On Thu, Feb 09, 2023 at 02:54:01AM -0500, gene heskett wrote: > Where you run a dns of sorts, I don't, resolv.conf says check host first, > then query the router which forwards it to the nameserver at my isp.
Gene, we've been over this MANY times in the last several years. I'll repeat it once more here: Whatever you think you've done in resolv.conf to change the name service order has NO EFFECT in reality. You are conflating things from the old libc5 days with their modern equivalents, and you've got them all mixed together in a nonsense configuration. And every time I tell you this, it just slides right off. Nevertheless, I'm trying again. Name service switch configuration in the modern libc6 days is contained in the /etc/nsswitch.conf file. This is where your system defines "local files first, then DNS" or whatever other order you want. It USED TO BE in the /etc/host.conf file. See for example <https://tldp.org/LDP/nag/node82.html>, last updated in 1996. Somehow, you have taken configuration that would have been in the /etc/host.conf file in 1996, and moved it to /etc/resolv.conf on your system, and you have convinced yourself that this actually does something. Name service order is defined by the "hosts:" line in /etc/nsswitch.conf. Mine says this: unicorn:~$ grep hosts /etc/nsswitch.conf hosts: files mdns4_minimal [NOTFOUND=return] dns which means "local files first, then this mdns4_minimal thing, and if that says notfound, then stop and use that result, but if it doesn't work at all, then use DNS". (I have no idea what mdns4_minimal is, but Debian put it there, and it hasn't caused a problem yet so I left it alone.) The /etc/resolv.conf file is used by the DNS resolver, to decide what nameserver(s) to use (their IP addresses must be listed), and in some cases, what domain names to append to the input, and when to append them (or not append them). unicorn:~$ cat /etc/resolv.conf search wooledge.org nameserver 127.0.0.1 nameserver 10.0.0.1 nameserver 8.8.8.8 Mine says "append .wooledge.org to any name without any dots in it, and try the nameserver at 127.0.0.1 first, then the nameserver at 10.0.0.1, and finally the nameserver at 8.8.8.8". I use this nameserver configuration because I run a dnscache locally (127.0.0.1) which should be the primary and preferred source of DNS information. But if for some reason that's not available, it should try the router's forwarding nameserver (10.0.0.1), which is configured by my ISP's DHCP server, and forwards to my ISP. And if *that's* not available or not working, then fall back to Google's 8.8.8.8 nameserver as the last resort. I also go out of my way to ensure that this file is never modified by anything other than me. This is not a laptop or a phone. It doesn't move around to various networks, so I don't want a dynamic nameserver configuration. I want THIS configuration, at all times, period. If anyone else wants help doing that, see <https://wiki.debian.org/resolv.conf>.
