Unwanted Dialup Connections!

[Mike Parson]

On Wed, Mar 24, 2004 at 09:47:56AM +0000, Dene Stringfellow wrote:
> Michael,
> 
> Thanks for your reply.
> 
> Does this mean then that because I want to add a Linux server (- into an
> already functioning network that operates perfectly OK without requiring
> a DNS server), I am forced to setup a DNS server on the Linux box and
> change all the current DNS configurations on all the other network
> devices?

After some more thinking... You might be able to get this to work w/o
setting up DNS, if you're willing to manage a local /etc/hosts file
that lists all machines on your network.  The trick will be to edit
/etc/nsswitch.conf and change your 'hosts' line to just read:

hosts:	files

And then have an empty, or non-existant /etc/resolv.conf file.

You'll need to fix your dial-up scripts to swap out your nsswitch.conf
for one with a 'hosts: files dns' entry when you connect, then move your
dns-free one back when you disconnect though.

Otherwise, the solution I'd take, but I've been doing this for a while,
would be to set up a local DNS server and have all my boxes on the LAN
use it.  Then set up appropriate iptables rules to prevent dialups from
getting triggered from just a DNS lookup.  This might be configurable in
the dialup setting rather than iptables, I've not set up a dialup Linux
box in a while, I don't know what's state-of-the-art in this arena.

Windows and MacOS (at least pre-OS X), had their own internal
network-naming conventions that didn't require DNS.  They dodn't scale
well to big networks, but work well enough for workgroup sized nets.
Linux can speak those protocols too, but it only uses them when trying
to do things on Windows or Mac nets, not for IP related stuff (like
looking up names in an IP routing table).

-- 
Michael Parson
mparson@bl.org