Subject: Re: hostname?
To: None <netbsd-help@netbsd.org>
From: Courtney R. Spencer <cspencer@gmail.com>
List: netbsd-help
Date: 02/05/2007 16:39:00
On 2/2/07, George Georgalis <george@galis.org> wrote:
> not necessarily. I've been setting hostnames without the domain
> for a while, and it works very well. I think the only reason you
> need to tell the host it's domain is for mail and the MTA can be
> configured other ways than by setting hostname.
>
> At most sites short hostname will require three additional steps,
> vs FQDN style hostname:
>
> 1) put a proper search domain in resolv.conf
> 2) configure your MTA to add a FQDN (not hostname) for local messages
> 3) configure lan (and/or wan) dns with proper records
>
> The practice ends up being really useful when you
> have multiple networks and/or interfaces. eg the
> host "acorn" has 3 interfaces each with their own
> /24 network.
>
> acorn.masq (192.168.1.50)
> acorn.pvt (192.168.70.50)
> acorn.work (10.0.0.50)
>
> acorn has has a gateway of 192.168.1.1 (which is on .masq) and
> acorn is a gateway for .pvt and .work networks.
>
> acorn runs a smtp relay and a dhcpd (which hands out an appropriate
> resolv.conf search field for the respective network) for .pvt and
> .work.
>
> the nameserver runs on 192.168.1.50, so all networks can use
> it. With a little firewall magic, from host.pvt I can ping
> host.work, acorn.work, acorn.pvt, acorn.masq or the internet.
>
> getting pf.conf, dhcpd.conf, MTA and DNS setup the first time
> takes a lot of steps, but once that's worked out, it's easy to add
> or remove hosts and having A and PTR records that correspond to the
> networks they are on, works real nice too. (I typically set CNAME
> records on .pvt for .work hosts so I can reach .work hosts from
> .pvt without specifying the FQDN.)
>
> so... I always use short hostname when I set the hostname, it
> especially makes sense when the host is connected to more than one
> network, or the host gets moved or otherwise doesn't know the name
> of the network it's on (eg masq).
Applications such as kerberos require the identity of the server to
match the PTR record of the ip used for remote access. The A or CNAME
generally does not matter when requesting a ticket granting ticket.
You can override some applications by setting the name used in the
keytab as the first entry in /etc/hosts, but in practice, you would
not want to set a PTR record to be a shortname. There might be other
implications of setting the hostname as the shortname when bringing
security into the discussion