On Sat, Feb 5, 2022 at 9:46 AM Kamil Jońca wrote:
>
> Hello.
>
> Current situation:
> debian laptop with interfaces defined in /etc/network/interfaces
> + resolvconf + dnsmasq packages and bunch of scripts wchich configures
> network
> (routes and name resolving) according to interfaces and vpn up down.
> For example
> 1. I am connected to home1 network (connected by wifi, no default
> routing ), this network sets routing to some subnets with dhcp option
> 121 (and dhclient scripts handles this)
> 2. I am connected via etch to router with default gateway
> 3. I am connected to work1 network via openvpn tunnel.
> 4. I am connected to work2 network via ipsec gateway.
>
> I want to (and with my current config this is done)
> that:
> 1. proper routes are established (especially these with option 121)
> 2. name resolving is properly configured:
> ie. home1.tld DNS queries are forwarded to home1 network
> work1.tld DNS queries are forwarded to work1 network (via openvpn
> tunnel)
> work2.tld DNS queries are forwarded to work2 network (via ipsec
> tunnel)
> rest DNS is forwarded to default gateway
>
Systemd-networkd has supported the "classless static routes" option since
v215.
Per-suffix query forwarding is mostly built into systemd-resolved, although
with the restriction that domains/nameservers are grouped by interface – so
your IPsec tunnel will need its own interface (e.g. xfrmi0, or at least a
'dummy0' interface to stand in). The DNS= and Domains= configuration can be
loaded either from networkd's .network files, or through resolvectl, or
systemd's compat implementation of the `resolvconf` tool.
Netplan is, as far as I know, an Ubuntu-specific tool that just generates
systemd-networkd (or NetworkManager) configs. In case you wanted those to
be YAML-based.
--
Mantas Mikulėnas
