Local DNSSEC resolver and Docker(containers)

P J P pjp at fedoraproject.org
Thu Jan 15 13:57:59 UTC 2015

   Hello all,

Please see:
  -> https://fedoraproject.org/wiki/Changes/Default_Local_DNS_Resolver
  -> https://pjps.wordpress.com/2014/05/02/local-dns-resolver-in-fedora/

This is an upcoming F22 feature; it proposes to install a local DNSSEC

validating DNS resolver running at on Fedora systems. This
feature is already available in F21. One can easily run the local DNSSEC
enabled resolver by

    $ sudo yum install dnssec-trigger

    $ sudo systemctl enable dnssec-triggerd.service
    $ # disable and stop any existing DNS service, e.g., dnsmasq
    $ sudo systemctl start dnssec-triggerd.service

Though it works for most of the use-cases. Docker(or container) applications
seem to face problems in accessing the host's DNS resolver at

I'm no expert on Docker(or container) applications. I was wondering if someone
could help in testing Docker(or container) applications with the local DNSSEC
validating resolver on F21.

Any results from this exercise would be immensely helpful in fixing bugs and
sorting out edge cases, thus making the solution robust and ready for F22 release.

I'm willing to help in any way I could. As always, your comments and suggestions
are most welcome!

Thank you.

More information about the cloud mailing list