Abstract
FreeBSD 9.1, when a DHCP client, uses resolvconf to construct /etc/resolv.conf (which defines the DNS nameservers to query); however, this may be undesired behavior, especially when already running a local nameserver—The local nameserver will be ignored; the local domain won’t be searched; the reverse-lookups for RFC 1918 networks (e.g. 10.0.0.0/8) will fail or timeout.
This blog post describes a technique to override the DHCP-distributed DNS information with local information.
Problem Description
The original /etc/resolv.conf on the FreeBSD machine:
search nono.com
nameserver 127.0.0.1
This had the following advantages:
- Hostnames were searched for within the nono.com domain. For example, when attempting to connect to the printer
hp1536, one didn’t need an FQDN (i.e.hp1536.nono.com). - Reverse-lookups worked properly:
arp -a, displayed the correct hostnames instead of uninformative question marks (“?”).
After configuring the FreeBSD machine as a DHCP client on the Comcast network, /etc/resolv.conf was overwritten:
# Generated by resolvconf
search hsd1.ca.comcast.net.
nameserver 75.75.75.75
nameserver 75.75.76.76
Comcast had configured a reasonable default domain to search, i.e. hsd1.ca.comcast.net., but that is unhelpful for the minority who have set up their own domains. Comcast also gave a reasonable set of nameservers to query, but similarly that is unhelpful for the minority who have set up RFC 1918 zones (e.g. 10.in-addr.arpa) (i.e. arp -a shows question marks, not hostnames).
The Fix
The fix is to configure resolvconf(8) to use the local search domain and nameservers before querying the DHCP-supplied search domains and nameservers. That is accomplished by creating /etc/resolvconf.conf:
search_domains="nono.com"
name_servers="127.0.0.1"
Now make sure that your configuration file is good by running resolvconf to update /etc/resolv.conf:
sudo resolvconf -uYour new /etc/resolv.conf file should look something like the following:
# Generated by resolvconf
search nono.com hsd1.ca.comcast.net.
nameserver 127.0.0.1
nameserver 75.75.75.75
nameserver 75.75.76.76
Admittedly, the Comcast-supplied directives are still there, but we don’t care—our nameserver is queried first, our domain is searched first.
These overrides are persistent. When you reboot your machine, /etc/resolv.conf will be configured with your nameserver first and your search domain first.
About the Author
