On Sat, Feb 5, 2022 at 9:46 AM Kamil Jońca <kjo...@o2.pl> wrote: > > Hello. > > Current situation: > debian laptop with interfaces defined in /etc/network/interfaces > + resolvconf + dnsmasq packages and bunch of scripts wchich configures > network > (routes and name resolving) according to interfaces and vpn up down. > For example > 1. I am connected to home1 network (connected by wifi, no default > routing ), this network sets routing to some subnets with dhcp option > 121 (and dhclient scripts handles this) > 2. I am connected via etch to router with default gateway > 3. I am connected to work1 network via openvpn tunnel. > 4. I am connected to work2 network via ipsec gateway. > > I want to (and with my current config this is done) > that: > 1. proper routes are established (especially these with option 121) > 2. name resolving is properly configured: > ie. home1.tld DNS queries are forwarded to home1 network > work1.tld DNS queries are forwarded to work1 network (via openvpn > tunnel) > work2.tld DNS queries are forwarded to work2 network (via ipsec > tunnel) > rest DNS is forwarded to default gateway >
Systemd-networkd has supported the "classless static routes" option since v215. Per-suffix query forwarding is mostly built into systemd-resolved, although with the restriction that domains/nameservers are grouped by interface – so your IPsec tunnel will need its own interface (e.g. xfrmi0, or at least a 'dummy0' interface to stand in). The DNS= and Domains= configuration can be loaded either from networkd's .network files, or through resolvectl, or systemd's compat implementation of the `resolvconf` tool. Netplan is, as far as I know, an Ubuntu-specific tool that just generates systemd-networkd (or NetworkManager) configs. In case you wanted those to be YAML-based. -- Mantas Mikulėnas