Date: Thu, 13 Oct 2022 10:35:00 -0600 From: Bob Proulx <bob@proulx.com> To: FreeBSD Questions Mailing List <freebsd-questions@freebsd.org> Subject: Re: resolv.conf question Message-ID: <20221013102456085799804@bob.proulx.com> In-Reply-To: <7F000833-031D-41D9-8C49-F999F1A9AD73@gushi.org> References: <alpine.BSF.2.00.2210111300120.66282@bucksport.safeport.com> <CAFbbPug83%2BxyjZoR%2BOZ1HqnzDCptmqLFbZ7vThgP9=O6QjF-KA@mail.gmail.com> <alpine.BSF.2.00.2210111630040.66282@bucksport.safeport.com> <20221012185254621820516@bob.proulx.com> <7F000833-031D-41D9-8C49-F999F1A9AD73@gushi.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Dan Mahoney wrote: > I really wish the DNS resolver libraries in the system stack > supported quicker failover, or perhaps randomizing the list of > servers. All of that "fancy stuff" is done in the nameserver level. Meaning that if that is desired then the answer is installing a local caching nameserver. Or using a tightly coupled LAN one that can't fail. There can be a significant amount of code to implement this behavior. And differing opinions on the implementation. Enough to keep it out of libc which should avoid those issues. And also note that the resolver only reads resolv.conf at start up time. Meaning that if changes are made any programs using it must be restarted. Whereas changes to the namerserver are shared with all clients of the nameserver immediately when the nameserver is reconfigured. > If you're falling back to the second line in your resolv.conf, > something has gone terribly wrong. Strongly agree! > It's trivially easy to run an unbound caching resolver on localhost, > and it gives you the benefit of DNSSEC as well. +1 Bob
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20221013102456085799804>