>>> Really, the biggest issue people fear is their split view DNS. Which is >>> easilly solved by extending the concept of firewalld zones into Network >>> Manager, and always use broken DNS forwarders on "trusted networks". >> >> Hmmm... "easily solved" is not "solved": >> * Has this "biggest issue" really been solved? Do we have this NM >> integration? > > I don't know. I don't think the integration with firewalld/NM uses the > same concept of "zones". > >> Does it show in "nm-applet" (I avoid bringing up KDE which I >> personally use, or other desktops) >> * What other issues we don't know, simply because this Fedora setup >> hasn't been *widely* deployed? > > I'd be more sympathetic to this if we haven't gone through major things > like /usr move already :P > > Paul > --
The split-dns case is I believe what I have at work. I did test the proposed local dns resolver. I was able to resolve names of machines internal to my work network (after some workaround), but when I needed to connect to a machine with a different domainname, and it wasn't resolved, and I needed that to do my timesheet, I reverted. Using firewalld is not a perfect solution either, if that's the suggestion. My machines are configured to use iptables. I have a perfectly good working iptables setup, and found firewalld looked like it had too much learning curve, so I don't use it. -- devel mailing list devel@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
