<div dir="ltr">We've had a ton of issues with systemd DNS resolver doing silly things like crashing and causing huge issues since all resolution fails. (notably, I haven't tried it in probably a year, so maybe newer versions are better), but it seems to me, adding something into the DNS resolver path is just adding another point of failure.<div><br></div><div>If you do really need DNS caching, check out unbound. It's super fast/lightweight (compared to BIND), if you're just doing caching.. For all my internal stuff, I disable systemd's resolver, and use unbound.</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Sep 21, 2020 at 1:19 PM Grand Rapids Linux Users Group <<a href="mailto:grlug@grlug.org">grlug@grlug.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<div>I'm more used to using BIND DNS as a
recursive resolver and/or machine-local caching resolver. It may
be older, but if it ain't broke, don't fix it. So, if it's
available to you (depending on how much control you have of the
environment you run in), you might want to give it a try. It's
easy to set up and boringly reliable.<br>
</div>
<div><br>
</div>
<div>Warm Regards,<br>
Kyle Maas</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>On 9/20/20 7:18 PM, Grand Rapids Linux
Users Group wrote:<br>
</div>
<blockquote type="cite">
I’ve been underwhelmed by systemd DNS for a few months, and am
working through it’s implementation on both ubuntu and centos to
determine why / where it gets its hooks, but haven’t found a real
fix for it, yet. There are ways to inject nameservers / search
domain.tld / etc. using NetworkManager, network/ing.service,
internal dhcp or dhclient, but none are consistently implemented
and you end up with hosts that fail to resolve internal and
external fqdns until you trounce /etc/resolv.conf with a sane
version of nameservers for your network.
<div><br>
</div>
<div>Currently netplan appears to be the most reasonable
management option, but I’m still working through it’s
implementation and deployment. One of the challenges, I’m
running into is that I’m migrating my VirtualBox VMs to libvirt
/ KVM, which adds the additional complication of configuring
bonding, but have mostly worked through those details and have a
good netplan configuration for the kvm nodes, just need to
finalize how to reapply the netplan on running hosts without
disrupting networking on the various guests when network changes
happen.</div>
<div><br>
</div>
<div>If anyone else is also working on ways to replace
systemd’s brain-dead DNS implementation, I’d be interested in
seeing what you’re experiencing. Seems a good problem to gather
collaborators for, especially those using different distros,
such as centos, ubuntu, suse, etc.</div>
<div><br>
</div>
<div>-Van<br>
<div><br>
<blockquote type="cite">
<div>On Sep 18, 2020, at 18:59, Grand Rapids Linux
Users Group <<a href="mailto:grlug@grlug.org" target="_blank">grlug@grlug.org</a>> wrote:</div>
<br>
<div>
<div>Have a VPS that came configured to use
systemd DNS, .. and every now and<br>
then resolution fails (there are Nagios checks checking
for the various<br>
websites on that server).<br>
<br>
Anyone ever seen such a transient failures?<br>
<br>
Thanks!<br>
-- <br>
grlug mailing list<br>
<a href="mailto:grlug@grlug.org" target="_blank">grlug@grlug.org</a><br>
<a href="https://shinobu.grlug.org/mailman/listinfo/grlug" target="_blank">https://shinobu.grlug.org/mailman/listinfo/grlug</a><br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
</blockquote>
<p><br>
</p>
</div>
-- <br>
grlug mailing list<br>
<a href="mailto:grlug@grlug.org" target="_blank">grlug@grlug.org</a><br>
<a href="https://shinobu.grlug.org/mailman/listinfo/grlug" rel="noreferrer" target="_blank">https://shinobu.grlug.org/mailman/listinfo/grlug</a><br>
</blockquote></div>