# setting up resolv.conf for multicast DNS...

## jyelloz

Is it possible?  I've tried for a while to get this laptop I obtained and put linux on to properly resolve those *.local. domain names from the macs on my network.  They resolve (on linux) just fine when I use dig with the command

```
joe@presario joe $ dig @224.0.0.251 -p 5353 joes-g4.local

; <<>> DiG 9.2.3 <<>> @224.0.0.251 -p 5353 joes-g4.local

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56085

;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;joes-g4.local.                 IN      A

;; ANSWER SECTION:

joes-g4.local.          10      IN      A       192.168.0.2

;; Query time: 6 msec

;; SERVER: 192.168.0.2#5353(224.0.0.251)

;; WHEN: Wed Apr 21 01:55:44 2004

;; MSG SIZE  rcvd: 47

```

The problem is that there doesn't seem to be a way to tell the resolver to use port 5353 instead of just 53.  This means that all linux programs that use the standard DNS resolving libraries don't get to use port 5353 in my current setup.  If I try to ping the machine joes-g4.local. from the linux machine, the lookup will fail, but if I try to ping presario.local from my mac, it will work fine.  I looked at my configurations on mac os x and they look like:

```
nameserver 224.0.0.251

nameserver ff02::fb

port 5353

timeout 1

```

Gentoo Linux doesn't seem to have a "resolver" folder in /etc.  I only have a resolv.conf file.  I read the manual page on it and it didn't mention the ability to specify a custom port for DNS.  I have howl installed on linux and the computer responds to the defined .local. address from other macs and when I run dig.  Is there some software I'm missing or a way to configure my resolv.conf to work with this?

----------

## Stu_28

Well, the resolv.conf file in your post (using "port 5353") is basically saying for all nameserver entries use port 5353--which I gather is not what you want.  The alternative is to put the port in the nameserver entry itself--which will apply to only that nameserver.  For instance:

```

nameserver 224.0.0.251.5353

nameserver 224.0.0.2

nameserver 224.0.0.3.5353

```

So, for the nameserver 224.0.0.2 it would query port 53, for the other two (224.0.0.251 and 224.0.0.3)  it would query 5353.  You could then have it query the same server sequencially on two different ports:

```

nameserver 224.0.0.251

nameserver 224.0.0.251.5353

```

But, keep in mind that you can only have 3 nameserver entries in your resolv.conf file.  So, doing that with more than one nameserver wouldn't work.  But, generally speaking, the nameserver will be running on one--unchanging--port at the specified IP address.  Therefore, checking two different ports at the same IP address really doesn't need to be done...

----------

## jyelloz

Thanks for the information.  Interesting.  I didn't know that I could specify the port that way.  It doesn't seem to work for me, though.  See, what 224.0.0.251 seems to be a special address that references all computers with services in multicast mode (I'm just being introduced into this stuff so I'm not sure I'm getting it right).  The whole point of it is that you don't have to know about other IPs on the subnet because they'll respond to anything if they are listening with a multicast service.  I only need one entry for that so it isn't much of a problem for me since I am only looking to use multicast DNS and my ISP's DNS servers.  The problem is that I can't specify the port for DNS lookups (seemingly even with your method).  I even tried adding a .53 to the end my regular DNS entries and they stopped working.  It feels like perhaps whatever package provides the DNS resolving functions is old.  On Mac OS X, there's an elaborate structure for multiple configurations based on the network you're in.  We have /etc/resolv.conf for general settings and then there's /etc/resolver/<particular network> for specific network-based settings (that's where I got that file with the port 5353 in it.  In linux, there's only 1 file to work with.  I was just wondering if anyone knew what package supplies this or any other information on this.  Thanks.

----------

## Stu_28

Well, that's no good.  In that case, you might want to use iptables to route queries issued to your IP address (on port 53) to that IP address (on port 5353).  You'll need to compile "IP: advanced router" support into your kernel and add this to your /etc/sysctl.conf:

```

net.ipv4.ip_forward = 1

```

Run `sysctl -p` if you already have the advance router stuff compiled in and don't need to reboot.

As for setting up the tunnel, something like this "should" do the trick (if you didn't already `emerge net-firewall/iptables` ):

```

iptables -I PREROUTING -t nat -p tcp -d your_ip --dport 53  -j DNAT --to 224.0.0.251:5353

iptables -I PREROUTING -t nat -p udp -d your_ip --dport 53  -j DNAT --to 224.0.0.251:5353

```

Then just add "nameserver your_ip" to your /etc/resolv.conf in place of 224.0.0.251 and it should work.

Also, you might want to set up a couple iptables rules to make sure that only your machine and any possible responding DNS servers can access port 53, but it's not really essential (unless a bunch of folks on your network start using you as a DNS--thus eating up your bandwidth).

----------

## Klin'Targ

Hey, not sure if you ever found a solution to this, but I wanted resolution of hostname.local to work as well.

After much searching, it turns out all that is necessary is to install the nss-mdns library http://0pointer.de/lennart/projects/nss-mdns/ and add "mdns4" to the end of your hosts entry in /etc/nsswitch.conf

I couldn't find nss-mdns in portage, but the source on the website works.

----------

## jyelloz

 *Klin'Targ wrote:*   

> Hey, not sure if you ever found a solution to this, but I wanted resolution of hostname.local to work as well.
> 
> After much searching, it turns out all that is necessary is to install the nss-mdns library http://0pointer.de/lennart/projects/nss-mdns/ and add "mdns4" to the end of your hosts entry in /etc/nsswitch.conf
> 
> 

 

Hmm.  Thanks for posting that.  What a coincidence; I actually found that thing a few days ago myself.

A few minutes after getting that I found that there's also a thing you can do in /etc/host.conf.  Just write "mdns on" instead of "mdns off".  They're both good solutions.  I think the nss-mdns one might be better because way I have it now doesn't seem to work for everything.  I'll try that one again.

----------

## Klin'Targ

Ok, tell me if this works out for you.

I was thinking of writing an ebuild for this package and a howto since this is something I was struggling with for a long time.

EDIT: Looks like theres already an ebuild in bugzilla, though you have to rename it to get 0.3:

https://bugs.gentoo.org/show_bug.cgi?id=66295

----------

## jyelloz

Actually, I've switched back to nss-mdns to see if it works and that doesn't seem to work either.  The "problem" programs seem to be the basic tools host and dig (ping works fine).  I'm guessing that this is because they use their own method for resolving DNS names and are not respecting nss-mdns or the resolver in gcc/libc/whatever provides that.

----------

## Klin'Targ

Is it just dig, or do other things such as ssh not work?

I have only tested with ping and ssh so far, and both worked for me.

I will test more apps once I get home.

----------

## jyelloz

 *Klin'Targ wrote:*   

> Is it just dig, or do other things such as ssh not work?

 

So far it has just been dig and host.  It looks like anything that uses the standard resolving library works fine.

----------

