Le quartidi 4 brumaire, an CCXXVI, to...@tuxteam.de a écrit : > If I give an > FQDN (e.g. duckduckgo.com), the dots in the host name tell the resolver > to bypass the search list.
You are wrong on this particular point. If the host name contains dots, it changes the behaviour of the resolver by having it try the bare domain first, but then it will try the search list too. You can check the behaviour using, for example, the following command line: strace -e sendmmsg -f -s 1024 socat - tcp:doesnotexist.example:80 |& grep --color doesnotexist With just "doesnotexist", I can see the requests: doesnotexist.first.search.domain doesnotexist.second.search.domain doesnotexist With doesnotexist.example (or .example.com), the requests are: doesnotexist.example doesnotexist.example.first.search.domain doesnotexist.example.second.search.domain To inhibit searching in the specified domain, the syntax requires a final dot: "doesnotexist." or "doesnotexist.example.com.". It is a little known fact that the dot in DNS domain names is not a separator but a terminator, and when it is missing it means a possible ellipsis. Regards, -- Nicolas George
signature.asc
Description: Digital signature
