[systemd-devel] Extend systemd-resolved service to override DNS response

Aditya Sharma aditya.sharma1128 at gmail.com
Wed Feb 15 10:31:31 UTC 2023


Hi Kevin,

*When the TTLs expire, those records in the cache become 'stale', and are
normally purged. Your request is to have an option in systemd-resolved to
*not* purge those records, but to continue serving them in case it is
unable to communicate with the configured recursive resolver(s).*

Sorry for the ambiguity.
What I meant was to keep serving the record after the resolvers are not
operational or during some outage.
We were thinking of an approach where we keep on serving the last known
good FQDNs even after the TTL has expired (only when we are unable to
communicate with the resolvers). For that, we need to intercept the DNS
calls and maintain some kind of local cache. So, wanted to understand how
we can extend systemd-resolved service to serve the purpose.

Thanks
Aditya


On Tue, 14 Feb 2023 at 16:46, Kevin P. Fleming <
lists.systemd-devel at kevin.km6g.us> wrote:

> On Tue, Feb 14, 2023, at 04:04, Aditya Sharma wrote:
>
> Hi Kevin,
>
>
> *If what you mean is that you want to serve 'stale' records from a cache
> when their TTLs have expired and the authoritative servers which provided
> them are not reachable, that's something that a number of existing
> recursive resolvers are able to do and it could be logical for
> systemd-resolved to offer it too.*
> We are looking to prepare a solution similar to this, to serve back
> records for *FQDN*s in case of *timeout *from the DNS server.
> We want to understand how we can extend systemd-resolved to override
> response from DNS server in case of timeouts/failures.
>
>
> Again, you need to be very specific in your request.
>
> systemd-resolved communicates with one or more recursive resolvers (what
> you are calling "DNS server", but that term is ambiguous). If those
> resolvers are not operational, systemd-resolved will continue serving
> records from its cache (if the cache is enabled), until their TTLs expire.
>
> When the TTLs expire, those records in the cache become 'stale', and are
> normally purged. Your request is to have an option in systemd-resolved to
> *not* purge those records, but to continue serving them in case it is
> unable to communicate with the configured recursive resolver(s).
>
> In your original message you referred to a 'negative response' from the
> "DNS server", but that's a completely different situation.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20230215/bb8a4ba5/attachment.htm>


More information about the systemd-devel mailing list