Skip to content
Snippets Groups Projects
Select Git revision
  • 543eb178824e8ed8a6f385fe1ebdf0d7ca709be3
  • v2018.2.x default protected
  • 0x4A6F-rpi4
  • 0x4A6F-master
  • master
  • v2018.2.2-ffs
  • v2016.2.4-batmanbug
  • radv-filterd
  • v2016.2.x
  • hoodselector
  • v2016.1.x
  • babel
  • v2015.1.x
  • 2014.4.x
  • 2014.3.x
  • v2018.2.2-ffs0.1
  • v2018.2.1-ffs0.1
  • v2018.2.1
  • v2018.2-ffs0.1
  • v2018.2
  • v2018.1.4
  • v2018.1.3
  • v2018.1.2
  • v2018.1.1
  • v2018.1
  • v2017.1.8
  • v2017.1.7
  • v2017.1.6
  • v2017.1.5
  • v2017.1.4
  • v2017.1.3
  • v2017.1.2
  • v2016.2.7
  • v2017.1.1
  • v2017.1
35 results

dns-forwarder.rst

Blame
    • Forked from firmware / FFS Gluon
    2923 commits behind the upstream repository.
    user avatar
    gluon-core: remove DNS cache feature
    Matthias Schiffer authored 
    dnsmasq's caching is severly broken and does not handle all answer records
equally. In particular, its cached answers are missing DNSKEY and DS
records, breaking DNSSEC validation on clients.

Remove the cache for now. It may return if dnsmasq is fixed or we switch to
a different resolver.
    543eb178
    History
    user avatar 543eb178
    History
    dns-forwarder.rst 810 B

    DNS forwarder

    A Gluon node can be configured to act as a DNS forwarder. Requests for the next-node hostname(s) can be answered locally, without querying the upstream resolver.

    Note: While this reduces answer time and allows to use the next-node hostname without upstream connectivity, this feature should not be used for next-node hostnames that are FQDN when the zone uses DNSSEC.

    One or more upstream resolvers can be configured in the dns.servers setting. When next_node.name is set, A and/or AAAA records for the next-node IP addresses are placed in the dnsmasq configuration.

    dns = {
  servers = { '2001:db8::1', },
},

next_node = {
  name = { 'nextnode.location.community.example.org', 'nextnode', 'nn' },
  ip6 = '2001:db8:8::1',
  ip4 = '198.51.100.1',
}

    Impressum - Datenschutz