SEO

#1 (**permalink**) 03-20-2008, 12:45 PM

The return times for authoritative lookups via my forwarders have been
brutal this spring, so I thought I'd give OpenDNS a try.

Problem is, my brain seems to have gone on vacation, and I can't
enumerate all the places where these might be stashed. For example:

1. resolv.conf for local resolver
2. dhcpd.conf
3. named.conf forwarders line

Anyplace else I forgot?

Yes, I do feel particularly stupid this afternoon. Why do you ask?
--
clvrmnky <mailto:spamtrap@clevermonkey.org>

Direct replies to this address will be blacklisted. Replace "spamtrap"
with my name to contact me directly.

#2 (**permalink**) 03-20-2008, 12:45 PM

On Wed, 19 Mar 2008 16:52:23 -0400,
Clever Monkey <spamtrap@clevermonkey.org.INVALID> wrote:
> Problem is, my brain seems to have gone on vacation, and I can't
> enumerate all the places where these might be stashed. For example:
>
> 1. resolv.conf for local resolver
> 2. dhcpd.conf
> 3. named.conf forwarders line

If you run a named yourself, put it in named.conf and point resolv.conf
(and dhcpd.conf) to your own named instance. If not, only the other two.

Any other place (like other machines on your local network that don't
take their cue from your dhcpd) and your network needs a cleanup.

> Yes, I do feel particularly stupid this afternoon. Why do you ask?

This is where I tell you to give me all your money, no? :-p

--
j p d (at) d s b (dot) t u d e l f t (dot) n l .
This message was originally posted on Usenet in plain text.
Any other representation, additions, or changes do not have my
consent and may be a violation of international copyright law.

#3 (**permalink**) 03-20-2008, 12:45 PM

jpd wrote:
> On Wed, 19 Mar 2008 16:52:23 -0400,
> Clever Monkey <spamtrap@clevermonkey.org.INVALID> wrote:
>> Problem is, my brain seems to have gone on vacation, and I can't
>> enumerate all the places where these might be stashed. For example:
>>
>> 1. resolv.conf for local resolver
>> 2. dhcpd.conf
>> 3. named.conf forwarders line
>
> If you run a named yourself, put it in named.conf and point resolv.conf
> (and dhcpd.conf) to your own named instance. If not, only the other two.
>
Yes I run named locally. Changed it there, resolv.conf and named.conf.
For whatever reason, I have all three nameservers in all lists (with
my local nameserver first), including DHCP. The idea being that if my
local nameserver dies clients can still get out of the network to the
greater unwashed internet.

> Any other place (like other machines on your local network that don't
> take their cue from your dhcpd) and your network needs a cleanup.
>
(Thinks) Hmmm. I hard-coded the wireless access point to an IP for a
specific reason (it is acting as a bridge). I wonder if I also
hard-coded all nameservers, or just my own? Thanks for the reminder.

Everything else should be DHCP.

>> Yes, I do feel particularly stupid this afternoon. Why do you ask?
>
> This is where I tell you to give me all your money, no? :-p
>
Sure, why not- hey! Just wait one minute, here. You are trying to
trick me, aren't you?
--
clvrmnky <mailto:spamtrap@clevermonkey.org>

Direct replies to this address will be blacklisted. Replace "spamtrap"
with my name to contact me directly.

#4 (**permalink**) 03-20-2008, 12:45 PM

On Wed, 19 Mar 2008 17:29:01 -0400,
Clever Monkey <spamtrap@clevermonkey.org.INVALID> wrote:
> The idea being that if my local nameserver dies clients can still get
> out of the network to the greater unwashed internet.

Then it doesn't turn out to run on the gate and if *that* dies, there'll
be no uplink available anyway? Just checking. :-)

> (Thinks) Hmmm. I hard-coded the wireless access point to an IP for a
> specific reason (it is acting as a bridge).

Then it really shouldn't need an IPA, except for maintenance. Altough
while it is fun to put everything in the dhcpd, with IPAs fixed to MAC
addresses if necessairy, changing the hardware also means having to
update the dhcpd.

[snip]
> Everything else should be DHCP.

A great way to find out whether they actually are is... changing the
local network to some other block. (Lots of fun on company networks!)

>>> Yes, I do feel particularly stupid this afternoon. Why do you ask?
>> This is where I tell you to give me all your money, no? :-p
> Sure, why not- hey! Just wait one minute, here. You are trying to
> trick me, aren't you?

I see no trickery, do you? Now, if you'll just hand over your wallet and
sign this blank cheque...? Thank you for your co-operation!

--
j p d (at) d s b (dot) t u d e l f t (dot) n l .
This message was originally posted on Usenet in plain text.
Any other representation, additions, or changes do not have my
consent and may be a violation of international copyright law.

#5 (**permalink**) 03-28-2008, 04:36 AM

jpd wrote:
> On Wed, 19 Mar 2008 17:29:01 -0400,
> Clever Monkey <spamtrap@clevermonkey.org.INVALID> wrote:
>> The idea being that if my local nameserver dies clients can still get
>> out of the network to the greater unwashed internet.
>
> Then it doesn't turn out to run on the gate and if *that* dies, there'll
> be no uplink available anyway? Just checking. :-)
>
Yeah, the gateway seems to be able to route, even if my local nameserver
goes down. Of course, I can't do anything locally.

>> (Thinks) Hmmm. I hard-coded the wireless access point to an IP for a
>> specific reason (it is acting as a bridge).
>
> Then it really shouldn't need an IPA, except for maintenance. Altough
> while it is fun to put everything in the dhcpd, with IPAs fixed to MAC
> addresses if necessairy, changing the hardware also means having to
> update the dhcpd.
>
Well, it has a pretty GUI setup tool that allows for two nameservers.
I'm only using the one, which is my local nameserver that knows how to
forward requests.

I don't do anything explicit with MACs. I actually lied a bit. The
wireless access point has a static IP, and you can route to it, but it
is in "bridge" mode only in that it refers all requests for services to
the edge box. It has the ability to do MAC filtering, higher security,
dynamic addressing for clients and NAT, but I don't use any of that.

Anyway, it looks like I'm good to go.

>>>> Yes, I do feel particularly stupid this afternoon. Why do you ask?
>>> This is where I tell you to give me all your money, no? :-p
>> Sure, why not- hey! Just wait one minute, here. You are trying to
>> trick me, aren't you?
>
> I see no trickery, do you? Now, if you'll just hand over your wallet and
> sign this blank cheque...? Thank you for your co-operation!
>
I'm curious: why is your name "CASH"?

--
clvrmnky <mailto:spamtrap@clevermonkey.org>

Direct replies to this address will be blacklisted. Replace "spamtrap"
with my name to contact me directly.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

SEO

Stupid Unix question: places where DNS server IPs are stored