On Fri, 2009-08-07 at 18:25 -0400, Paul Wouters wrote: > On Fri, 7 Aug 2009, Dan Williams wrote: > > >>> The most common local caching nameserver is currently dnsmasq, and it > >>> also provides a D-Bus interface. If at all possible, we should try to > >>> use *one* dbus interface. Not sure if you've looked at the dnsmasq dbus > >>> API, but it might be worth a glance. > >> > >> I did look at it. It is the worst D-Bus API I have seen in a long time > >> and not helpful. Someone would have to fix it first. The amount of > >> parameter overloading it does is just insane. Otherwise dnsmasq has a > >> pretty nice set of features. > > > > Ok, fair enough. If that's the case, perhaps we should gently propose > > fixes to Simon? He's quite responsive. > > If imposing a local DNS cache, please use Unbound or Bind, as those
Hah :) The reason I ripped out the DNS local caching code before was because of more than a few (unfounded) complaints that people didn't want to run bind on their desktop machine. Thus a more lightweight solution like dnsmasq was desirable. But in any case, if bind were to grow a usable dbus interface (while the one it had before was OK, the bind D-Bus code itself was *horrible*) then we could certainly add support for it too. > are currently the only ones supporting DNSSEC. I hope we can enable > one of those with DNSSEC per default on every fedora install soon, but > that will take some convincing I think and won't happen overnight. But > DNSSEC is another good reason why every host should run its own > (validating) caching resolver. DNSSEC is a good point though. Perhaps we "prefer" local caching nameservers that can do DNSSEC before falling back to those that can't? Dan _______________________________________________ NetworkManager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
