6

I have a home network set up using mDNS, containing assorted systems (including an always-on Raspberry Pi). My machines are running avahi daemons, so the current situation is:

  • everybody on the network can resolve host.local names.

What I want in addition:

  • the machines that I administrate can also resolve host to the same address as host.local.

I could think of three ways to do that:

  1. Put search local in /etc/resolv.conf: this is not honored by mDNS as it was supposedly “causing problems”. I could recompile with the --enable-search-domains options on all my machines.

  2. Write static /etc/hosts files in all network machines. This is what I currently do. However, it makes configuration distributed, which I want to avoid (these files do eventually go out-of-sync).

  3. Set up a DNS server on the network. However, the router provided with the Internet access does not do DNS (this is almost a good reason to change for another company), so I would need to set it up on the Raspberry. This also poses the problem of a distributed configuration: the static DNS info on the Raspberry would eventually go out of sync with the mDNS information, so that host and host.local could confusingly point to two different IP addresses...

So, my question is:

  • what are the “problems” posed by the --enable-search-domains option? (The only one I see is that it enables anyone on the LAN to set up an unqualified host name, but 1. I don't use unqualified host names apart from those I already control, and 2. LAN access is already restricted to trusted peers anyway).

  • did I miss any other fourth option? (such as, setup a DNS server + a crontab periodically feeding it with some output of an avahi-browse command?)

Circonflexe
  • 181
  • 1
  • 6
  • This is a bizarre question. If you have mDNS setup on your local machines on your network every machine on your network will see those `.local` addresses. That’s the whole point of mDNS; you don’t have to worry about pretty much all of what you are writing about. If somehow you cannot see other machines on the network with mDNS then that means your router is not passing mDNS packets. If that is the case you need to adjust the settings on your router or simply get a new one. – Giacomo1968 Oct 13 '16 at 10:42
  • 2
    This is an out-of-topic comment, I suspect you misunderstood the question. The `.local` domain works fine, I want to make it the default domain. I edited for clarity. – Circonflexe Oct 13 '16 at 11:36
  • “This is an out-of-topic comment…” Not really. Your question as posted is a bit odd so a comment that just points out the oddness of the question based on the non-clarity of the concept and wording is appropriate. – Giacomo1968 Oct 13 '16 at 16:01
  • 3
    This question is not bizarre at all. In fact, out of all the googling I've done about this issue, and all the StackOverflow/AskUbuntu/SuperUser questions I've found that are related to this issue, this question is the **only one** that accurately describes the problem, potential solutions, and the issues with those solutions. I have been searching for answers to the question of why `--enable-search-domains` is not enabled by default, why it was disabled in the first place, but I haven't found any yet. –  May 27 '17 at 13:42
  • Now that `--enable-search-domains` has been removed as a feature, are there other options? – Daniel H Aug 27 '23 at 03:33

2 Answers2

5

The reason mdns doesn't append .local or search domains is because there is no NXDOMAIN or similar concept in mdns.

So if mdns fails to find a resolution in any caches, it must send a multicast query and wait to see if anything responds. This timeout is lengthy enough for "causing problems".

The following doesn't answer the question, but is speculative of possible implementations to resolve some of the issues.

What I would wish for is to explicitly append .local to hostnames without any dots at the end of the nss chain. E.G.

hosts: files mdns4_minimal [NOTFOUND=return] dns mdns_append

Perhaps it would also be possible to specify a "cache only" mdns resolution. Perhaps with an nsswitch like this

hosts: files mdns4_minimal [NOTFOUND=return] mdns_append_cacheonly dns mdns_append

I envision mdns_append trying both with and without .local appended.

vontrapp
  • 151
  • 1
  • 1
2

I suspect the option is 'not recommended' because it's nearly useless in practice: almost all other mDNS implementations use the .local domain only, so trying to do lookups for whatever domain you happened to obtain from DHCP would only introduce additional delays most of the time. There are also security issues mentioned in the actual mDNS spec.

Instead, nss-mdns could be patched to specifically append .local to dotless names before trying to look them up, instead of using the resolv.conf domains.

Community
  • 1
u1686_grawity
  • 426,297
  • 64
  • 894
  • 966
  • The `search` directive in `resolv.conf` specifically gives the list of domains to consider; if you say `search local` it would just append `.local`, not whatevery ou happen to get from DHCP. – Daniel H Aug 27 '23 at 03:23