On Tue, 9 Dec 2014, Ted Unangst wrote: > Curious if anyone knows a simple way to prevent resolution of one word > hostnames. Either via resolv.conf or unbound.conf. > > For example: > > athens:~> host android > android has address 127.0.53.53 > android mail is handled by 10 your-dns-needs-immediate-attention.android. > > I do not like this. > > athens:~> host bobo > Host bobo not found: 3(NXDOMAIN) > > This is much better. > > athens:~> host com > > This isn't great either. > > I realize this is how DNS works, but I also think it's something I > should be able to "fix" at a local level. The fact that anything and > everything can now be a TLD is pretty sneaky. If a DNS lookup has only > a single part, I would like to restrict it to the search domain. >
I'm by no means a DNS expert but I've been dealing with it for a long time. The only thing I can think of to force one word hostnames to be resolved in the search domain exclusively would be to patch the resolver library. If you find an answer please do pass it along because I might be interested in putting that in place on a few machines. Probably the best solution would be a patch to the resolver library that adds an option to resolv.conf(5) that allows it to easily be turned on/off. The only question is would this break things? Maybe it would require a bypass list of TLDs in a file like /etc/resolv_tlds.conf? -- John Merriam j...@johnmerriam.net
