[Xorp-users] Well - I'm half working....
Mark Handley
M.Handley@cs.ucl.ac.uk
Tue, 20 Jul 2004 19:50:38 +0100
>[Aside, why does the XORP machine ask www.icir.org to do pointer
>DNS lookups every now and then... That machine replies NX.
>The enquiries are for addresses that would exist in our
>number space but are unused. I suspect there is some low volume
>of port scanning goping on perhaps - but why
>does it ask www.icir.org to do DNS?]
For this release of the LiveCD, I chose to wire in the nameservers. I
needed to choose something because if you're running without a floppy
(and so can't save configuration), you want to be forced to configure
the minimum amount possible on each router boot. So basically I chose
to force you to configure the passwords, and defaulted the rest to
sensible defaults.
The only other alternative seemed to be to run "named" on the router
itself with only a built-in knowledge of the root nameservers, but
running named seemed to be just one more potential source of problems.
The /etc/resolv.conf on the LiveCD contains:
search xorp.org
nameserver 192.150.187.11
nameserver 128.16.6.8
The first of these is at ICSI, and the second is at UCL. Both will
relay requests for you.
Like many OS-related things (such as user admin), there ought to be a
good way to configure this through the XORP CLI, but we don't yet have
that functionality. In any event, you'd still need a sensible default
for people that don't have a floppy drive.
If you do have a floppy drive, you can override this by manually
adding an entry to the manifest file on the floppy, and adding your
own resolv.conf file to the floppy to be copied into the /etc MFS at
boot time.
Hope this explains what's going on!
Cheers,
Mark