<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-cite-prefix">On 11/26/22 14:14, Feng Shao wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAJGJRzQC5Q2STnR3HBOOYRFYgazU9wYM7sBOcsm6jfQO7OWkCg@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div>
<div dir="auto">Thanks for the reply Petr.</div>
<div dir="auto">Let me explain more about the motivation: I am a
developer and our testers test the code on various
environments, including VMs on cloud and k8s worker nodes from
cloud providers. These machines and IPs are not
provisioned/allocated by dnsmasq. For cost reason, these
environments only lives for a short period of time, like one
week or so, and testers provision these IPs directly without
awareness of network administrators, that’s also why we don’t
configure hostname for these machines in DNS system. Also I
can not know in advance the list of possible IPs.</div>
</div>
</blockquote>
I think the best place to find a solution would be on provisioning
those VM. Understood, they are just temporary machines. But
especially for those hostname assigned by DHCP server would make
more sense to me. I work on DNS and dislike having to type full IPs.
Dnsmasq is used in some cloud technologies also. Depends on the
interface available for testers to start a new VM. I would expect
readiness to auto-register a name instance to DNS on most common
cloud interfaces.<br>
<blockquote type="cite"
cite="mid:CAJGJRzQC5Q2STnR3HBOOYRFYgazU9wYM7sBOcsm6jfQO7OWkCg@mail.gmail.com">
<div>
<div dir="auto"><br>
</div>
<div dir="auto">Whenever tester find some issue or need help,
they give me the IP of the environments and I need to ssh to
that environment. Because I will probably login to that same
machine several times since the testers are testing my code on
that machine recently, I want to setup passwordless login. So
I normally ssh-copy-id -i <~/.ssh/<a
href="http://id_rsa.work" target="_blank"
moz-do-not-send="true">id_rsa.work</a>> <IP>first,
then ssh to that machine. In order to instruct ssh to use my
ssh key when connecting to that IP, I have below lines in my
.ssh/config:</div>
</div>
<div>
<div dir="auto"><span
style="word-spacing:1px;border-color:rgb(49,49,49);color:rgb(49,49,49)"><br>
</span></div>
<div dir="auto"><span
style="word-spacing:1px;border-color:rgb(49,49,49);color:rgb(49,49,49)">Host
*.mylab</span></div>
<div dir="auto"><span
style="word-spacing:1px;border-color:rgb(49,49,49);color:rgb(49,49,49)">
User root</span></div>
<div dir="auto"><span
style="word-spacing:1px;border-color:rgb(49,49,49);color:rgb(49,49,49)">
IdentityFile ~/.ssh/</span><a href="http://id_rsa.work/"
style="font-size:1rem;word-spacing:1px;border-color:rgb(66,133,244)"
target="_blank" moz-do-not-send="true">id_rsa.wor</a>k</div>
</div>
</blockquote>
<p>Did you know you can use also multiple patterns in ssh_config?
Like:</p>
<p>Host *.mylab 123.123.123.*<br>
User root<br>
IdentityFile ~/.ssh/<a href="http://id_rsa.work/"
style="font-size:1rem;word-spacing:1px;border-color:rgb(66,133,244)"
target="_blank">id_rsa.wor</a>k</p>
<p>My point is, I would understand if you had entries like:</p>
<p>address=/lab-123.mylab/123.123.123.123<br>
address=/lab-124.mylab/123.123.123.124</p>
<p>dynamic-host should help with such setup as DHCP server, but
won't work in your case.<br>
</p>
<p>But if you have full IP in the hostname, then what is the reason
for a hostname anyway? It is not easier to remember or type. It is
longer than just IP. And if you wanted to use IPv6, then similar
solution would become too inefficient.</p>
<p>Take a look into --synth-domain option. It does format IPs a
different way, but may provide very similar feature you are
looking for. Should work for both IPv4 and IPv6.<br>
</p>
<p></p>
<blockquote type="cite"
cite="mid:CAJGJRzQC5Q2STnR3HBOOYRFYgazU9wYM7sBOcsm6jfQO7OWkCg@mail.gmail.com">
<div>
<div dir="auto"><br>
</div>
</div>
<div>
<div dir="auto">And lines like below in /etc/hosts:</div>
<div dir="auto"><span
style="word-spacing:1px;border-color:rgb(49,49,49);color:rgb(49,49,49)">address=/<a
href="http://123.123.123.123"
style="border-color:rgb(66,133,244)" target="_blank"
moz-do-not-send="true">123.123.123.123</a>.</span><span
style="word-spacing:1px;border-color:rgb(49,49,49);color:rgb(49,49,49)">mylab/</span><a
href="http://123.123.123.123/"
style="font-size:1rem;word-spacing:1px;border-color:rgb(66,133,244)"
target="_blank" moz-do-not-send="true">123.123.123.123</a></div>
<div dir="auto"><span
style="word-spacing:1px;border-color:rgb(49,49,49);color:rgb(49,49,49)">address=/<a
href="http://123.123.123.123"
style="border-color:rgb(66,133,244)" target="_blank"
moz-do-not-send="true">123.123.123.12</a>4.</span><span
