diff options
author | Tom Gundersen <teg@jklm.no> | 2016-01-26 18:07:19 +0100 |
---|---|---|
committer | Tom Gundersen <teg@jklm.no> | 2016-01-26 18:07:19 +0100 |
commit | cfd77192c1de3bd264d15d6f4d8b3117f5619f4f (patch) | |
tree | 2534573f6826eac1ed2bdebfbff27ac07609cf44 /man/resolved.conf.xml | |
parent | 3820ed90335211dc208b048f1ff48ae66940ce3b (diff) | |
parent | 4850d39ab72e7cb00a6e9c9aa4745c997674efa6 (diff) |
Merge pull request #2437 from poettering/dnssec19
nineteenth dnssec patch
Diffstat (limited to 'man/resolved.conf.xml')
-rw-r--r-- | man/resolved.conf.xml | 58 |
1 files changed, 29 insertions, 29 deletions
diff --git a/man/resolved.conf.xml b/man/resolved.conf.xml index 09a192c933..3aa9c3acb1 100644 --- a/man/resolved.conf.xml +++ b/man/resolved.conf.xml @@ -72,40 +72,40 @@ <varlistentry> <term><varname>DNS=</varname></term> - <listitem><para>A space-separated list of IPv4 and IPv6 - addresses to be used as system DNS servers. DNS requests are - sent to one of the listed DNS servers in parallel to any - per-interface DNS servers acquired from - <citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. - For compatibility reasons, if this setting is not specified, - the DNS servers listed in - <filename>/etc/resolv.conf</filename> are used instead, if - that file exists and any servers are configured in it. This - setting defaults to the empty list.</para></listitem> + <listitem><para>A space-separated list of IPv4 and IPv6 addresses to use as system DNS servers. DNS requests + are sent to one of the listed DNS servers in parallel to suitable per-link DNS servers acquired from + <citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> or + set at runtime by external applications. For compatibility reasons, if this setting is not specified, the DNS + servers listed in <filename>/etc/resolv.conf</filename> are used instead, if that file exists and any servers + are configured in it. This setting defaults to the empty list.</para></listitem> </varlistentry> <varlistentry> <term><varname>FallbackDNS=</varname></term> - <listitem><para>A space-separated list of IPv4 and IPv6 - addresses to be used as the fallback DNS servers. Any - per-interface DNS servers obtained from + <listitem><para>A space-separated list of IPv4 and IPv6 addresses to use as the fallback DNS servers. Any + per-link DNS servers obtained from <citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> - take precedence over this setting, as do any servers set via - <varname>DNS=</varname> above or - <filename>/etc/resolv.conf</filename>. This setting is hence - only used if no other DNS server information is known. If this - option is not given, a compiled-in list of DNS servers is used - instead.</para></listitem> + take precedence over this setting, as do any servers set via <varname>DNS=</varname> above or + <filename>/etc/resolv.conf</filename>. This setting is hence only used if no other DNS server information is + known. If this option is not given, a compiled-in list of DNS servers is used instead.</para></listitem> </varlistentry> <varlistentry> <term><varname>Domains=</varname></term> - <listitem><para>A space-separated list of search domains. For - compatibility reasons, if this setting is not specified, the - search domains listed in <filename>/etc/resolv.conf</filename> - are used instead, if that file exists and any domains are - configured in it. This setting defaults to the empty - list.</para></listitem> + <listitem><para>A space-separated list of domains. These domains are used as search suffixes when resolving + single-label host names (domain names which contain no dot), in order to qualify them into fully-qualified + domain names (FQDNs). Search domains are strictly processed in the order they are specified, until the name + with the suffix appended is found. For compatibility reasons, if this setting is not specified, the search + domains listed in <filename>/etc/resolv.conf</filename> are used instead, if that file exists and any domains + are configured in it. This setting defaults to the empty list.</para> + + <para>Specified domain names may optionally be prefixed with <literal>~</literal>. In this case they do not + define a search path, but preferably direct DNS queries for the indicated domains to the DNS servers configured + with the system <varname>DNS=</varname> setting (see above), in case additional, suitable per-link DNS servers + are known. If no per-link DNS servers are known using the <literal>~</literal> syntax has no effect. Use the + construct <literal>~.</literal> (which is composed of <literal>~</literal> to indicate a routing domain and + <literal>.</literal> to indicate the DNS root domain that is the implied suffix of all DNS domains) to use the + system DNS server defined with <varname>DNS=</varname> preferably for all domains.</para></listitem> </varlistentry> <varlistentry> @@ -119,8 +119,8 @@ <literal>resolve</literal>, only resolution support is enabled, but responding is disabled. Note that <citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> - also maintains per-interface LLMNR settings. LLMNR will be - enabled on an interface only if the per-interface and the + also maintains per-link LLMNR settings. LLMNR will be + enabled on a link only if the per-link and the global setting is on.</para></listitem> </varlistentry> @@ -181,9 +181,9 @@ <para>In addition to this global DNSSEC setting <citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> - also maintains per-interface DNSSEC settings. For system DNS + also maintains per-link DNSSEC settings. For system DNS servers (see above), only the global DNSSEC setting is in - effect. For per-interface DNS servers the per-interface + effect. For per-link DNS servers the per-link setting is in effect, unless it is unset in which case the global setting is used instead.</para> |