On Sat, Jan 22, 2022 at 01:57:38PM -0500, gene heskett wrote: > So my resolv.conf says to search coyote.den, and failing that, use my > isp's nameserver [...]
Again: that is NOT what the resolv.conf file does. The /etc/nsswitch.conf file *SHOULD* tell your system to use the /etc/hosts file first, and DNS second. At least, that's the default and the norm. > So convince me how I can build a stable local network using dhcp that > still allows me to "ssh -Y rpi4" and know for 100% certainty that dhcp > hasn't rerouted my ssh session to tlm.coyote.den. Honestly? I would not try to convince you to do this. It's additional complexity that you clearly don't need, and perhaps aren't ready to handle. For a LAN with no DHCP and no local DNS, here's what you need: 1) Each system must configure its own IP address, netmask, and default route (gateway). This can be done in /etc/network/interfaces if the interface name is well defined. If the interface name is an issue, then you'll also need to set up a ".link" file in /etc/systemd/network/ to assign the interface name. 2) Each system should have an /etc/hosts file which has a unique header per system (containing something like "127.0.1.1 tlm.coyote.den tlm"), and then a copy-pasted body that's the same for all systems. In that body, you'll specify the LAN IP addresses and the LAN hostnames of all your systems. For example, 127.0.0.1 localhost 192.168.1.1 router.coyote.den router 192.168.1.2 tlm.coyote.den tlm 192.168.1.3 sixty40.coyote.den sixty40 ... Obviously I don't know your LAN IP addresses or most of your hostnames, so I can only guess. But this is the general form that it should have. 3) Systems that want to contact the Internet will also need an /etc/resolv.conf file, telling them where the DNS resolvers are. If your router is also your DNS resolver, then you would use something like this: search coyote.den nameserver 192.168.1.1 The "search" line doesn't actually do much here, because all of your Internet queries are going to contain dots (like www.debian.org), and therefore the search domain isn't used. But just in case you ever try to hand a LAN hostname like "tlm" to a program that wants to contact the Internet, the search domain will turn it into "tlm.coyote.den" for you. Systems that have no business contacting the Internet can omit this file. Of course, that won't stop them from contacting the Internet using raw IP addresses. If one of your computers isn't working correctly, then you can troubleshoot it. We might even be able to help you, if you provide enough information. Use "ip a" to see the addresses that are assigned to your interfaces. Are those correct? If not, then you know there's an issue in step 1. Use "ip r" to see the routing table. Is the default route set correctly? If not, then again, it's a step 1 issue. Can your computer access the Internet, but not the other hosts on the LAN? Then it's probably a step 2 issue. Check your /etc/hosts file. Also check /etc/nsswitch.conf for good measure. Can your computer access the other hosts on the LAN, but not the Internet? Then it could be a step 3 thing (incorrect /etc/resolv.conf) if DNS is the issue. If DNS isn't the issue (e.g. if ping 8.8.8.8 fails), then it could be an incorrect default route. Or it could be a firewall thing. I'm not covering firewalls here, but if you've got one, it could be set up incorrectly and cause *all* kinds of havoc.
