networking - How to replace mdns4_minimal with BIND? - Ask Ubuntu

have ubuntu 16.04 lts version. according task should install bind dns server. noticed in nsswitch.conf has:

hosts: files mdns4_minimal [notfound=return] dns mdns4

could please explain mdns4_minimal , mdns4 mean , how make system use local bind instance resolve dns queries?

yes, know how start/stop bind.

systemctl enable bind9 systemctl start/stop bind9. 

• mdns or multicast dns service provided avahi/bonjour daemon, let small network computers use names no central dns present. uses default .local domain.

• if not using .local dns server set dns after mdns nsswitch.conf

  hosts: files mdns4_minimal dns [notfound=return] mdns4 

  otherwise .local used dns server (no use mdns service)

  hosts: files dns [notfound=return] mdns4_minimal mdns4 

• what difference between mdn4_minimal , mdns4?

  to answer you, better let know how collect such info , learn :) (## comment tell objective command below it)

  ## update "locate" database ~$ sudo updatedb ## search file "mdns4_minimal" in name ~$ locate mdns4_minimal /lib/x86_64-linux-gnu/libnss_mdns4_minimal.so.2  ## package installs file ~$ dpkg -s /lib/x86_64-linux-gnu/libnss_mdns4_minimal.so.2 libnss-mdns:amd64: /lib/x86_64-linux-gnu/libnss_mdns4_minimal.so.2  ## list files same package ~$ dpkg -l libnss-mdns:amd64 /. /usr /usr/share /usr/share/lintian /usr/share/lintian/overrides /usr/share/lintian/overrides/libnss-mdns /usr/share/doc /usr/share/doc/libnss-mdns /usr/share/doc/libnss-mdns/copyright /usr/share/doc/libnss-mdns/readme.html /usr/share/doc/libnss-mdns/readme.debian /usr/share/doc/libnss-mdns/style.css /usr/share/doc/libnss-mdns/changelog.debian.gz /lib /lib/x86_64-linux-gnu /lib/x86_64-linux-gnu/libnss_mdns4.so.2 /lib/x86_64-linux-gnu/libnss_mdns_minimal.so.2 /lib/x86_64-linux-gnu/libnss_mdns.so.2 /lib/x86_64-linux-gnu/libnss_mdns4_minimal.so.2 /lib/x86_64-linux-gnu/libnss_mdns6.so.2 /lib/x86_64-linux-gnu/libnss_mdns6_minimal.so.2  ## "readme.html" looks documentation there, open ~$ xdg-open /usr/share/doc/libnss-mdns/readme.html 

  documentation

  after compiling , installing nss-mdns you'll find 6 new nss modules in /lib:

  • libnss_mdns.so.2
  • libnss_mdns4.so.2
  • libnss_mdns6.so.2
  • libnss_mdns_minimal.so.2
  • libnss_mdns4_minimal.so.2
  • libnss_mdns6_minimal.so.2

  
  libnss_mdns.so.2 resolves both ipv6 , ipv4 addresses, libnss_mdns4.so.2 ipv4 addresses , libnss_mdns6.so.2 ipv6 addresses. due fact mdns responders register local ipv4 addresses via mdns, people want use libnss_mdns4.so.2 exclusively. using libnss_mdns.so.2 or libnss_mdns6.so.2 in such situation causes long timeouts when resolving hosts since modern unix/linux applications check ipv6 addresses first, followed lookup ipv4.

  libnss_mdns{4,6,}_minimal.so (new in version 0.8) identical versions without _minimal. however, differ in 1 way. minimal versions deny resolve host names don't end in .local or addresses aren't in range 169.254.x.x (the range used ipv4ll/apipa/rfc3927.) combining _minimal , normal nss modules allows make mdns authoritative zeroconf host names , addresses (and creating no burden on dns servers failing requests) , use fallback else.

• ipv6 support

  • files & dns nss modules, both supports resolving ipv6 besides ipv4.

  • however, mdns4 & mdns4_minimal ipv4.

    same mdns6 & mdns6_minimal ipv6.

    mdns & mdns_minimal support both ipv4 & ipv6, use should avoided if single ip version deployed in network. because try resolve ipv6 fall-back ipv4, can create additional delay.

    btw, current default setup of avahi ipv4, decentralized service. go ipv6, alls machine should reconfigured use ipv6 in nsswitch , avahi too.

• are there other []'s similar [notfound=return]?

  yes, can see man nsswitch.conf

     action may specified following service specification.    action  modifies     behavior  following   result obtained preceding data source.  action items    take general form:         [status=action]        [!status=action]             status => success | notfound | unavail | tryagain        action => return | continue     ! negates test, matching possible results except 1 specified.   case    of keywords not significant.      status  value matched against result of lookup function called pre‐    ceding service specification, , can 1 of:         success     no error occurred , requested entry returned.  default action                    condition "return".         notfound     lookup succeeded, requested entry not found.  default                    action condition "continue".         unavail     service permanently unavailable.  can  mean  either                      required file cannot read, or, network services, server                    not available or not allow queries.  default action con‐                    dition "continue".         tryagain     service temporarily unavailable.  mean file locked                    or server cannot accept more connections.  default  action                    condition "continue".     action value can 1 of:         return      return  result now.  not call further lookup functions.  however,                    compatibility reasons, if selected action    group                    database , notfound status, , configuration file not con‐                    tain initgroups line, next lookup function called, with‐                    out affecting search result.         continue    call next lookup function. 

related questions:

• why host command not resolve entries in /etc/hosts?