default DNS caching name server on Fedora ?
Neal Becker
ndbecker2 at gmail.com
Fri Jul 6 11:06:25 UTC 2012
Dan Williams wrote:
> On Wed, 2012-06-20 at 16:24 -0400, Paul Wouters wrote:
>> On Wed, 20 Jun 2012, Simo Sorce wrote:
>>
>> > There are at least 2 situations where it is needed, and they are common
>> > or will be common enough.
>> >
>> > The 2 use cases for which a properly configurable and dynamically
>> > changeable caching DNA name server would be really useful are:
>> > - DNSSEC verification
>> > - Clients using VPNs into private networks.
>>
>> This already works out of the box using unbound, dnssec-trigger and
>> openswan. I use it every day to connect to the red hat vpn, even
>> if I'm at a hotspot place.
>
> NM has also done this for a couple years when you use the dnsmasq DNS
> plugin for NM. It'll also set up the reverse address mappings so that
> reverse lookups work, which I found necessary for some stuff (krb5 I
> think?). It's not hard to create a new plugin, one could be created for
> dnssec-trigger and even for unbound by itself.
>
> NM will ask plugins to handle DNS from any source it receives the
> information from, be that static configuration, DHCP, VPNs, PPP, mobile
> broadband, etc. If no plugin is registered, or if those plugins fail to
> handle it, NM falls back to writing /etc/resolv.conf, where, of course,
> you don't get nice split DNS because glibc is simple.
>
> Dan
>
Where dould I find this dnsmasq DNS plugin for NM?
More information about the devel
mailing list