Announcement

Collapse
No announcement yet.

Fedora 22 Looks To Have A Default Local DNS Resolver

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Fedora 22 Looks To Have A Default Local DNS Resolver

    Phoronix: Fedora 22 Looks To Have A Default Local DNS Resolver

    After it didn't pan out for Fedora 21, Fedora developers are now looking at having a default local DNS resolver used by Fedora 22 as one of its new features...

    http://www.phoronix.com/scan.php?pag...l-DNS-Resolver

  • #2
    I like this idea. I personally use OpenDNS, but this might be an even better solution.

    Comment


    • #3
      DNScrypt

      I've been using DNSCrypt for a while on Fedora 20. works very well, and I wish they would use this as the local resolver.

      Comment


      • #4
        Must have missed it...

        Must have missed it, this doesn't look like a systemd thing at all.... (shhh, please don't mention that to Red Hat, ok?)

        Comment


        • #5
          A nice thing to have.
          I'm not worry about the security of my DNS provider that much, but the DNS server running on my router does not always work.

          Comment


          • #6
            Originally posted by cjcox View Post
            Must have missed it, this doesn't look like a systemd thing at all.... (shhh, please don't mention that to Red Hat, ok?)
            Haven't read the wiki page yet but it will probably end up being dnsmasq as thats the go-to resolver on most distros

            Comment


            • #7
              Originally posted by Ericg View Post
              Haven't read the wiki page yet but it will probably end up being dnsmasq as thats the go-to resolver on most distros
              You sure about that? dnsmasq is just a forwarder. When you set that up for use by other systems on your network, it still uses the default dns server that it gets fed by dhcp or manual process. In other words, you would either have to explain to it what DNS server to FORWARD to, or it will pull the same DNS server that the machine would otherwise obtain over DHCP. End result is no change from what you had previously.

              The default configuration for BIND on Fedora works as a local resolver already (has for over a decade since I started using Fedora).
              yum -y install bind
              service named start
              chkconfig named on
              Then set your nameserver to localhost, and done.

              Edit... from the Fedora page:
              " Option 2 - Configure local resolver manually
              Make sure local DNS resolver (e.g. unbound or BIND) is running on 127.0.0.1:53. "
              Last edited by droidhacker; 01-14-2015, 10:04 AM.

              Comment


              • #8
                Lol, this reminds me of the new buzz that 'everything goes to the cloud'.

                This is practically moving one of the most important services back to your local workstation.

                Because (guess what?) the cloud 'is not always reliable'. (Who would have thought of that? )

                Originally posted by droidhacker View Post

                You sure about that? dnsmasq is just a forwarder. When you set that up for use by other systems on your network, it still uses the default dns server that it gets fed by dhcp or manual process. In other words, you would either have to explain to it what DNS server to FORWARD to, or it will pull the same DNS server that the machine would otherwise obtain over DHCP. End result is no change from what you had previously.

                The default configuration for BIND on Fedora works as a local resolver already (has for over a decade since I started using Fedora).
                yum -y install bind
                service named start
                chkconfig named on
                Then set your nameserver to localhost, and done.

                Edit... from the Fedora page:
                " Option 2 - Configure local resolver manually
                Make sure local DNS resolver (e.g. unbound or BIND) is running on 127.0.0.1:53. "

                DNSmasq can be used as a forwarder, but it's functionality does not stop there. Installing bind is a bit overkill. I also used unbound, but dnsmasq seems to be more actively maintained and it's being used by NetworkManager.

                From the dnsmasq.conf manpage: -S, --local, --server=[/[<domain>]/[domain/]][<ipaddr>[#<port>][@<source-ip>|<interface>[#<port>]] Specify IP address of upstream servers directly. Setting this flag does not suppress reading of /etc/resolv.conf, use -R to do that. If one or more optional domains are given, that server is used only for those domains and they are queried only using the specified server. This is intended for private nameservers: if you have a nameserver on your network which deals with names of the form xxx.internal.thekelleys.org.uk at 192.168.1.1 then giving the flag -S /internal.thekelleys.org.uk/192.168.1.1 will send all queries for internal machines to that nameserver, everything else will go to the servers in /etc/resolv.conf. An empty domain specification, // has the special meaning of "unqualified names only" ie names without any dots in them. A non-standard port may be specified as part of the IP address using a # character. More than one -S flag is allowed, with repeated domain or ipaddr parts as required.

                Comment

                Working...
                X