> Question: does networkmanager's GUI expose the option to divert particular domains to a special nameserver? That's an
> alternative correct way to achieve layering local names over the global DNS.
IMHO, this cannot be use to solve all the current problems. The issue came out because many, many network access authorization portals are intranet hosts which can be resolved only by the intranet nameserver. There are tons of these around the world and everybody who goes around with a laptop encounters them all the time. When you get to an authorization portal, you may not know what the domain is. You only know what dhcp tells you.
So, either you implement some smart heuristics (e.g., if the first nameserver is on an intranet ip address, try that sequentially), or you stop trusting an authoritative "I do not know that host" and require a confirmation, or you use the sequential access that is typical of the resolv library and of MS windows, because in the context of authorization portals, non-equivalent servers exist and we have little power to change this as long as they work with MS windows and the MAC, so IMHO we need to workaround.
It is unfortunate, but having a "sane" or "insane" behavior in some linux distro will anyway have negligible effect on the spread of non-equivalent servers. It will not discourage or encourage the use of non-equivalent servers, as most people will anyway take what OSes that have majority market share as the de facto standard and only test against that.
To simon, in #14.
> Question: does networkmanager's GUI expose the option to divert particular domains to a special nameserver? That's an
> alternative correct way to achieve layering local names over the global DNS.
IMHO, this cannot be use to solve all the current problems. The issue came out because many, many network access authorization portals are intranet hosts which can be resolved only by the intranet nameserver. There are tons of these around the world and everybody who goes around with a laptop encounters them all the time. When you get to an authorization portal, you may not know what the domain is. You only know what dhcp tells you.
So, either you implement some smart heuristics (e.g., if the first nameserver is on an intranet ip address, try that sequentially), or you stop trusting an authoritative "I do not know that host" and require a confirmation, or you use the sequential access that is typical of the resolv library and of MS windows, because in the context of authorization portals, non-equivalent servers exist and we have little power to change this as long as they work with MS windows and the MAC, so IMHO we need to workaround.
It is unfortunate, but having a "sane" or "insane" behavior in some linux distro will anyway have negligible effect on the spread of non-equivalent servers. It will not discourage or encourage the use of non-equivalent servers, as most people will anyway take what OSes that have majority market share as the de facto standard and only test against that.