Paket:
systemd-resolvedDienst starten:
systemctl enable --now systemd-resolved.service
Testen:
resolvectl query www.linuxhotel.de
… hosts: files … resolve [!UNAVAIL=return] … myhostname …
Testen:
getent ahosts www.linuxhotel.de
readlink /etc/resolv.conf
→ ../run/systemd/resolve/stub-resolv.conf
grep nameserver /etc/resolv.conf
→ nameserver 127.0.0.53
Testen:
host www.linuxhotel.de dig www.linuxhotel.de
von Hand:
resolvectl dns br0 192.168.236.11 resolvectl domain br0 z36.internal
automatisch: z.B. per DHCP
Einstellungen ansehen:
resolvectl status br0
Testen:
resolvectl query vm1 getent hosts vm1
DNSSEC aktivieren, um z.B. SSHFP zu ermöglichen:
grep options /etc/resolv.conf
→ options edns0 trust-ad
mkdir /etc/systemd/resolved.conf.d
[Resolve] DNSSEC=allow-downgrade
systemctl kill --signal=HUP systemd-resolved.service
Testen:
resolvectl status
→ DNSSEC=allow-downgrade/supported
dig NS de
→ flags: … ad