[systemd-devel] systemd-resolved: Using different dns server for a certain suffix
Daurnimator
quae at daurnimator.com
Wed Feb 8 06:28:28 UTC 2017
I'm trying to add tor support to a system that uses systemd for
network configuration.
I have configured tor to listen for local DNS queries on 127.0.0.2.
Now I'd like systemd-resolved to resolve queries that end in ".onion"
to go to that DNS server.
See what I've tried:
02-08 05:59:39 daurnimator at daurn-vultr /etc/systemd/network $ cat tor.network
[Match]
Name=lo
[Network]
DNS=127.0.0.2
Domains=~onion
02-08 06:00:23 daurnimator at daurn-vultr /etc/systemd/network $ dig
@127.0.0.2 frxleqtzgvwkv7oz.onion
; <<>> DiG 9.11.0-P2 <<>> @127.0.0.2 frxleqtzgvwkv7oz.onion
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 899
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;frxleqtzgvwkv7oz.onion. IN A
;; ANSWER SECTION:
frxleqtzgvwkv7oz.onion. 60 IN A 127.192.40.24
;; Query time: 0 msec
;; SERVER: 127.0.0.2#53(127.0.0.2)
;; WHEN: Wed Feb 08 06:00:28 UTC 2017
;; MSG SIZE rcvd: 56
02-08 06:00:28 daurnimator at daurn-vultr /etc/systemd/network $ dig
@127.0.0.53 frxleqtzgvwkv7oz.onion
; <<>> DiG 9.11.0-P2 <<>> @127.0.0.53 frxleqtzgvwkv7oz.onion
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25762
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;frxleqtzgvwkv7oz.onion. IN A
;; Query time: 14 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Wed Feb 08 06:00:31 UTC 2017
;; MSG SIZE rcvd: 51
02-08 06:00:31 daurnimator at daurn-vultr /etc/systemd/network $ sudo
systemctl status systemd-resolved
● systemd-resolved.service - Network Name Resolution
Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service;
enabled; vendor preset: enabled)
Active: active (running) since Wed 2017-02-08 05:52:04 UTC; 9min ago
Docs: man:systemd-resolved.service(8)
http://www.freedesktop.org/wiki/Software/systemd/resolved
http://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
http://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients
Main PID: 29816 (systemd-resolve)
Status: "Processing requests..."
Tasks: 1 (limit: 4915)
CGroup: /system.slice/systemd-resolved.service
└─29816 /usr/lib/systemd/systemd-resolved
Feb 08 05:52:03 daurn-vultr systemd[1]: Starting Network Name Resolution...
Feb 08 05:52:04 daurn-vultr systemd-resolved[29816]: Positive Trust Anchors:
Feb 08 05:52:04 daurn-vultr systemd-resolved[29816]: . IN DS 19036 8 2
49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5
Feb 08 05:52:04 daurn-vultr systemd-resolved[29816]: Negative trust
anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa
18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21
Feb 08 05:52:04 daurn-vultr systemd-resolved[29816]: Using system
hostname 'daurn-vultr'.
Feb 08 05:52:04 daurn-vultr systemd[1]: Started Network Name Resolution.
Feb 08 05:52:06 daurn-vultr systemd-resolved[29816]: Switching to DNS
server 108.61.10.10 for interface ens3.
Feb 08 06:00:31 daurn-vultr systemd-resolved[29816]: Processing query...
More information about the systemd-devel
mailing list