[systemd-devel] systemd-resolved/NetworkManager resolv.conf handling
Thomas HUMMEL
thomas.hummel at pasteur.fr
Mon Nov 7 10:21:29 UTC 2022
On 11/6/22 18:24, Petr Menšík wrote:
> Oh, understood. Then it is specific problem to Fedora, because I think
> other distributions do not use systemd's implementation of resolvconf
> binary.
Hello,
thanks for your answer
>
> I think original Debian resolvconf package does not use -a interface
> parameter for anything serious.
Yes, my previous system, an Ubuntu LTS did use another implementation
(and a specific separate package) for resolvconf
It just uses the same interface
> identifier to pair -a and -d for the same connection.
Which interface name then ? I don't remember how it worked...anyway
that's out of scope here.
> It would be worth filling.
>
> https://urldefense.com/v3/__https://support.f5.com/csp/bug-tracker__;!!JFdNOqOXpB6UZW0!p1wHR1oGE8f-pXcg672tlVjCfI6KPyve0K0fvs6xge9oKxr0CicDlyIge8d3gMbjxRvLQFyakawAYJPOVSNlWzk$
Yes, I'll do it.
>> it restores it when stopped by copying back /etc/resolv.conf.fp-saved
> That is exactly what it should do for a VPN, unless it knows a more
> proper way to configure system DNS.
That what resolvconf is for, isn't it ?
Or it may just fill ipv4.dns NM properties maybe.
>> 1) how could, when all resolv.conf-as-a-file-by-NM conf has been
>> removed (by me) and symlink to stub has been restored (by me)
>> systemd-resolved, with *no trace* of the vpn nameservers in its own
>> /run/systemd/resolv/resolv.conf nor seemingly nowhere else, can be
>> still aware of the vpn nameservers (as described in my initial post
>> scenario) ?
>>
>> -> is there a persistent systemd-resolved cache on disk somewhere?
> I don't think any persistent cache were ever on disk or that it would be
> a good idea. Most dns caches are able to dump contents of cache
> somewhere on request, but I haven't found a way to do that with resolvectl.
So how, after "reverting" to my initial state, thinking I have removed
all vpn nameserver references (and rebooted), systemd-resolved is able
to remember them is still to be answered...
>> -> Is there any other place where the specific ns <-> interface is
>> persited or stored or is this global updating all there is ?
> resolvconf might have some hacks to configure rules just for some
> subdomains. openresolv can do something similar. But usually resolvconf
> changes just global set of servers if the interface configured has
> higher priority than previous. Returns them back when such interface is
> stopped. resolvectl layer ignores -m parameter, but it pairs dns
> configuration with real interface.
Oh, you mean specific int <-> nameserver is handled in the global
/run/systemd/resolve/resolv.conf which is just swapped and restored ?
AFAIK none such information is
> persistent and is lost when systemd-resolved is restarted. But Network
> Manager's plugins configures it from NM interfaces again.
Well, again in a default NM (i.e. no dns, nor rc.manager directive,
which on my system means use resolved) NM cannot know about vpn
nameservers as they're not provided on the provile (yes it is green but
lists no ipv4.dns property)
$ nmcli -f GENERAL.NM-MANAGED device show tun0
GENERAL.NM-MANAGED: yes
$ nmcli -f ipv4.dns connection show tun0
ipv4.dns:
Thanks for your help
--
Thomas HUMMEL
More information about the systemd-devel
mailing list