DNS in 12.04

[Paul Smith]

On Mon, 2012-05-14 at 20:15 -0400, Ric Moore wrote:
> On 05/14/2012 06:20 PM, Paul Smith wrote:
> > Why the proxy was not working is a different problem, one that can only
> > be solved if you can describe the original issue you were having.
> 
> Ah... it didn't work??

You can probably understand how this isn't very helpful from a debugging
standpoint.

> > FYI, as someone who's struggled with network settings on laptops,
> > running _multiple_ VPNs with different private DNS domains on the same
> > system at the same time, etc. I'm very happy to see Ubuntu attempt to
> > make this work properly out of the box.  I've been deploying dnsmasq
> > with a hand-built configuration as a DNS proxy to deal with exactly the
> > same sets of problems for years now and it works GREAT (I don't use
> > resolvconf, though, as too many proprietary network tools don't work
> > with it).  Traditional UNIX resolv.conf is a weak, pathetic answer to a
> > complex problem.
> 
> It also happens to work. It pretty much always works and always has.

It always has worked, yes, for very simple situations where a system
lived in one naming domain only and never moved.  That's not today's
environment, for a large and ever-increasing number of people.

> So, ethernet was up and talking to my sat modem. I rebooted the modem, 
> to no effect. Yes, I could find 192.168.0.1, my gateway, and the html 
> setup page via firefox directly to the modem. So, all good, just no name 
> resolution. So, I fixed it. Easy-peasy. A newbie would be stuck like 
> chuck, with no where to go.

On the other hand, my fresh install of Ubuntu 12.04 came up first time,
and after each subsequent reboot, and DNS has worked perfectly.  I'd
venture to say this is the experience of almost (but obviously not
quite) 100% of the users of Ubuntu 12.04, otherwise we'd surely be
inundated by complaints: a non-functional DNS is not something you can
just live with.

So obviously, there's something unique about your situation/environment
that caused a problem that others don't see and don't know how to
reproduce.  If you're interested in the experiences of newbies, you'll
help debug it so it can be fixed.

Without any details on your situation we can't help.  For example: do
you use DHCP?  Or static addressing?  Do you connect directly to your
ISP's DHCP server to get a single address?  Or do you have a router that
gets your IP address and then you NAT through the router?  Is your
router your DHCP server?  Etc.

Basically if you use DHCP then your DHCP server is supposed to provide
you with your DNS server IP addresses.  If you use static IP addressing,
you need to set it up yourself (but not in resolv.conf, anymore).

Did you try to use NetworkManager UI to configure your network for
static IP, including setting DNS servers, before you just hand-edited
resolv.conf?  Did that not work?

> The fun part is that everything worked just peachy during the install, 
> which I allowed to apply all updates. After the reboot, nada. You check 
> out my linux user number. Yes, I have been doing this for years myself. 
> My first install was a stack of slackware floppies before we had the 
> Internet in my old town.

You can check out MINE and see I've been doing it at least as long as
you: I started the same way (in fact I used to dd Linux to floppies from
my SunOS 4 workstation at work... and one time I fat-fingered the device
name and overwrite the root partition on my workstation!) and that was
after a number of years of using other versions of UNIX.  Let's just say
my first Emacs was NOT the one written (later) by RMS.

> resolv.conf is dead easy. That is my point. You can add caching
> software, without adding ~another~ layer of obfuscation 
> to break. We're going to out-windows Windows at this rate. Will the 
> "Blue Screen Of Death" be next?  I think that this could have been an 
> optional package to install, an addon, not another half-baked 
> musterbation from Ubuntu.

It's not about caching.  Caching is just a side-effect.

resolv.conf is just a bad design.  You say it's dead easy: sure, if all
you want to do is easy things.  If you want to do anything remotely
interesting it's not just hard, it's impossible.  Because resolv.conf is
stupid.  Consider this: you work from home.  You need a VPN to get into
your work.  Your work obviously has its own internal DNS servers and you
must use those (when the VPN is active) so you can see the servers on
your work network.  Of course when the VPN is NOT active you CANNOT use
your work DNS servers because they're not reachable.

And that's even a simple case, which people have solved by scripts that
rewrite resolv.conf (messy and error-prone but they generally work).
Consider if you have your own internal DNS server (maybe on your router
or something) that lets you see hostnames for your local home LAN, so
you can share files.  Now when your VPN is up and you switch to the work
DNS servers, you can't see your local hosts!  Ridiculous.

Or consider if you have to connect to two OR MORE different VPN services
AT THE SAME TIME (which I have to do every day).  Now you have THREE (or
more) different private DNS spaces you need to search.

resolv.conf is an albatross on the otherwise excellent networking
support in UNIX.  It's a flawed artifact of a simplistic idea of
networking that has been outdated for 15 years or more.

Whether or not this could have been an optional add-on package in
Ubuntu, I'm not sure.  Probably it could have been, but Ubuntu is about
trying to work out of the box: your average newbie is NOT going to
understand that they have to install some extra package to get correct
DNS behavior.


You poo-poo Windows, and I hate working on Windows as much as anyone
believe me.  But one thing they did get right was supporting multiple
DNS spaces; on Windows when you connect to a VPN the DNS support just
works (except when it doesn't, because like most Windows software it's
really unstable--but the _capability_ is there in the design).