| View previous topic :: View next topic |
| Author |
Message |
Jaglover
Watchman
Joined: 29 May 2005
Posts: 8291
Location: Saint Amant, Acadiana
|
|
| Back to top |
|
 |
khayyam
Watchman
Joined: 07 Jun 2012
Posts: 6227
Location: Room 101
|
 Posted: Tue Apr 04, 2017 7:30 pm Post subject: Re: How avahi works? |
 |
|
| Jaglover wrote: | | Can't figure out how avahi resolves IP addresses, net search gives lots of documents but none I have found so far covers the process of resolving external IP addresses. Is it using DNS given by DHCP? |
Jaglover ... it's using multicastDNS (mDNS) ... you might be better off searching for zeroconf rather than avahi.
HTH & best ... khay |
|
| Back to top |
|
|
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3134
|
| Posted: Tue Apr 04, 2017 8:23 pm Post subject: |
|
|
Basically all hosts with avahi subscribe to the same multicast group (predefined - no specific configuration required) and then periodically announce themselves (their names and services provided) to that group setting some arbitrary timeout value (used to be 2 minutes or something close to that), and also announce themselves with timeout of 0 when the host is about to leave that network.
In addition, if you want to resolve a name your local avahi deamon is not familiar with, it will simply send query packet to that multicast group and wait for some host claiming that identity to reply.
Fun fact: on Linux you can open multiple sockets on a single UDP port. All open sockets can send data with the same local port number. Unicast traffic will be delivered to the most recently opened socket. Multicast traffic will be delivered to all sockets subscribed to the multicast group (so multiple applications can receive the same multicast packet). |
|
| Back to top |
|
|
Jaglover
Watchman
Joined: 29 May 2005
Posts: 8291
Location: Saint Amant, Acadiana
|
| Posted: Tue Apr 04, 2017 8:42 pm Post subject: |
|
|
Thanks for replies. 
Still in dark what happens when, say, a web browser wants www.google.com resolved. It queries avahi, how avahi gets the public address of google? Will it pass the query to another DNS resolver or will it query root servers? If first, where can avahi be configured to use a specific DNS?
I'm asking this because I have a Mint machine here and dig command clearly uses 127.0.1.1 by default which is avahi. 
_________________
My Gentoo installation notes.
Please learn how to denote units correctly! |
|
| Back to top |
|
|
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3134
|
| Posted: Tue Apr 04, 2017 8:58 pm Post subject: |
|
|
Avahi will not resolve google's IP.
However, when you configure your box to use avahi for IP resolution, you typically end up with this line in /etc/nsswitch.conf
| Code: | hosts: files mdns dns
|
So, it will check /etc/hosts first ("files" is the first option listed), then query multicast dns with avahi, and then go for regular dns service.
Of course, as soon as you get a reply, the query is dropped. In the above example, neither dns nor mdns will be referred if you can resolve the name with local configs.
You may consider swapping dns and mdns around to prevent malicious neighbour from impersonating a global service. The downside is, you will always query DNS on every call to your neighbour in that case. Not a big deal with a DNS server running on your router, but it might impact LAN's performance if the DNS is slow.
By the way, dnsmasq also points your resolver to 127.0.0.1 by default. |
|
| Back to top |
|
|
Jaglover
Watchman
Joined: 29 May 2005
Posts: 8291
Location: Saint Amant, Acadiana
|
| Posted: Tue Apr 04, 2017 9:19 pm Post subject: |
|
|
127.0.0.1 is not the same as 127.0.1.1.
Anyhow, it is querying dns. Where is it configured? Where can I tell avahi to use particular DNS? I went thru avahi configuration files in /etc/avahi and found nothing.
What a devilish piece of software, no proper documentation, even no man page. How can one troubleshoot it without knowing how it is configured?
_________________
My Gentoo installation notes.
Please learn how to denote units correctly! |
|
| Back to top |
|
|
Ant P.
Watchman
Joined: 18 Apr 2009
Posts: 6920
|
| Posted: Tue Apr 04, 2017 11:12 pm Post subject: |
|
|
| Jaglover wrote: | | Where is it configured? Where can I tell avahi to use particular DNS? I went thru avahi configuration files in /etc/avahi and found nothing. |
This question doesn't make any sense. Avahi does not send any traffic to port 53. The "DNS servers" avahi queries are your other computers/devices running avahi or zeroconf; if you want it to only see a subset of them, you need to do that at layer 2. |
|
| Back to top |
|
|
Jaglover
Watchman
Joined: 29 May 2005
Posts: 8291
Location: Saint Amant, Acadiana
|
| Posted: Tue Apr 04, 2017 11:26 pm Post subject: |
|
|
I agree I do not understand how it works. But all DNS queries are sent to avahi in this Mint machine.
See, it comes from 127.0.1.1, which is avahi.
Makes me think avahi is a middleman between application and real DNS resolver.
_________________
My Gentoo installation notes.
Please learn how to denote units correctly! |
|
| Back to top |
|
|
Ant P.
Watchman
Joined: 18 Apr 2009
Posts: 6920
|
| Posted: Tue Apr 04, 2017 11:47 pm Post subject: |
|
|
| That's port 53. Are you running avahi on port 53? Post the output of ss -nlp 'sport = 53' |
|
| Back to top |
|
|
Jaglover
Watchman
Joined: 29 May 2005
Posts: 8291
Location: Saint Amant, Acadiana
|
| Posted: Wed Apr 05, 2017 12:09 am Post subject: |
|
|
| Code: | ss -nlp 'sport = 53'
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 127.0.1.1:53 *:* users:(("dnsmasq",pid=893,fd=4))
tcp LISTEN 0 5 127.0.1.1:53 *:* users:(("dnsmasq",pid=893,fd=5))
|
I'm not running anything, this is Linux Mint, unmodified.
| Code: | cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.1.1
|
_________________
My Gentoo installation notes.
Please learn how to denote units correctly! |
|
| Back to top |
|
|
Hu
Moderator
Joined: 06 Mar 2007
Posts: 21624
|
| Posted: Wed Apr 05, 2017 1:12 am Post subject: |
|
|
| That ss output says your queries are going to dnsmasq, not avahi. dnsmasq can act as a forwarding resolver for domains it does not resolve locally, so you are correct that a middleman is involved, just not about which program acted as the middleman. You need to look at the dnsmasq configuration to find how it is resolving names. |
|
| Back to top |
|
|
Jaglover
Watchman
Joined: 29 May 2005
Posts: 8291
Location: Saint Amant, Acadiana
|
|
| Back to top |
|
|
|
Unsupported Software
