[systemd-devel] nss-myhostname: why don't loopback interfaces appear?

Lennart Poettering lennart at poettering.net
Wed Jun 10 16:43:20 PDT 2015 

On Wed, 10.06.15 12:18, Daurnimator (quae at daurnimator.com) wrote:

> On 9 June 2015 at 20:36, Lennart Poettering <lennart at poettering.net> wrote:
> > On Wed, 03.06.15 16:31, Daurnimator (quae at daurnimator.com) wrote:
> >
> >> On 3 June 2015 at 16:01, Lennart Poettering <lennart at poettering.net> wrote:
> >> > On Wed, 03.06.15 15:40, Daurnimator (quae at daurnimator.com) wrote:
> >> >
> >> >> I was playing around with nss, and found that my loopback interface ip
> >> >> doesn't appear from nss-myhostname.
> >> >> Rather, my other ones do.
> >> >> Furthermore, unless I request IPv4, link-local IPv6 addresses are
> >> >> returned. Is this expected?
> >> >
> >> > We order the returned addresses by scope. Global addresses are
> >> > placed first, local ones last.
> >>
> >> Then why are link local IPv6 addresses returned first?
> >>
> >> If this was the case, I would expect to see:
> >>
> >> 192.168.2.229
> >> 192.168.2.21
> >> fe80::aed1:b8ff:fec0:d113
> >> fe80::9eeb:e8ff:fe1b:f42d
> >> 127.0.0.1
> >> ::1
> >
> > Currently the first ordering key is the address family (ipv4 before
> > ipv6), the second ordering key is the scope (global before
> > link-local).
> >
> > Are you suggesting we should turn this around, and sort by scope
> > first, and by address family then? I might be open to such a change.
> 
> Here I was just observing that in my mind, a scope local ipv6 address
> is less "global" than an ipv4 address;
> and hence doubting your statement that things are ordered "most
> global" to "least global"
> 
> >> > We return addresses on the loopback device only when there's no other
> >> > address known.
> >>
> >> What's the rationale for this? (i.e. why not always just include
> >> 127.0.0.1 and ::1 last?)
> >
> > Because they are an implementation detail I think. If something wants
> > to know the local IP address, then returning that information is
> > really useless...
> >
> > 127.0.0.x is really an address we should never present to the user
> > ever, unless there#s no better way... I mean, I am pretty sure I could
> > explain a non-technical person off the streat what an IP address is,
> > but I am pretty sure I'd had quite some trouble explaining what the
> > purpose of 127.0.0.1 is on top of that...
> 
> example use case, I'm testing a client/server protocol:
>   - the server is running locally; and because it shouldn't be exposed
> to the internet, it is bound to localhost.
>   - I start the client and tell it to connect to $HOSTNAME
>   - This should find it's way to the loopback interface.

Why not use "localhost" to connect to here, instead of $HOSTNAME?

In general: nss-myhostname resolves without any /etc/hosts

   1. "localhost" to 127.0.0.1 and ::1

   2. your local hostname $HOSTNAME to the set of locally configured
      IP addresses, excluding the ones of the loopback device, except
      when those are the only addresses configured, in which case
      127.0.0.2 is returned.

   3. "gateway" to the addresses of the gateways of all the default routes currently in effect

If you want $HOSTNAME to always resolve to a loopback address, then
that's an indication that you probably actually want to use
"localhost". Vice verse, if you want "localhost" to map to your local
IP addresses then you probably want to use $HOSTNAME instead.

The behaviour described above is very much in line with how things
have been set up on popular distros for a while actually, except this
is now fully dynamic instead of requiring one-time editing of
/etc/hosts..

Lennart

-- 
Lennart Poettering, Red Hat

More information about the systemd-devel mailing list