On Monday, September 28, 2020 12:42:32 PM MST Lennart Poettering wrote: > On Mo, 28.09.20 12:14, Paul Wouters (p...@nohats.ca) wrote: > > > > On Mon, 28 Sep 2020, Michael Catanzaro wrote: > > > > > > > > > I don't think it would be smart for employees to voluntarily opt-in to > > > sending all DNS to their employer anyway... there's little benefit to > > > the employee, and a lot of downside. > > > > > > > > Again, it is not up to systemd to limit valid use cases. > > > > > > > > Perhaps Listen or read to Paul Vixie, father of many Bind software > > releases: > > > > > > > https://www.youtube.com/watch?v=ZxTdEEuyxHU > > > > > > > > https://www.theregister.com/2018/10/23/paul_vixie_slaps_doh_as_dns_privacy > > _feature_becomes_a_standard/ > > > > > > > There are use cases for and against routing all DNS over your VPN. If > > systemd wants to play system resolver, it needs to be able to be > > configured for either use case. You don't get to limit our use > > cases. > > > Configure "." as "routing domain" on a specific iface and the lookups > wil go there preferably. If you put that on your VPN iface this means > DNS traffic goes there preferably. If you put that ont he main iface this > means DNS traffic goes there preferably. > > Ideally you'd use more fine grained routing domains however. > > Lennart
Lennart, Is that a NetworkManager setting or a systemd-resolved setting? Is that going to be exposed in the GUI, or is it something that gets hidden away? How does systemd-resolved figure out what domains "should" be sent to a given connection's DNS server without some arcane incantation from the systemd docs? -- John M. Harris, Jr. _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
