Changing nameservers on the fly

[betweendayandnight]

Firstly, I am using a snapshot of OpenBSD, a.k.a. OpenBSD 5.10.

Secondly, I wish to know if it is at all possible to change nameservers on the fly when I am already connected to the internet.

If it is possible, should I change the nameservers in dhclient.conf, resolv.conf or resolv.conf.tail? Obviously the procedure should not require a reboot.

Has some kind soul already written a script to automate the process?

(I was unable to find the answers in the man pages. Hence this post.)

[e1-531g]

OpenBSD-current, in the future is going to become OpenBSD 6.0.
DNS servers configuration is in resolv.conf, but it can be overwritten by dhclient(8), so you must prevent that by for example dhclient.conf.
I don't know in depth how libraries and programs handle resolv.conf internally, though. I don't know if they, in this regard, are fully stateless. Maybe they will for some seconds or minutes still using old nameservers.
You can also use Unbound resolver found in base. You can change configuration file and reload configuration using rcctl(8). This still doesn't guarantee immediate results in all programs, because programs can cache some entries internally, but it will not require them to spot changes in resolv.conf.

[jggimi]

What the heck is -current?

At the moment, -current is called "5.9-current" but it is already about 2 months of development beyond 5.9-release. It will be renamed "6.0-current" at some point during this development cycle, and then as the time comes to wrap up development and ensure adequate testing, it will be temporarily named "6.0-beta". It may then return to "6.0-current" before temporarily being named "6.0" for a brief period as the -release is prepared, then will become "6.0-current" before being renamed 6.1-current during the next development cycle. Lather, rinse, repeat. FAQ 5.1 may help.

I want to change nameservers on-the-fly. How does that work?

You alter nameservers by altering the nameserver records in resolv.conf(5). How you decide to do that is up to you, but you should first understand how resolution works on OpenBSD. In particular, if you are using DHCP for network configuration, the resolv.conf(5) file is automatically configured, and any revisions you make to the file will be overlaid the next time a lease is renewed or the DHCP client is restarted. The most common way to use DHCP and to apply one's own choice of nameservers is to use a supersede domain-name-servers directive in dhclient.conf(5).

The DHCP client used on OpenBSD, the dhclient(8) program, re-writes the resolver(3) configuration file resolv.conf(5) each time it is started, and at every DHCP lease renewal, which takes place after 50% of a lease lifetime has been expended. The lease lifetime is set by the DHCP server.

The resolv.conf.tail(5) file will be appended to resolv.conf(5) every time the file is rewritten by dhclient(8).

The dhclient(8) program will make assignments to provision a network based on directives from the DHCP server, pursuant to the rules you provision in the dhclient.conf(5) file. This configuration file can set interpretation rules, such as ignore or the previously mentioned supersede.

---

The resolver(3) man page lays out the general description of resolution procedures, and points to all of the library routines that are used, such as gethostbyname(3). I recommend reviewing these man pages if you are interested in the details of the resolution process..

[betweendayandnight]

Quote:

Originally Posted by jggimi

What the heck is -current?

Thanks for the detailed explanation.

But as the famous Bard once wrote, a rose by any other name will still smell as sweet, don't you agree?

Quote:

Originally Posted by jggimi

You alter nameservers by altering the nameserver records in resolv.conf(5).

Thanks for your answer.

Quote:

Originally Posted by jggimi

In particular, if you are using DHCP for network configuration, the resolv.conf(5) file is automatically configured, and any revisions you make to the file will be overlaid the next time a lease is renewed or the DHCP client is restarted. The most common way to use DHCP and to apply one's own choice of nameservers is to use a supersede domain-name-servers directive in dhclient.conf(5).

I have already done that. I used the supersede domain-name-servers directive in dhclient.conf(5) to change the nameservers provided by my ISP to the ones that I prefer.

Quote:

Originally Posted by jggimi

The dhclient(8) program will make assignments to provision a network based on directives from the DHCP server, pursuant to the rules you provision in the dhclient.conf(5) file. This configuration file can set interpretation rules, such as ignore or the previously mentioned supersede.

I apologize for not having been clear on what I wanted to do.

I wish to change nameservers for a session only, that is, only for the duration while I am surfing the internet.

Can I do something like the following?

1. My dhclient.conf has the following line: supersede domain-name-servers 8.8.8.8

2. As soon as my machine is connected to the internet, I edit dhclient.conf by doing the following:

#supersede domain-name-servers 8.8.8.8;
supersede domain-name-servers 50.116.40.226;

I save dhclient.conf and don't reboot my machine.

Next when I type the name of a website into my browser's search field, will DNS resolution be performed by
50.116.40.226 or 8.8.8.8 ?

Quote:

Originally Posted by jggimi

The resolver(3) man page lays out the general description of resolution procedures, and points to all of the library routines that are used, such as gethostbyname(3). I recommend reviewing these man pages if you are interested in the details of the resolution process..

I did read it before I posted my question on this forum.

[e1-531g]

Quote:

Originally Posted by betweendayandnight

2. As soon as my machine is connected to the internet, I edit dhclient.conf by doing the following:

#supersede domain-name-servers 8.8.8.8;
supersede domain-name-servers 50.116.40.226;

I save dhclient.conf and don't reboot my machine.

You machine is still going to have old nameserver in resolv.conf. You need to manually run dhclient(8) after that to alter resolv.conf.

[betweendayandnight]

Quote:

Originally Posted by e1-531g

You machine is still going to have old nameserver in resolv.conf. You need to manually run dhclient(8) after that to alter resolv.conf.

How do I manually run dhclient(8)?

According to the man page (URL: http://man.openbsd.org/OpenBSD-current/man8/dhclient.8), I can issue signal HUP.

Do I issue a command like the following?

sudo HUP dhclient

[e1-531g]

I just type into terminal dhclient and it works, but maybe there is better method.
I think signal sending is done through kill(1) command

[jggimi]

You can re-run dhclient(8), but per its man page a HUP signall is preferred. pkill(1) may be more convenient to a scripted solution than kill(1), since dhclient(8) does not store a PID in /var/run to find with a script.

[betweendayandnight]

Quote:

Originally Posted by jggimi

You can re-run dhclient(8), but per its man page a HUP signall is preferred. pkill(1) may be more convenient to a scripted solution than kill(1), since dhclient(8) does not store a PID in /var/run to find with a script.

According to the man page for pkill(1) (URL: http://man.openbsd.org/OpenBSD-current/man1/pgrep.1), I should issue the pkill(1) command like thus:

sudo pkill -HUP dhclient

Is the above command syntactically correct?

Once I have killed dhclient(8), how do I restart it? Or, does it restart automatically by itself?

[jggimi]

pkill and kill don't kill, per se. They send signals. Which by default is SIGTERM, "terminate."

In this case, you are sending a SIGHUP, "hang up." With that signal, dhclient will not terminate. It will reload its configuration file, and renew leases.

[ocicat]

Quote:

Originally Posted by betweendayandnight

Do I issue a command like the following?

sudo HUP dhclient

Not if you are using the base installation of OpenBSD 5.9.

sudo has been moved from the base installation to ports as security/sudo.

The replacement in OpenBSD's base installation is called doas(1). The doas.conf(5) manpage will describe the differing grammar.

[e1-531g]

Code:

doas pkill -1 -o dhclient

and

Code:

doas pkill -HUP -o dhclient

and

Code:

doas pkill -SIGHUP -o dhclient

Seems to work.