Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
dhcpd + resolv.conf options
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Kron
n00b
n00b


Joined: 22 Jan 2013
Posts: 10
Location: Belarus, Minsk

PostPosted: Wed Jan 23, 2013 7:30 am    Post subject: dhcpd + resolv.conf options Reply with quote

Hi!
I hope someone can help me with that.

file /etc/resolv.conf supports parameter:
options timeout:n rotate, where n - is seconds of DNS server timeout.

Is there any possibility to give this option to the clients via dhcpd server with some dhcp-option?

Thanks in advance!
Back to top
View user's profile Send private message
kimmie
Guru
Guru


Joined: 08 Sep 2004
Posts: 531
Location: Australia

PostPosted: Wed Jan 23, 2013 8:32 am    Post subject: Reply with quote

It guess it's possible, if all your clients are gentoo (or other linux) boxes under your control. But it still requires special work at the client. It isn't possible in any standard way, you'll have to configure your DHCP server pass a vendor specific option and write hooks at your DHCP client to parse that option and put it into resolv.conf.

There's probably a better way... what problem exactly are you trying to solve?
Back to top
View user's profile Send private message
Kron
n00b
n00b


Joined: 22 Jan 2013
Posts: 10
Location: Belarus, Minsk

PostPosted: Wed Jan 23, 2013 8:46 am    Post subject: Reply with quote

Thank you for your reply!

I have a few dns servers in my network. Ip address of both servers client takes with dhcp request.
Client took a lot of time to resolve names if the first nameserver in /etc/resolv.conf file falls.
I have a lot of computers that takes their ip addresses via dhcpd server so I thought I can send them timeout param with dhcp reply, to solve this problem.

Also, I found that when client uses dhcp, even if i`ll put the record dns_options="timeout:1 rotate" to the /etc/conf.d/net file, it won`t do anything.
So I`m still searching some solution with that in case if DNS server fall.
Back to top
View user's profile Send private message
kimmie
Guru
Guru


Joined: 08 Sep 2004
Posts: 531
Location: Australia

PostPosted: Wed Jan 23, 2013 9:22 am    Post subject: Reply with quote

A timeout of 1 for DNS lookups is really too short. I have encountered more than one ISP where the DNS servers were working, but took > 2S at busy times - causing many headaches for non-techie Windows users. You shouldn't be using a timeout this short, because you may fail lookups even when your server is working.

In practice, DNS servers are not supposed to fail, and you can expect some issues if they do. Windows and linux dns clients have different solutions to this problem, no solution is perfect. If your network design is such that your primary DNS server is up sometimes, and other times not (barring failure), then you are just creating problems for yourself, so you should have a rethink.

Having said that, running nscd (cache) and/or dnsmasq (forwarder, which will favour upstream servers that are working) on the client can help.

If you are using dhcpcd client you can force stuff into resolv.conf by putting it in /etc/resolv.conf.head (added at the start) or /etc/resolv.conf.tail (at the end).

This happens in /lib/dhcpcd/dhcpcd-hooks/20-resolv.conf. See man dhcpcd-run-hooks.
Back to top
View user's profile Send private message
Kron
n00b
n00b


Joined: 22 Jan 2013
Posts: 10
Location: Belarus, Minsk

PostPosted: Wed Jan 23, 2013 9:36 am    Post subject: Reply with quote

Quote:
A timeout of 1 for DNS lookups is really too short.

Yes, but it`s short for internet. With local dns servers it took about ~20ms, so I think 1 second must be enough in this situation.

Quote:
In practice, DNS servers are not supposed to fail, and you can expect some issues if they do.

I`m agree with that, but sometimes it happens and there must be a high availability solution, my question is more workaround for this problem than solution.

Now I`m using dnrd that works as dns proxy server. If some of the dns will fall, proxy will deactivate it. If proxy fall -> another proxy will do this job.

Thank`s a lot for your help!
Back to top
View user's profile Send private message
kimmie
Guru
Guru


Joined: 08 Sep 2004
Posts: 531
Location: Australia

PostPosted: Wed Jan 23, 2013 9:52 am    Post subject: Reply with quote

It takes 20ms only if the result is already cached at the local DNS server. The client timeout should allow for the local DNS server to recursively resolve the query on the net.

Not familiar with dnrd, but looks like it is similar to dnsmasq. I use dnsmasq on my laptop, as well as the caching and proxy stuff it's really handy for VPNs because you can send queries for specific domains to specific servers. But dnsmasq has DHCP functionality too which I don't use, I'll have a look at dnrd, maybe it's cleaner...
Back to top
View user's profile Send private message
cwr
Veteran
Veteran


Joined: 17 Dec 2005
Posts: 1969

PostPosted: Wed Jan 23, 2013 2:17 pm    Post subject: Reply with quote

DNS shouldn't break, and if it does break your entire network is broken and
you need to know about it. One way around it, for a small local network,
would be to rely on a hosts file copied to each machine.

I use Bind on my (very small) local net, with a fallback on a different subnet
if a machine is booted when the server isn't available. That way, I can see
at once what's happened.

Will
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum