1 |
On 3/10/21 6:27 AM, Mark Knecht wrote: |
2 |
> Caveat - not an expert, just my meager understanding: |
3 |
> |
4 |
> 1) The name 'localhost' is historically for developers who want to |
5 |
> access their own machine _without_ using DNS. |
6 |
|
7 |
Eh.... |
8 |
|
9 |
Using the /name/ "localhost" still uses name resolution. It could use |
10 |
DNS or it may not. It /typically/ means the /etc/hosts file. But it |
11 |
could mean DNS or NIS(+) or LDAP or something more esoteric. |
12 |
|
13 |
IMHO what's special about the "localhost" name in particular is that |
14 |
it's an agnostic / anycast method to say the local host that a given |
15 |
program is running on without regard to what the actual host name is. |
16 |
|
17 |
> 2) By general practice sometime in the deep, dark times 127.0.0.1 was |
18 |
> accepted for this purpose. There's nothing special about the address. |
19 |
|
20 |
Deep, dark times? It's still used every single day across multiple |
21 |
platforms, Linux, Unix, Windows, z/OS, i/OS, you name it. |
22 |
|
23 |
> 3) I read the original quoted comment in the Kerberos Guide as a warning |
24 |
> - 'to make matters worse, __SOME__" |
25 |
|
26 |
What did the warning mean to you? Because I took it as "be careful, |
27 |
your $OS /may/ do this incorrectly". Where "this" is putting the FQDN |
28 |
on the same line as 127.0.0.1 and / or ::1. |
29 |
|
30 |
> 4) In my /etc/hosts I do _NOT_ map my machine's name to the same address |
31 |
> as localhost, avoiding the Kerberos warning: |
32 |
|
33 |
ACK |
34 |
|
35 |
I'm grateful for corroboration, but unfortunately that doesn't speak to |
36 |
why the Gentoo handbook suggests what it does. |
37 |
|
38 |
|
39 |
|
40 |
-- |
41 |
Grant. . . . |
42 |
unix || die |