Re: This is bad, was Re: Fedora 33 System-Wide Change proposal: systemd-resolved

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Monday, September 28, 2020 12:42:32 PM MST Lennart Poettering wrote:
> On Mo, 28.09.20 12:14, Paul Wouters (paul@xxxxxxxxx) wrote:
> 
> 
> > On Mon, 28 Sep 2020, Michael Catanzaro wrote:
> >
> >
> >
> > > I don't think it would be smart for employees to voluntarily opt-in to
> > > sending all DNS to their employer anyway... there's little benefit to
> > > the employee, and a lot of downside.
> >
> >
> >
> > Again, it is not up to systemd to limit valid use cases.
> >
> >
> >
> > Perhaps Listen or read to Paul Vixie, father of many Bind software
> > releases:
>
> >
> >
> > https://www.youtube.com/watch?v=ZxTdEEuyxHU
> >
> >
> >
> > https://www.theregister.com/2018/10/23/paul_vixie_slaps_doh_as_dns_privacy
> > _feature_becomes_a_standard/
>
> >
> >
> > There are use cases for and against routing all DNS over your VPN. If
> > systemd wants to play system resolver, it needs to be able to be
> > configured for either use case. You don't get to limit our use
> > cases.
> 
> 
> Configure "." as "routing domain" on a specific iface and the lookups
> wil go there preferably. If you put that on your VPN iface this means
> DNS traffic goes there preferably. If you put that ont he main iface this
> means DNS traffic goes there preferably.
> 
> Ideally you'd use more fine grained routing domains however.
> 
> Lennart

Lennart,

Is that a NetworkManager setting or a systemd-resolved setting? Is that going 
to be exposed in the GUI, or is it something that gets hidden away?

How does systemd-resolved figure out what domains "should" be sent to a given 
connection's DNS server without some arcane incantation from the systemd docs?

-- 
John M. Harris, Jr.

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux