[Bug 80900] Re: Avahi daemon prevents resolution of FQDNs ending in ".local" due to false negatives in the detection of ".local" networks

Thu Jun 6 15:08:23 UTC 2013

Will Rouesnel wrote:
> Switching it to
>     hosts: files dns mdns4_minimal [NOTFOUND=return] mdns4
> fixes it by having DNS get checked first. 

Please see Lennart Poettering's comments at avahi.org

    http://avahi.org/wiki/AvahiAndUnicastDotLocal

and in Debian bug report #393711

    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=393711

about putting "dns" before "mdns4" in nsswitch.conf.

Quoting:

«[T]he line your package version adds has several
disadvantages, among them:

  * Slows down all mDNS lookups
  * Breaks mDNS lookups when the configured DNS server is not
    reachable (!)
  * Is a security hole, because local host info is leaked on unicast
    dns server and as such the internet
  * Is a security hole, because people on the internet can
    redirect local services to other hosts
  * Increases the burden on internet DNS servers needlessly. (This is
    a major problem which caused the creation of projects like AS112)
  * Breaks mDNS RR consistency because the unicast DNS zone .local is
    kind-of merged with the multicast DNS zone .local. However, the
    conflict protocol which makes sure that no two host names or
    service names conflict in the .local zone simply doesn't work
    against names from the .local unicast domain.»

where "the line your package version adds" he refers to is

    hosts:          files mdns_minimal dns mdns

** Bug watch added: Debian Bug tracker #393711
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=393711

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to avahi in Ubuntu.
https://bugs.launchpad.net/bugs/80900

Title:
  Avahi daemon prevents resolution of FQDNs ending in ".local" due to
  false negatives in the detection of ".local" networks

Status in “avahi” package in Ubuntu:
  Triaged

Bug description:
  Install Kubuntu Feisty
  Set the ip address to dhcp for eth0 (ethernet port)
  make sure the host name and domain name are set
  Hostname computer1
  DomainName mydomain.local

  allow DHCP to assign the IP address

  Ensure the computer details are registered in DNS for
  mydomain.local...

  computer names registered in DNS (FQDN) 
  computer1.mydomain.local
  computer2.mydomain.local
  computer3.mydomain.local

  computer2 and computer3 are both running Kubuntu Dapper and are both
  using DHCP.

  if I issue the following comands on computer2 or computer3, it works
  correctly:

  ping computer2      (response received - ping good)
  ping computer3      (response received - ping good)
  ping computer2.mydomain.local       (response received - ping good)
  ping computer3.mydomain.local       (response received - ping good)

  if i issue the same commands from the feisty box (computer1), these
  are the results..

  ping computer2       (response received - ping good)
  ping computer3       (response received - ping good)
  ping computer2.mydomain.local       (unknown host)
  ping computer3.mydomain.local      (unknown host)

  for some reason if you try to ping the fully qualified domain name on
  feisty, it cant resolve it, yet it can resolve it using both static IP
  Addressing and DHCP addressing on Dapper. (i set the IP to static as
  well for the test) Static and DHCP on Dapper works fine. Static and
  DHCP wont resolve fully qualified domain names on Feisty. (computer1,
  computer2 and computer 3 are all Kubuntu machines. DNS Server is a
  Windows 2003 Server (that will be changed a kubuntu server very soon
  though!)

  It can resolve the host name only though, and will return the fully
  qualified domain name in the response.

  cheers

  Rod.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/80900/+subscriptions