Re: Working with a local DNS cache

From: Paul Wouters <paul xelerance com>
To: Dan Williams <dcbw redhat com>
Cc: Adam Langley <agl imperialviolet org>, networkmanager-list gnome org
Subject: Re: Working with a local DNS cache
Date: Fri, 7 Aug 2009 18:25:49 -0400 (EDT)

On Fri, 7 Aug 2009, Dan Williams wrote:

The most common local caching nameserver is currently dnsmasq, and it
also provides a D-Bus interface.  If at all possible, we should try to
use *one* dbus interface.  Not sure if you've looked at the dnsmasq dbus
API, but it might be worth a glance.


I did look at it. It is the worst D-Bus API I have seen in a long time
and not helpful. Someone would have to fix it first. The amount of
parameter overloading it does is just insane. Otherwise dnsmasq has a
pretty nice set of features.


Ok, fair enough.  If that's the case, perhaps we should gently propose
fixes to Simon?  He's quite responsive.


If imposing a local DNS cache, please use Unbound or Bind, as those
are currently the only ones supporting DNSSEC. I hope we can enable
one of those with DNSSEC per default on every fedora install soon, but
that will take some convincing I think and won't happen overnight. But
DNSSEC is another good reason why every host should run its own
(validating) caching resolver.

Paul

Follow-Ups:
- Re: Working with a local DNS cache
  - From: Dan Williams
- Re: Working with a local DNS cache
  - From: Adam Langley

References:
- Working with a local DNS cache
  - From: Adam Langley
- Re: Working with a local DNS cache
  - From: Dan Williams
- Re: Working with a local DNS cache
  - From: Marcel Holtmann
- Re: Working with a local DNS cache
  - From: Dan Williams

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]