To illustrate: if I have a global DNS server 1.1.1.1, and a VPN networkd device with
DNS=2.2.2.2 Domains= ~company Then trying to resolve google.com should *only* hit 1.1.1.1, not 2.2.2.2. If OTOH I would have configured Domains= ~company ~. then it's okay to hit both. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1588230 Title: systemd-resolved uses domain limited DNS servers for all requests potentially a privacy issue Status in systemd package in Ubuntu: New Bug description: When configuring a DNS server for a link for specific domains (via the Domains= ~foo syntax) systemd-resolved correctly routes requests for those domains to that DNS server. However even without ~. on the list it also routes all other requests there (and in parallel to the primary servers) appearing to pick the fastest responder. This (to my mind) represents a privacy issue as requests that that DNS server is not intended to see are routed there. I would have expected the ~. syntax to allow me to request this behaviour and in its absence to not see general requests routed to these servers. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1588230/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
