Latest systemd news
Robert Moskowitz
rgm at htt-consult.com
Tue Nov 18 02:26:27 UTC 2014
On 11/17/2014 06:54 PM, Rahul Sundaram wrote:
>
> Hi
>
> On Mon, Nov 17, 2014 at 5:09 PM, Chris Adamswrote:
>
>
> Why did the systemd
> project add this to the scope of the project for "a system and service
> manager for Linux"?
>
>
> This was something that could have been easily asked to systemd
> developers rather than the long rant that was posted. In any case,
>
> https://lwn.net/Articles/621201/
>
> Also CoreOS sponsored development of a lot of network stack. You can
> refer to their guides on how they are using it.
"already from the basic design resolved is very different from unbound.
resolved keeps a seperate "scope" for the DNS servers on each interface.
A "scope" is a resolver state machine plus a cache. That way, we can
neatly separate VPN DNS servers from internet DNS servers, and merge
them transparently. That means that with resolved in the mix for the
first time you don't lose access to your LAN's DNS names, fully
automatically, without any manual hacks. Also, as interfaces come and go
their caches do too with this scheme, hence all the cache flushing
complexity of dnssec-trigger doesn't exist at all. Then, because we
actually implement LLMNR and DNS int he same stack (as well as mDNS very
soon), we can transparently merge those protocols too."
For those of us that deal with VPNs, we know how hard split horizon is,
and actually how important it is for good performance. It is almost a
shame it took until now for someone to address DNS by Interface.
Actually it coincides with work in IETF on such matters.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20141117/cd2fc8ed/attachment.html>
More information about the users
mailing list