[conspire] (forw) /etc/resolv.conf solution

Rick Moen rick at linuxmafia.com
Sat Sep 2 10:35:43 PDT 2017 

----- Forwarded message from Rick Moen <rick at linuxmafia.com> -----

Date: Sat, 2 Sep 2017 10:33:59 -0700
From: Rick Moen <rick at linuxmafia.com>
To: [a friend]
Subject: /etc/resolv.conf solution Photos
Organization: If you lived here, you'd be $HOME already.


There's something emotionally satisfying about nailing a file like
/etc/resolv.conf into place using 'chattr +i [foo]', but when all is
said and done, it really is a caveman-sysadmin solution, and not The
Right Thing.

However, the real problem in your use-case is DHCP, which is blowing
away your desired 'nameserver 127.0.0.1' in /etc/resolv.con every time
the host gets a DHCP lease.  This is a common problem given the
near-ubiquity of DHCP, these days.  Fortunately, there are (several
alternative) solutions.

(Sometimes, even worse software than the DHCP client, such as notably
Network Manager, do the dirty work.  Friends don't let friends use
Network Manager.)


1.  DHCP client configuration.

Add a line to /etc/dhcp/dhclient.conf saying

prepend domain-name-servers x.x.x.x, y.y.y.y;


This, DHCP _still_ overwrites /etc/resolv.conf, but automatically
prepends a line of your choosing.  Note that the local Linux DNS
resolver provided in glibc uses 'nameserver' entries in resolv.conf
in appearance order.  It will not bother failing over to the second
entry unless the first one ceases to be reachable.



2.  IP stack configuration.  (maybe)


In Debian/Ubuntu/etc. distributions, you can added 'dns-nameservers' 
lines to /etc/network/interfaces, to specify your desired nameservers,
like this example from
https://help.ubuntu.com/lts/serverguide/network-configuration.html#name-resolution:

  iface eth0 inet static
    address 192.168.3.3
    netmask 255.255.255.0
    gateway 192.168.3.1
    dns-search example.com
    dns-nameservers 192.168.3.45 192.168.8.10

To be honest, I'm not totally certain whether this replaces 'nameserver' 
entries the DHCP client writes to /etc/resolv.conf, prepends to them, or
what.  But you could find out through experimentation.

(I suspect this just populates /etc/resolv.conf initially, but still 
leaves the original problem of DHCP overwriting it.)



In RHEL/CentOS/etc., the equivalent is /etc/sysconfig/network-scripts/ifcfg-*
lines saying DNS1, DNS2, etc.

DNS1=xxx.xxx.xxx.xxx
DNS2=xxx.xxx.xxx.xxx
DOMAIN=lab.foo.com bar.foo.com

See:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/3/html/Reference_Guide/s1-networkscripts-interfaces.html



3.  resolvconf package (generally an optional package)

resolvconf is an optional utility that 'manages' the contents of
/etc/resolv.conf by 

1. Turning it into a symlink to /run/resolvconf/resolv.conf (or similar).
2. Assembling the latter from prototype fragments in
/etc/resolvconf/resolv.conf.d/*  Thus, you could have
/etc/resolvconf/resolv.conf.d/head saying

nameserver 127.0.0.1

See docs for the resolvconf package for more details on this somewhat
labyrinthine and hacky toolkit.  

Which toolkit should be a cautionary tale for bad naming of software,
because it's almost impossible to Web-search relevant information about
'resolvconf', the good search results being overwhelmed by useless ones
about resolv.conf .  Also, there have been multiple implementations of
resolvconf, including one for FreeBSD, making Web-search even more
challenging.



----- End forwarded message -----

More information about the conspire mailing list