-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDNS.mw
66 lines (52 loc) · 2.42 KB
/
DNS.mw
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
{{Header}}
{{#seo:
|description=DNS
}}
<div class="mininav">
* [[Networking]]
* [[DNS]]
* [[DNS Security]]
</div>
{{intro|
DNS
}}
{{stub}}
= Default DNS Configuration =
[https://github.com/Kicksecure/kicksecure-network-conf kicksecure-network-conf]
= Linux Default DNS Mechanism =
On Linux, DNS libraries read the <code>/etc/resolv.conf</code> file. A DNS-resolving client such as Unbound is optional and not strictly required for basic DNS resolution.
== /etc/resolv.conf ==
* '''Purpose''': The <code>/etc/resolv.conf</code> file is a standard configuration file in Linux systems used by DNS resolver libraries (like <code>glibc</code>) to determine how to perform DNS resolution.
* '''Contents''': It typically contains information such as:
** <code>nameserver</code> directives specifying the IP addresses of DNS servers.
** <code>search</code> domains and <code>options</code> for resolving queries.
== DNS Resolver Libraries ==
* These libraries are part of most Linux systems and use <code>/etc/resolv.conf</code> to send DNS queries to the specified nameservers.
* The libraries themselves handle basic DNS resolution without needing an external DNS resolver client.
== DNS Resolver Clients ==
E.g., <code>unbound</code>, <code>systemd-resolved</code>.
* '''Optional''': External DNS resolving software like <code>unbound</code> or <code>systemd-resolved</code> is not strictly required for basic DNS resolution.
* '''Purpose''': These tools provide additional functionality, such as caching, advanced DNSSEC validation, or recursive DNS resolution.
* '''Integration''': When such a resolver is used, <code>/etc/resolv.conf</code> might point to <code>127.0.0.1</code> (localhost), as the local resolver handles DNS queries before forwarding them.
== Summary ==
* Basic DNS resolution on Linux relies on resolver libraries using <code>/etc/resolv.conf</code>.
* External DNS resolving clients like <code>unbound</code> are optional and primarily used to enhance DNS functionality. They are not required for basic operations if a valid nameserver is defined in <code>/etc/resolv.conf</code>.
= Enabling systemd-resolved =
[[Untested]]!
{{Testers-only}}
{{AdvancedUsersOnly}}
{{CodeSelect|code=
sudo touch /etc/dns-enable
}}
{{CodeSelect|code=
sudo apt install systemd-resolved
}}
{{CodeSelect|code=
sudo systemctl enable systemd-resolved
}}
{{CodeSelect|code=
sudo systemctl start systemd-resolved
}}
{{reflist|close=1}}
{{Footer}}
[[Category:Documentation]]