On Tue, 2020-04-14 at 16:18 -0500, Michael Catanzaro wrote:
On Tue, Apr 14, 2020 at 12:45 pm, Adam Williamson
<adamwill(a)fedoraproject.org> wrote:
> Doesn't NetworkManager already broadly address both of these on all
> installations where it's used (which is all Fedora installs by
> default)?
I don't think so, no.
As far as I know, NetworkManager does not have a DNS cache. The only
way to implement one systemwide would be to write a glibc NSS plugin.
Otherwise, how would glibc be able to talk to NetworkManager to use the
cached results?
Then the description of multi-VPN scenario is written based on the
status quo with NetworkManager already installed and enabled.
NetworkManager has three DNS backends: default (nss-dns, what we use
currently), dnsmasq, and systemd-resolved. The default backend just
does the wrong thing and cannot be fixed. When either dnsmasq or
systemd-resolved is in use, NetworkManager will go ahead and do the
right thing by telling dnsmasq/systemd-resolved which network
interfaces should be used to resolve which hostnames. I consulted with
the NetworkManager developers and they recommended systemd-resolved
over dnsmasq, although I understand that dnsmasq is good too.
I thought we'd made the dnsmasq config default at some point (that
implements both caching and split DNS). I guess I was remembering
wrong.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net