their ponds, and we're
stuck indoors with nothing but a toasty 'net connection and two vlans to
rub together to keep warm.

Winter??!!

2010 Ozzies are now pink shrimp? Cactus!

http://ecolocalizer.com/2008/12/14/the-coldest-inhabited-places-on-earth

;o)

Laurent Bercot

2010-07-23 10:40:24 UTC

Permalink

Post by Daryl Tester
It's actually winter, the fish are firmly frozen in their ponds, and we're
stuck indoors with nothing but a toasty 'net connection and two vlans to
rub together to keep warm.

!!
Point taken. Sorry for my northern-hemisphere-centrism. XD
Still, I'm also giving southern admins a bit more time, so they can
break the ice encasing the keyboard and slowly type their answers with
cold, shivering fingers.

--
Laurent

David Nicol

2010-07-22 19:12:03 UTC

Permalink

it's pretty easy to implement a basic qualification mechanism based on 'domain' and 'search' lines in /etc/resolv.conf. Implementing the whole /etc/dnsrewrite stuff, compatibility or not, is a lot more effort and a lot more code.

but that wouldn't centralized, and could be trivially circumvented. I
have never needed it, but it is easy to imagine scenarios where the
mix of DHCP clients and servers installed in an enterprise would make
centralizing the rules at the dnscache far superior to attempting the
nightmarish maintenance /and enforcement/ of a standard extended
/etc/resolv.conf: Many DHCP servers simply don't have configuration
options for extended fields, and many DHCP clients simply ignore them,
and even when the capability is there, the configuration may be "easy
to get wrong."

--
"For unknown reasons, Earth sped up in 1999" --Wikipedia on the Leap Second

Paul Jarc

2010-07-22 22:38:26 UTC

Permalink

I have never needed it, but it is easy to imagine scenarios where
the mix of DHCP clients and servers installed in an enterprise would
make centralizing the rules at the dnscache far superior

dnsrewrite doesn't affect dnscache. It's used in client programs like
dnsip, just like /etc/resolv.conf.

paul

Laurent Bercot

2010-07-23 11:06:26 UTC

Permalink

I have never needed it, but it is easy to imagine scenarios where the

Not to pick on you personally, but that's the very line of thought that
leads to creeping featurism and complex projects, and that I'm precisely
trying to avoid.
I too have a very wild imagination, and I can easily figure dozens
of scenarios where /etc/dnsrewrite is not even powerful enough and we
need a Turing-complete preprocessor that would put GNU m4 to shame,
with XML configuration files (because we might need to extend the
configuration language), stored in a SQL database (because we might
want to store other things too and that's what a database is for).
With a graphical user interface (because the majority of users will
want the simplicity of the GUI). The project now uses 30 MB of RAM,
has eight heavy dependencies, is a maintenance nightmare, and it's
still just a domain name qualification mechanism.

Slippery slope is slippery.

I want actual, real cases of /etc/dnsrewrite use. djbdns has been out
for what, 12 years ? If people aren't using /etc/dnsrewrite today, it's
just not needed.

--
Laurent

Laurent Bercot

2010-08-08 12:32:41 UTC

Permalink

The /etc/dnsrewrite mechanism is now officially useless.

Thanks for your participation. :)

--
Laurent