Latest systemd news

Robert Moskowitz rgm at
Tue Nov 18 02:26:27 UTC 2014

On 11/17/2014 06:54 PM, Rahul Sundaram wrote:
> Hi
> On Mon, Nov 17, 2014 at 5:09 PM, Chris Adamswrote:
>       Why did the systemd
>     project add this to the scope of the project for "a system and service
>     manager for Linux"? 
> This was something that could have been easily asked to systemd 
> developers rather than the long rant that was posted.  In any case,
> Also CoreOS sponsored development of a lot of network stack.  You can 
> refer to their guides on how they are using it.

"already from the basic design resolved is very different from unbound. 
resolved keeps a seperate "scope" for the DNS servers on each interface. 
A "scope" is a resolver state machine plus a cache. That way, we can 
neatly separate VPN DNS servers from internet DNS servers, and merge 
them transparently. That means that with resolved in the mix for the 
first time you don't lose access to your LAN's DNS names, fully 
automatically, without any manual hacks. Also, as interfaces come and go 
their caches do too with this scheme, hence all the cache flushing 
complexity of dnssec-trigger doesn't exist at all. Then, because we 
actually implement LLMNR and DNS int he same stack (as well as mDNS very 
soon), we can transparently merge those protocols too."

For those of us that deal with VPNs, we know how hard split horizon is, 
and actually how important it is for good performance.  It is almost a 
shame it took until now for someone to address DNS by Interface.  
Actually it coincides with work in IETF on such matters.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list