[dns-operations] DNS at FOSDEM 2016
edmonds at mycre.ws
Wed Feb 3 19:07:33 UTC 2016
Ralf Weber wrote:
> The OS having an resolver is a great idea until it has a problem,
> which may be the reason that a lot of OS vendors so far haven't done
I can't think of a commonly used OS that doesn't have a resolver. Some
even have a long running resolver service that provides system-wide
caching, which traditionally has been missing from GNU/Linux systems.
(nscd exists, but is not widely used, TTBOMK.)
For disambiguation purposes: I believe the systemd folks are working on
a "Validating Security-Aware Stub Resolver", not a "Security-Aware
Recursive Name Server".
> I do hope that the systemd people offer an option not to use it.
Yes, this is easy. You list "dns" instead of "resolve" for 'hosts'
lookups in /etc/nsswitch.conf. In fact the nss-resolve module will
chainload nss-dns, in certain cases where the systemd-resolved service
is not available (e.g., early boot).
More information about the dns-operations