Very Computer

My apologies for the long post, but there's a peculiar problem I can't
figure out:

I have a FreeBSD 2.1.6 machine called "sitagw2k" from which "ping
sitagw2k", "ftp sitagw2k", "telnet..." etc work fine.  But "host
sitagw2k" and "nslookup sitagw2k" don't work.  I dont have "named"
running - we have a gateway/firewall machine which is used as a
nameserver as well as our link to the outside world.  That part is
fine: "nslookup ftp.freebsd.org" returns 165.113.58.253 and
wcarchive.cdrom.com, for instance.

So I have the peculiar situation that these commands can find others,
but not the machine on which they are running!

Details of configuration:

This is FreeBSD 2.1.6 on an unused P75 that nobody claimed - it is
*not* possible to sanctify its existence by including its name and IP
address in the NIS maps because if I attempt to do that I might lose
the machine (don't ask :-)  So I always refer to it by its IP address,
and everything works fine (FTP server, X server, Samba, is all I've
loaded on it so far).

But I loaded apache today, and got an unknown host error when
attempting to "http://iii.jjj.kkk.lll/~sitaram" (where the iii stuff
is the IP address).  The error I got was that "sitagw2k.mydomain.com"
was not found - it had resolved the IP address into a name, then
failed on the name lookup!

I spent about 2 hours trying to figure this out - during which time I
found out about host and nslookup!  I'd never had occasion to use them
before...I figure if I can get them to recognise "sitagw2k", apache
will too.

Other details: (1) "named" is not running.  (2) /etc/hosts contain the
127.0.0.1 (localhost) entry, as well as the sitagw2k entry with my IP
address on it.  (3) resolv.conf has our "gateway"s IP address as a
nameserver.

Any help, pointers, or suggestions much appreciated!  I'm at the end
of my tether.  I'd be happy to supply any other details that might be
pertinent that I have missed.

Sitaram

Quote:

>I have a FreeBSD 2.1.6 machine called "sitagw2k" from which "ping
>sitagw2k", "ftp sitagw2k", "telnet..." etc work fine.  But "host
>sitagw2k" and "nslookup sitagw2k" don't work.  I dont have "named"
>running - we have a gateway/firewall machine which is used as a
>nameserver as well as our link to the outside world.  That part is
>fine: "nslookup ftp.freebsd.org" returns 165.113.58.253 and
>wcarchive.cdrom.com, for instance.

>So I have the peculiar situation that these commands can find others,
>but not the machine on which they are running!

Quote:>Details of configuration:

>This is FreeBSD 2.1.6 on an unused P75 that nobody claimed - it is
>*not* possible to sanctify its existence by including its name and IP
>address in the NIS maps because if I attempt to do that I might lose
>the machine (don't ask :-)  So I always refer to it by its IP address,

Quote:

>But I loaded apache today, and got an unknown host error when
>attempting to "http://iii.jjj.kkk.lll/~sitaram" (where the iii stuff
>is the IP address).  The error I got was that "sitagw2k.mydomain.com"
>was not found - it had resolved the IP address into a name, then
>failed on the name lookup!

Unfortunately, there is no RFC that covers how a host is supposed to
act when BOTH it's HOSTS file and it's nameserver contain valid data.

So, it is implementation dependent.  In your case, the resolver library
is querying the DNS, which is returning an "unknown host" and the
resolver is then saying "OK, I'm done so I'll tell the application
that the IP number bombed out"  This is understandable, because after
all the nameserver did respond with a valid response, it's just not the
response you want.

If the nameserver were offline, or the resolv.conf file was missing,
then the resolver library would get an error upon attempting to query
a nameserver.  It would then fall back to the local hosts file in a last
ditch effort to obtain a name-to-IP number mapping.

Now, in my opinion, the Right Thing to Do for a properly programmed
resolver is that if they get a "host unknown" response from a valid
nameserver that it should make a last-ditch effort to look for the
number/name in the local HOSTS file.  Unfortunately, most programmers
apparently don't feel this way because most resolvers out there ignore
HOSTS if an active DNS server is present.

You have two avenues to fix this:

1) You can run a local copy of named in "caching-only" mode, and make
it authorative for your own IP network number.  This means that if
your admins make a change in the DNS for your own network, you won't
see it unless you make the same change in your own DNS database.  It
will work for outside hosts, just not your own domain. (unless you have
entered hosts in it)  This may or may not be a problem for you.  You then
(obviously) create a resolv.conf pointing to your own machine.

2) You can modify the source for libresolv so that it falls back to
your own HOSTS file no matter what before returning with a host
unknown, then recompile everything that uses it.

Ted  

hosts
bind

in /etc/host.conf it *should* always try the host table first.  I'm not sure if
the resolver routines honor this, but it's worth a shot.  This mechanism is
much more formalized in SysV-based Unices...

- Mike