[systemd-devel] resolved vs. DNS servers listening on Linux dummy interfaces

Peter Mattern pmattern at arcor.de
Mon May 9 13:34:56 UTC 2022 

Hi, Petr.

 > Do you need any systemd-resolved specific features?
Primarily, it's about the way directive Domains allows for directing 
queries to particular DNS servers based on the queries' domains.
I'm using it to restrict the ISP's DNS server to the ISP's domain, use a 
local DNS server for local subdomains and have a DNS server like Quad 9 
serve all the rest.
This can be achieved with other applications, too, e. g. dnsmasq. But I 
find it more handy to configure with networkd/resolved, in particular, 
when these are already in use anyway.

 > I don't think resolved considers it common to have more than one DNS 
server on the localhost.
As I understand it, it's the very purpose of directive Domains to have 
systemd-resolved interact with various different DNS servers. So why 
shouldn't one of these run on the same host as resolved?

 > unbound, knot-resolver
These aren't an option. I do not need a cache only, but want to serve 
the said local-only subdomain, which also needs to comprise RRs other 
than [AAA]A like CNAME, MX or TXT.

 > dnsmasq
This is indeed what I've been using so far. But I'd like to replace it 
for several reasons.
I'm not happy with its development any more in many ways.
The network configuration I need involves things like Prefix Delegation 
which I find easier to handle with networkd. So dnsmasq is limited to 
the DNS part, which in turn I'd prefer to configure with a server like 
Knot. I find this simply easier, e. g. I can use a regular zone file and 
don't have to memorize a bunch of custom dnsmasq switches.

Serving a whole LAN is probably not exactly what resolved was primarily 
meant for. But my LAN isn't that big and so far having its stub resolver 
listen on the router's downstream interface is working like a charm.

That aside my actual question was, whether resolved shouldn't recognize 
a DNS server on a Linux dummy interface just the way it recognizes 
servers on regular hardware links.
And I'd find this interesting to know totally independent from the maybe 
a bit particular rest of my setup.

More information about the systemd-devel mailing list