Giter VIP home page Giter VIP logo

resolved-merge-zones's Introduction

Installing

To my knowledge, the only dependencies are git and whatever is required to build kernel modules. I believe these can be installed with sudo apt install build-essential linux-headers-$(uname -r) make git

Run as normal user:

git clone https://github.com/dbear496/resolved-merge-zones.git
cd resolved-merge-zones
make clean
make

Then run with root or sudo:

make install
depmod -a
modprobe resolved-merge-zones

make clean does not have to be run on the first install, but it should be run when reinstalling after a kernel update to make sure there are no leftovers from the build for the previous kernel version.

depmod -a only need be run if the make install command reports that depmod was skipped.

You may get SSL errors from the make install command, and this indicates that the command could not automatically sign the module. If you do not have secure boot enabled, then you can likely ignore the SSL errors. However, if you have secure boot enabled, then the system will require kernel modules to be signed, so you will need to create a key-pair and enroll the public key.

To test that the module is working properly, run resolvectl query domainthatdoesnot.exist. If all is well, you should get a NOTIMP error. If something went wrong, it will report not found.

Each time the kernel is updated, this module must be recompiled and reinstalled. I recommend making a short shell script to do this.

How It Works

systemd-resolved assumes that all DNS servers are equal. Therefore, when a DNS server returns an NXDOMAIN rcode (no such domain), resolved takes that as authoritative and does not attempt other servers. However, this can cause problems if some servers are different; the notable case of this is when using a private DNS server that is specific to a LAN in addition to a public DNS server for backup. In this case, resolved may get stuck on using the backup server and not properly resolve LAN-specific names.

This kernel module inserts a listener on the network stack that detects incoming NXDOMAIN error codes. Whenever an NXDOMAIN code is detected (rcode 3), it changes it to a different error code (I chose rcode 4). When resolved receives this other error code, it assumes that something is wrong with the server and switches servers. This effectively changes the behavior of resolved to try all servers before concluding that a domain does not exist.

resolved-merge-zones's People

Contributors

dbear496 avatar

Stargazers

Geoff Stewart avatar

Watchers

avatar

resolved-merge-zones's Issues

Add support for DNS over TCP

Currently, this only modifies DNS packets that run on UDP, so the module fails to work as intended when TCP is used. Usually, UDP is used, so this is not a very big issue, but still it'd be very nice to have the module work all the time even when TCP is used.

modprobe fails on kernel version 5.13.0-20-generic

On kernel version 5.13.0-20-generic, modprobe fails with modprobe: ERROR: could not insert 'resolved_merge_zones': Exec format error. I tried rebuilding the module and rebooting, but nothing seems to work. The module works fine on kernel version linux-headers-5.13.0-19-generic, so I think I will stick with that version in hopes that it works in the next version after 5.13.0-20-generic. This might be caused by me messing something up on my end, so I will not try to fix it until someone else reports the same trouble.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.