style="word-spacing:1px;border-color:rgb(49,49,49);color:rgb(49,49,49)">mylab/</span><a
href="http://123.123.123.123/"
style="font-size:1rem;word-spacing:1px;border-color:rgb(66,133,244)"
target="_blank" moz-do-not-send="true">123.123.123.12</a>4<br>
</div>
<div dir="auto"><br>
</div>
<div dir="auto">So that I can now “ssh 123.123.123.123.mylab” </div>
<div dir="auto"><br>
</div>
<div dir="auto">As you can see, the problem here is, whenever a
new IP comes, I need to add a new entry in /etc/hosts. So what
I want is any <IP>.mylab is resolved to <IP>.</div>
<div dir="auto"><br>
</div>
<div dir="auto">A key pair can be specified when creating VM on
cloud, but I can not ask every tester add my ssh key pair when
creating VM.</div>
<div dir="auto"><br>
</div>
<div dir="auto"><br>
</div>
<div>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">Petr Menšík <<a
href="mailto:pemensik@redhat.com" target="_blank"
moz-do-not-send="true" class="moz-txt-link-freetext">pemensik@redhat.com</a>>于2022年11月25日
周五19:52写道:<br>
</div>
</div>
</div>
</div>
<div>
<div>
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left-width:1px;border-left-style:solid;padding-left:1ex;border-left-color:rgb(204,204,204)">
<div>
<p>Did you know that dnsmasq registers all hosts by
their name, if they send their own hostname when
requesting DHCP from dnsmasq? Just use domain=mylab
and have that host send hostname. It would make using
names possible without any additional configuration.<br>
</p>
<p>I do not get what is the advantage of having IP
suffixed by some domain. It looks like IP address, but
it is even longer. Names of machines should be easy to
remember or use, I doubt that would be the case here.</p>
<p>I think we have new feature conf-script, which can
generate dnsmasq configuration on the output. But I
doubt we have a possible code for what you describe.
Could you please describe more about intended usage?
Why isn't using just hostname for each host enough?
Using dhcp-host seems enough for similar uses.<br>
</p>
<p>I think DLZ plugins for BIND9 are able to do similar
things to your request, but that would be very
heavy-weight solution. I think more motivation for
your current design should be shared, because I do not
understand advantage of your solution.</p>
<p>Cheers,<br>
Petr<br>
</p>
</div>
<div>
<div>On 11/23/22 06:47, Feng Shao wrote:<br>
</div>
</div>
<div>
<blockquote type="cite"> <span
style="word-spacing:1px;color:rgb(49,49,49)">There
are a bunch of machines in our lab, and we normally
don't have DNS records configured for them, only
accessing by IP. In order to ssh to them with key
auth, I have a config in my .ssh/config like </span><br
style="color:rgb(49,49,49);word-spacing:1px">
<br style="color:rgb(49,49,49);word-spacing:1px">
<span style="word-spacing:1px;color:rgb(49,49,49)">Host
*.mylab</span><br
style="color:rgb(49,49,49);word-spacing:1px">
<span style="word-spacing:1px;color:rgb(49,49,49)">
User root</span><br
style="color:rgb(49,49,49);word-spacing:1px">
<span style="word-spacing:1px;color:rgb(49,49,49)">
IdentityFile ~/.ssh/</span><a
href="http://id_rsa.work/"
style="font-size:1rem;word-spacing:1px"
target="_blank" moz-do-not-send="true">id_rsa.work</a><br
style="color:rgb(49,49,49);word-spacing:1px">
<br style="color:rgb(49,49,49);word-spacing:1px">
<span style="word-spacing:1px;color:rgb(49,49,49)">and
I have some "address=/<a
href="http://123.123.123.123" target="_blank"
moz-do-not-send="true">123.123.123.123</a>.</span><span
style="word-spacing:1px;color:rgb(49,49,49)">mylab/</span><a
href="http://123.123.123.123/"
style="font-size:1rem;word-spacing:1px"
target="_blank" moz-do-not-send="true">123.123.123.123</a><span
style="word-spacing:1px;color:rgb(49,49,49)">" line
in dnsmasq.conf. The problem here is I need to add
an entry whenever a new IP comes.</span><br
style="color:rgb(49,49,49);word-spacing:1px">
<br style="color:rgb(49,49,49);word-spacing:1px">
<span style="word-spacing:1px;color:rgb(49,49,49)">Can
this configuration be dynamically? For example,
"address=/*.mylab/somecmd %1", where "somecmd" is a
external command and %1 will be replaced by the name
in A/AAAA request. So that for any DNS request to
*.mylab, dnsmasq invoke this external command and
pass the name as argument, the output of external
command, which will be interpreted as IPv4/IPv6 addr
then responsed to client?</span> <br>
</blockquote>
</div>
</blockquote>
</div>
</div>
</div>
</blockquote>
<pre class="moz-signature" cols="72">--
Petr Menšík
Software Engineer, RHEL
Red Hat, <a class="moz-txt-link-freetext" href="https://www.redhat.com/">https://www.redhat.com/</a>
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB</pre>
</body>
</html>