default local DNS caching name server
Paul Wouters
paul at nohats.ca
Sat Apr 12 15:07:00 UTC 2014
On Sat, 12 Apr 2014, Chuck Anderson wrote:
> I don't disagree that there is lots of broken DNS out there. But
> realistically, we still need to default to using the DHCP-provided DNS
> servers as forwarders because there are unfortunately lots of
> circumstances where this is required to resolve corporate DNS names or
> to allow captive portals to work. If the local caching resolver is
> intelligent enough, it can handle the common use cases (corporate DNS
> resolution, VPN into corporate, captive portals) and work around the
> common failure modes (automatic cache flushing, switching to iterative
> mode to bypass upstream nameservers when necessary, using both the
> upstream nameservers AND iterative queries and combining the results)
> for us.
>
> What we cannot do is have the default be to bypass the upstream DNS
> resolvers without some way to handle the above cases.
correct, which is why Anaconda should configure the DNS server that
comes in via kickstart or administrator as a forwarder into unbound.
It is one of the modifications required for this feature.
Paul
More information about the devel
mailing list