On 11/6/22 18:24, Petr Menšík wrote:
Oh, understood. Then it is specific problem to Fedora, because I think
other distributions do not use systemd's implementation of resolvconf
binary.
Hello,
thanks for your answer
I think original Debian resolvconf package does not use -a interface
parameter for anything serious.
Yes, my previous system, an Ubuntu LTS did use another implementation
(and a specific separate package) for resolvconf
It just uses the same interface
identifier to pair -a and -d for the same connection.
Which interface name then ? I don't remember how it worked...anyway
that's out of scope here.
It would be worth filling.
https://urldefense.com/v3/__https://support.f5.com/csp/bug-tracker__;!!JFdNOqOXpB6UZW0!p1wHR1oGE8f-pXcg672tlVjCfI6KPyve0K0fvs6xge9oKxr0CicDlyIge8d3gMbjxRvLQFyakawAYJPOVSNlWzk$
Yes, I'll do it.
it restores it when stopped by copying back /etc/resolv.conf.fp-saved
That is exactly what it should do for a VPN, unless it knows a more
proper way to configure system DNS.
That what resolvconf is for, isn't it ?
Or it may just fill ipv4.dns NM properties maybe.
1) how could, when all resolv.conf-as-a-file-by-NM conf has been
removed (by me) and symlink to stub has been restored (by me)
systemd-resolved, with *no trace* of the vpn nameservers in its own
/run/systemd/resolv/resolv.conf nor seemingly nowhere else, can be
still aware of the vpn nameservers (as described in my initial post
scenario) ?
-> is there a persistent systemd-resolved cache on disk somewhere?
I don't think any persistent cache were ever on disk or that it would be
a good idea. Most dns caches are able to dump contents of cache
somewhere on request, but I haven't found a way to do that with resolvectl.
So how, after "reverting" to my initial state, thinking I have removed
all vpn nameserver references (and rebooted), systemd-resolved is able
to remember them is still to be answered...
-> Is there any other place where the specific ns <-> interface is
persited or stored or is this global updating all there is ?
resolvconf might have some hacks to configure rules just for some
subdomains. openresolv can do something similar. But usually resolvconf
changes just global set of servers if the interface configured has
higher priority than previous. Returns them back when such interface is
stopped. resolvectl layer ignores -m parameter, but it pairs dns
configuration with real interface.
Oh, you mean specific int <-> nameserver is handled in the global
/run/systemd/resolve/resolv.conf which is just swapped and restored ?
AFAIK none such information is
persistent and is lost when systemd-resolved is restarted. But Network
Manager's plugins configures it from NM interfaces again.
Well, again in a default NM (i.e. no dns, nor rc.manager directive,
which on my system means use resolved) NM cannot know about vpn
nameservers as they're not provided on the provile (yes it is green but
lists no ipv4.dns property)
$ nmcli -f GENERAL.NM-MANAGED device show tun0
GENERAL.NM-MANAGED: yes
$ nmcli -f ipv4.dns connection show tun0
ipv4.dns:
Thanks for your help
--
Thomas HUMMEL
