summaryrefslogtreecommitdiff
path: root/man/resolved.conf.xml
diff options
context:
space:
mode:
Diffstat (limited to 'man/resolved.conf.xml')
-rw-r--r--man/resolved.conf.xml76
1 files changed, 30 insertions, 46 deletions
diff --git a/man/resolved.conf.xml b/man/resolved.conf.xml
index 5da2d5488e..3aa9c3acb1 100644
--- a/man/resolved.conf.xml
+++ b/man/resolved.conf.xml
@@ -72,40 +72,40 @@
<varlistentry>
<term><varname>DNS=</varname></term>
- <listitem><para>A space-separated list of IPv4 and IPv6
- addresses to be used as system DNS servers. DNS requests are
- sent to one of the listed DNS servers in parallel to any
- per-interface DNS servers acquired from
- <citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
- For compatibility reasons, if this setting is not specified,
- the DNS servers listed in
- <filename>/etc/resolv.conf</filename> are used instead, if
- that file exists and any servers are configured in it. This
- setting defaults to the empty list.</para></listitem>
+ <listitem><para>A space-separated list of IPv4 and IPv6 addresses to use as system DNS servers. DNS requests
+ are sent to one of the listed DNS servers in parallel to suitable per-link DNS servers acquired from
+ <citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> or
+ set at runtime by external applications. For compatibility reasons, if this setting is not specified, the DNS
+ servers listed in <filename>/etc/resolv.conf</filename> are used instead, if that file exists and any servers
+ are configured in it. This setting defaults to the empty list.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>FallbackDNS=</varname></term>
- <listitem><para>A space-separated list of IPv4 and IPv6
- addresses to be used as the fallback DNS servers. Any
- per-interface DNS servers obtained from
+ <listitem><para>A space-separated list of IPv4 and IPv6 addresses to use as the fallback DNS servers. Any
+ per-link DNS servers obtained from
<citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
- take precedence over this setting, as do any servers set via
- <varname>DNS=</varname> above or
- <filename>/etc/resolv.conf</filename>. This setting is hence
- only used if no other DNS server information is known. If this
- option is not given, a compiled-in list of DNS servers is used
- instead.</para></listitem>
+ take precedence over this setting, as do any servers set via <varname>DNS=</varname> above or
+ <filename>/etc/resolv.conf</filename>. This setting is hence only used if no other DNS server information is
+ known. If this option is not given, a compiled-in list of DNS servers is used instead.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>Domains=</varname></term>
- <listitem><para>A space-separated list of search domains. For
- compatibility reasons, if this setting is not specified, the
- search domains listed in <filename>/etc/resolv.conf</filename>
- are used instead, if that file exists and any domains are
- configured in it. This setting defaults to the empty
- list.</para></listitem>
+ <listitem><para>A space-separated list of domains. These domains are used as search suffixes when resolving
+ single-label host names (domain names which contain no dot), in order to qualify them into fully-qualified
+ domain names (FQDNs). Search domains are strictly processed in the order they are specified, until the name
+ with the suffix appended is found. For compatibility reasons, if this setting is not specified, the search
+ domains listed in <filename>/etc/resolv.conf</filename> are used instead, if that file exists and any domains
+ are configured in it. This setting defaults to the empty list.</para>
+
+ <para>Specified domain names may optionally be prefixed with <literal>~</literal>. In this case they do not
+ define a search path, but preferably direct DNS queries for the indicated domains to the DNS servers configured
+ with the system <varname>DNS=</varname> setting (see above), in case additional, suitable per-link DNS servers
+ are known. If no per-link DNS servers are known using the <literal>~</literal> syntax has no effect. Use the
+ construct <literal>~.</literal> (which is composed of <literal>~</literal> to indicate a routing domain and
+ <literal>.</literal> to indicate the DNS root domain that is the implied suffix of all DNS domains) to use the
+ system DNS server defined with <varname>DNS=</varname> preferably for all domains.</para></listitem>
</varlistentry>
<varlistentry>
@@ -119,28 +119,12 @@
<literal>resolve</literal>, only resolution support is enabled,
but responding is disabled. Note that
<citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
- also maintains per-interface LLMNR settings. LLMNR will be
- enabled on an interface only if the per-interface and the
+ also maintains per-link LLMNR settings. LLMNR will be
+ enabled on a link only if the per-link and the
global setting is on.</para></listitem>
</varlistentry>
<varlistentry>
- <term><varname>MulticastDNS=</varname></term>
- <listitem><para>Takes a boolean argument or
- <literal>resolve</literal>. Controls Multicast DNS support
- (<ulink url="https://tools.ietf.org/html/rfc6762">RFC
- 6762</ulink>) on the local host. If true, enables full
- Multicast DNS responder and resolver support. If false,
- disables both. If set to <literal>resolve</literal>, only
- resolution support is enabled, but responding is
- disabled. Note that
- <citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
- also maintains per-interface Multicast DNS settings. Multicast
- DNS will be enabled on an interface only if the per-interface
- and the global setting is on.</para></listitem>
- </varlistentry>
-
- <varlistentry>
<term><varname>DNSSEC=</varname></term>
<listitem><para>Takes a boolean argument or
<literal>allow-downgrade</literal>. If true all DNS lookups are
@@ -197,9 +181,9 @@
<para>In addition to this global DNSSEC setting
<citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
- also maintains per-interface DNSSEC settings. For system DNS
+ also maintains per-link DNSSEC settings. For system DNS
servers (see above), only the global DNSSEC setting is in
- effect. For per-interface DNS servers the per-interface
+ effect. For per-link DNS servers the per-link
setting is in effect, unless it is unset in which case the
global setting is used instead.</para>
@@ -226,7 +210,7 @@
<citerefentry><refentrytitle>systemd-resolved.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>dnssec-trust-anchors.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>resolv.conf</refentrytitle><manvolnum>4</manvolnum></citerefentry>
+ <citerefentry project='man-pages'><refentrytitle>resolv.conf</refentrytitle><manvolnum>4</manvolnum></citerefentry>
</para>
</refsect1>