On Mo, 28.09.20 12:14, Paul Wouters (p...@nohats.ca) wrote: > On Mon, 28 Sep 2020, Michael Catanzaro wrote: > > > I don't think it would be smart for employees to voluntarily opt-in to > > sending all DNS to their employer anyway... there's little benefit to > > the employee, and a lot of downside. > > Again, it is not up to systemd to limit valid use cases. > > Perhaps Listen or read to Paul Vixie, father of many Bind software releases: > > https://www.youtube.com/watch?v=ZxTdEEuyxHU > > https://www.theregister.com/2018/10/23/paul_vixie_slaps_doh_as_dns_privacy_feature_becomes_a_standard/ > > There are use cases for and against routing all DNS over your VPN. If > systemd wants to play system resolver, it needs to be able to be > configured for either use case. You don't get to limit our use > cases.
Configure "." as "routing domain" on a specific iface and the lookups wil go there preferably. If you put that on your VPN iface this means DNS traffic goes there preferably. If you put that ont he main iface this means DNS traffic goes there preferably. Ideally you'd use more fine grained routing domains however. Lennart -- Lennart Poettering, Berlin _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
