[dns-operations] which breakage is this? FreeBSD.org / systemd-resolved
Paul Vixie
paul at redbarn.org
Fri Oct 30 04:29:56 UTC 2020
On Thu, Oct 29, 2020 at 09:43:28PM -0400, Viktor Dukhovni wrote:
> On Thu, Oct 29, 2020 at 09:21:56PM -0400, Phil Pennock wrote:
> > ...
> > systemd-resolved is on 127.0.0.53 as a host-local resolver, so the
> > details of transport to it are pretty irrelevant: this is systemd
> > rejecting answers which two other implementations of validating
> > resolvers, on the local network, accept just fine.
>
> There are many such defects in systemd-resolved, get in line...
systemd is pretty configurable. there should be some way to turn this
DNS-like but not-actually-DNS listener off, and then either run a real
DNS listener (unbound, bind9, powerdns, knot, etc) there. bind9 in
particular will do the right thing even with /dev/null as a config file,
but that may be true of some of the others also.
several of my vm's are suse linux, which has systemd, so i'd be very
thankful to anyone with a HOWTO or URI on getting systemd out of my
DNS resolution path. yes, i manage the resolv.conf files, but the
risk of some local client ignoring that and sending to 0.0.0.0:53
and thus talking to systemd-resolved is too high.
> There's also an apparent attitude that the broken use-cases don't
> matter. So it is not clear that anything can be done in the short term.
> Much patience and consistent pressure from multiple parties will be
> required to get the issues acknowledged and resolved.
i don't care if those problems are acknowledged or resolved. i want my
operating system to not offer me services i don't explicitly ask for.
--
Paul Vixie
More information about the dns-operations
mailing list