[ale] incorrect /etc/resolv.conf after switching provider

JK jknapka at kneuro.net
Wed Jul 15 15:34:00 EDT 2009


Omar Chanouha wrote:
> I switched from comcast to clear today, but I am experiencing lookup
> delays, which I think are coming from and incorrect /etc/resolv.conf:
> 
> # Generated by dhcpcd from wlan0
> # /etc/resolv.conf.head can replace this line
> search s3woodstock.ga.atlanta.comcast.net
> nameserver 192.168.15.1
> nameserver 192.168.1.1
> # /etc/resolv.conf.tail can replace this line
 >
> Can anyone tell me where dhcpcd is getting this information? Is it the
> router(linksys)? Is it in a cache somewhere?


I think we'd need to know more about your network setup to answer
this question with any confidence.  Idle speculation follows, starting
with the observation that the resolv.conf text implies you're
running DHCP on a wireless interface, which in turn implies you
are using a wifi router between your Linux box and your ISP's
uplink.

It's getting that data from the DHCP server.  Typically, if you have
an off-the-shelf consumer-grade router, the router gets its external
address and DNS server IPs from the ISP.  It then NATs all outgoing
traffic, and provides internal DHCP services to clients on the local
network.  When a client asks for DNS server addresses, the router
does one of two things (depending on how it's configured):

1) Pass those same DNS server addresses on to clients. In this case,
client machines will talk directly to the ISP's DNS servers.

or

2) Provide its own (the router's) internal address as a DNS server,
and pass DNS requests on to the ISP's DNS servers.

In my fairly limited experience, 2) is more common. It's not
totally obvious which is the case here, though. You seem to have
DNS servers on two different subnets, both with non-globally-routable
addresses.  That sort of smells like those addresses were provided
by the ISP.  But OTOH that would also imply the ISP is giving its
clients non-routable addresses on their internet-facing links,
indicating a layer of NAT upstream from you (at the ISP, not in
your router), which is Very Evil.

-- JK



More information about the Ale mailing list