[syslog-ng]syslog-ng and DNS

Nate Campi nate@campin.net
Fri, 26 Apr 2002 07:32:45 -0700 

--zx4FCpZtqtKETZ7O
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Apr 26, 2002 at 07:15:53AM -0700, Nate Campi wrote:
> On Fri, Apr 26, 2002 at 03:36:13PM +0200, Jerome Peducasse wrote:
> > Yes, of course but I like none of these propositions.
> > I would like loghost stays independent of network updates (update of IP=
, subnet...).=20
>=20
> I'm sorry Jerome but this is a common problem seen everywhere. Everyone
> else hardcodes a small number of critical IPs that their systems needs to
> have in their config files. These are usually loghosts, nameservers,
> time servers, NIS/NIS+ servers, etc.

This was before coffee, so I didn't explain the problem well. The issue
with naming services is a chicken and egg problem. In order to use the
DNS you need to use nameservers, but you can't refer to those
nameservers by hostnames available only in the DNS. This is why
resolvers use IPs for the local nameservers in their configuration.

Many services start before the network is even up, so the only way to
use any hostnames for these services is by using a name mapping
mechanism that doesn't require network access. /etc/hosts comes to mind.

If you're absolutely dying to have name services work for a few critical
hosts, the answer should be obvious by now, maintain a central /etc/hosts
file, and dist it out via rdist/rsync to all your hosts. This way you
can modify it as needed (like the DNS) and use hostnames for services=20
that may start before the DNS can be accessed.

P.S. Time servers was a bad example of hard coded IP, I was just
thinking of naming services and other services that start really early
on before network based nameservices, like syslog. Again, it was before
coffee ;)
--=20
"First we thought the PC was a calculator. Then we found out how to turn
numbers into letters with ASCII - and we thought it was a typewriter.
Then we discovered graphics, and we thought it was a television. With
the World Wide Web, we've realized it's a brochure."   =20
 - Douglas Adams (1952-2001)=20


--zx4FCpZtqtKETZ7O
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8yWUNWpDEZMF673kRAlWMAJoCvdcC3GzjoMgUBVVx9WQhuWPgUACfXgNi
4zHieXOpoaqCNmojtso8JDw=
=jTVD
-----END PGP SIGNATURE-----

--zx4FCpZtqtKETZ7O--