Am Dienstag, 13. März 2007 11:40 schrieb Sjoerd Simons:
> > Added to that I would be more reluctant to add an option to nsswitch that > > delays reverse lookups where the DNS server returns not found in a > > fraction of a second by 5 seconds or more. > > Avahi doesn't query the dns server for the reverse lookup, but uses > Multicast DNS.. Because that's what avahi is, a multicast dns daemon :).. Hello Sjoerd, I know that. And sure as stated in nsswitch.conf mdns is asked afterwards and thus observed behavior is to be expected. I didn't think this to its logical end. > I'll ask upstream why avahi doesn't cache negative lookups for some time.. > But even if it did it wouldn't really solve your problem, as the timeout > will keep occuring from time to time. I think it would make the critical difference between unusable and quite usable if the timeout would be 5 minutes or so. Actually I do not see much other alternatives if one wants to use mdns in a network with incomplete reverse DNS configuration. For us right now its no problem to go without mdns and we also can complete the reverse DNS configuration. But caching negative results also has a negative impact on the mdns functionality I think. Imagine you try to reach a host that you forgot to connect to the network, then you connect it, and you have to wait for the negative lookup cache entry timeout before you can get a positive result from Avahi, unless Avahi passively gets notice of the new host. > I'm reassigning this bug to nss-mdns.. I need to discuss with some others > what to do about this.. Your suggestion of not adding the final mdns > fallback does make sense for your network, but it will break some > functionality on others.. (Where mdns can actually rev. resolv the ip > because the other machine also uses mdns..) Thats the problem here. While I agree that having complete reverse DNS configuration is generally a good idea and we recently installed a tool to ensure it in the future, the default configuration of libnss-mdns may make network workstations and possibly servers quite unusable in such networks and I bet there might be quite some out there. And to my knowledge a complete reverse DNS configuration is not a strict requirement. If thats really the case libnss-mdns by default places a requirement upon the network configuration that hasn't been there before. OTOH not having it configured that way breaks mdns functionality on other networks. The only other compromise than timeout for negative lookups I can think of is to have avahi-daemon running in passive mode. I do not know enough about how multicast DNS works to say whether thats possible at all. In this mode avahi-daemon would collect mdns announcements (if mdns capable machines announce themselves at all which I do not know) in a cache and will serve requests from this cache. If an entry is not in the cache it would return immediately. Regards, -- Martin Steigerwald - team(ix) GmbH - http://www.teamix.de gpg: 19E3 8D42 896F D004 08AC A0CA 1E10 C593 0399 AE90
