On Tuesday, September 29, 2020 5:13:48 AM MST Zbigniew Jędrzejewski-Szmek wrote: > On Mon, Sep 28, 2020 at 11:41:12PM -0700, John M. Harris Jr wrote: > > > On Monday, September 28, 2020 9:39:17 AM MST Michael Catanzaro wrote: > > > > > You can do this, but again, you need to use the command line. E.g. > > > 'resolvectl dns tun0 8.8.8.8' > > > > > > We're actually no longer debating how systemd-resolved works; rather, > > > we're now debating how NetworkManager chooses to configure > > > systemd-resolved. systemd-resolved just does what it's told to do. It's > > > > > > actually NetworkManager that decides to split DNS according to routing > > > by default as a matter of policy. It could do otherwise if it wanted > > > to, but I think this is a good default. Nothing stops you from changing > > > > > > it though. :) > > > > > > Michael, > > By what mechanism does NetworkManager "split DNS according to routing"? If > > it hasn't already made a request from both your cleartext and your VPN > > connection's DNS servers, it has no way of knowing what network should be > > used to get the right results. Routing and DNS are unrelated. > > > NetworkManager pushes DNS server configuration (and associated bits like > domain search and routing domains) over dbus to resolved. That way it > "[tells resolved how to] split DNS according to routing". Of course, after > the name has been resolved to an IP address, the packets to that IP address > are routed too. So there is "routing" in the sense of deciding which > interface is appropriate for a given DNS name and "routing" in the sense of > deciding which interface is appropriate for a given IP address. It seems that the terminology is fairly confusing, considering it's right alongside actual routing configuration.. Okay, so "routing" means something wildly different than you'd think with systemd-resolved, got it. In most cases, in order to get to a DNS server inside a VPN, your packets have to have a route which can reach the IP of that server for that interface, which is configured using NetworkManager (or a VPN config file, imported into NM). Anyone that understands basic networking will likely be confused by this terminology. That aside, where in NetworkManager do these "routing domains" get specified? -- John M. Harris, Jr. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
