<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-cite-prefix">Sorry, apparently I wasn't clear. I
meant BIND DNS as an alternative to systemd, not as an adjunct.</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">Can't speak for unbound - have never
tried it.<br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">Warm Regards,<br>
Kyle Maas</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">On 9/21/20 1:22 PM, Grand Rapids Linux
Users Group wrote:<br>
</div>
<blockquote type="cite"
cite="mid:mailman.46893.1600708978.100365.grlug@grlug.org">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">We've had a ton of issues with systemd DNS resolver
doing silly things like crashing and causing huge issues since
all resolution fails. (notably, I haven't tried it in probably a
year, so maybe newer versions are better), but it seems to me,
adding something into the DNS resolver path is just adding
another point of failure.
<div><br>
</div>
<div>If you do really need DNS caching, check out unbound. It's
super fast/lightweight (compared to BIND), if you're just
doing caching.. For all my internal stuff, I disable
systemd's resolver, and use unbound.</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Mon, Sep 21, 2020 at 1:19
PM Grand Rapids Linux Users Group <<a
href="mailto:grlug@grlug.org" moz-do-not-send="true">grlug@grlug.org</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<div>I'm more used to using BIND DNS as a recursive resolver
and/or machine-local caching resolver. It may be older,
but if it ain't broke, don't fix it. So, if it's
available to you (depending on how much control you have
of the environment you run in), you might want to give it
a try. It's easy to set up and boringly reliable.<br>
</div>
<div><br>
</div>
<div>Warm Regards,<br>
Kyle Maas</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>On 9/20/20 7:18 PM, Grand Rapids Linux Users Group
wrote:<br>
</div>
<blockquote type="cite"> I’ve been underwhelmed by systemd
DNS for a few months, and am working through it’s
implementation on both ubuntu and centos to determine why
/ where it gets its hooks, but haven’t found a real fix
for it, yet. There are ways to inject nameservers /
search domain.tld / etc. using NetworkManager,
network/ing.service, internal dhcp or dhclient, but none
are consistently implemented and you end up with hosts
that fail to resolve internal and external fqdns until you
trounce /etc/resolv.conf with a sane version of
nameservers for your network.
<div><br>
</div>
<div>Currently netplan appears to be the most reasonable
management option, but I’m still working through it’s
implementation and deployment. One of the challenges,
I’m running into is that I’m migrating my VirtualBox VMs
to libvirt / KVM, which adds the additional complication
of configuring bonding, but have mostly worked through
those details and have a good netplan configuration for
the kvm nodes, just need to finalize how to reapply the
netplan on running hosts without disrupting networking
on the various guests when network changes happen.</div>
<div><br>
</div>
<div>If anyone else is also working on ways to replace
systemd’s brain-dead DNS implementation, I’d be
interested in seeing what you’re experiencing. Seems a
good problem to gather collaborators for, especially
those using different distros, such as centos, ubuntu,
suse, etc.</div>
<div><br>
</div>
<div>-Van<br>
<div><br>
<blockquote type="cite">
<div>On Sep 18, 2020, at 18:59, Grand Rapids Linux
Users Group <<a href="mailto:grlug@grlug.org"
target="_blank" moz-do-not-send="true">grlug@grlug.org</a>>
wrote:</div>
<br>
<div>
<div>Have a VPS that came configured to use
systemd DNS, .. and every now and<br>
then resolution fails (there are Nagios checks
checking for the various<br>
websites on that server).<br>
<br>
Anyone ever seen such a transient failures?<br>
<br>
Thanks!<br>
-- <br>
grlug mailing list<br>
<a href="mailto:grlug@grlug.org" target="_blank"
moz-do-not-send="true">grlug@grlug.org</a><br>
<a
href="https://shinobu.grlug.org/mailman/listinfo/grlug"
target="_blank" moz-do-not-send="true">https://shinobu.grlug.org/mailman/listinfo/grlug</a><br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
</blockquote>
<p><br>
</p>
</div>
-- <br>
grlug mailing list<br>
<a href="mailto:grlug@grlug.org" target="_blank"
moz-do-not-send="true">grlug@grlug.org</a><br>
<a href="https://shinobu.grlug.org/mailman/listinfo/grlug"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://shinobu.grlug.org/mailman/listinfo/grlug</a><br>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
</blockquote>
<p><br>
</p>
</body>
</html>