On Mo, 28.09.20 11:06, Andrew Lutomirski (luto@mit.edu) wrote:
Indeed, the problem you're trying to solve is hard.
systemd-resolved is not supposed to be a real DNS *server*. It's supposed to be a good, combined client for the popular name resolution protocols, and the fact that we also listen on a port 53 is mostly to provide compat with local app code that doesn't go through glibc NSS for its name resolution needs. If you expect a full blown DNS server on port 53 then it's not what systemd-resolved is or strives to be.
Then perhaps you should have a libsystemdresolvedclient and start convincing programs that want this behavior to use it.
Oh, we did. It's called "glibc NSS". It's pretty popular, but not popular enough as name resolution API apparently... I doubt we could ever be more successful than glibc with any C library I guess.
I figure we come from different generations though: C libraries is not how you gonna convince Java or Rust or Go peope. In particular as this is an IPC question anyway, not a language binding question.
We offer our APIs via four ways these days:
1. Via D-Bus 2. Via Varlink 3. Via NSS (through the nss-resolve module, which is ultimately just a wrapper around the D-Bus/Varlink thing) 4. Via local DNS stub on 127.0.0.53
As it turns out the latter kinda works everywhere, it's hard to make a case for everyone to not use it if it works for this stuff. It uses DNS as local IPC. Which is pretty universal, and just works for almost everyone.
Lennart
-- Lennart Poettering, Berlin