Re: Proposal to export mdns and llmnr enabled interfaces

From: Thomas Haller <thaller redhat com>
To: Petr Menšík <pemensik redhat com>, networkmanager-list gnome org
Subject: Re: Proposal to export mdns and llmnr enabled interfaces
Date: Fri, 03 Jun 2022 19:11:01 +0200

Hi,

On Fri, 2022-06-03 at 13:55 +0200, Petr Menšík via networkmanager-list
wrote:

Hi!

I would like to propose improvement with mdns (and possible llmnr) 
resolution. Current Fedora and Ubuntu contains mdns4_minimal in 
/etc/nsswitch.conf. Which means any name.local gets resolved by mdns
on 
every interface and always.

But network manager has configuration for mdns resolution on each 
connection. I know it targets primary systemd-resolved, but I think
it 
could export those information in a simple way for mdns nss plugin.

For example into file /run/mdns.interfaces, which would change only
on 
each connection change. It would be simple text file, containing on
each 
line interface name followed by a list of supported address families.


As this is run-time configuration, maybe it should be the ifindex. The
ifindex tends to uniquely identify an interface. Not completely, if the
signed 32 number wraps or if you move interfaces between namespaces,
but still. On the other hand, interfaces can be renamed. 


Anyway.

There are problably some conflicting requirements. E.g. the file should
be simple to parse, but also be expressive and extensible with future
features. Making it fully general (instead of specific only to nss-
mdns) makes it potentially more useful. But it also makes it harder to
design future proof.


Current defaults in distribution resolve only over IPv4. I don't see
a 
reason for that, so I would enable also IPv6 resolution on any 
connection, which does not set ipv6.method to disabled. As long as it
has link-local IPv6 address, mdns might work. But could be restricted
to 
connections having public IPv6 address eventually.

nss-mdns plugin has separate mdns4_minimal (resolve over IPv4 only), 
mdns6_minimal (resolve over IPv6 only) and mdns_minimal (resolve over
both). If it would be modified to read /run/mdns.interfaces before
each 
query, it could just use single version and provide dynamic
behaviour, 
while keeping simple logic in nss plugin.

I would like to have similar possibility also for LLMNR protocol,
which 
si very similar. But does not have any nss plugin in current 
distributions. I would like to make one eventually.

I would like to have simple way to allow or restrict multicast 
resolution on some networks, like public transport or conferences.
Where 
I don't trust other devices, so I don't want to ask them for names.

What would you think?

The overhead in NM seems minimal, yet it would allow good cooperation
with the system name resolution. Similar configuration could be also 
provided by different service, like systemd-networkd or any other.

What do you think about such change?


It sounds like a good idea to me.


Who would define this API? What does
https://github.com/lathiat/nss-mdns think about this? :)



Thank you for reaching out!!
Thomas

Follow-Ups:
- Re: Proposal to export mdns and llmnr enabled interfaces
  - From: Petr Menšík

References:
- Proposal to export mdns and llmnr enabled interfaces
  - From: Petr Menšík

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]