On 22.10.19 22:21, tormen(a)mail.ch wrote:
1) A question about how FallbackNameservers are used
2) A question / potential feature request
// 1) A question about how FallbackNameservers are used:
as I just mentioned: I would love to help improving the documentation
for now bit by bit as I am concerned.
As an example I just stumbled about:
* FallbackNameservers in the connman.conf (5) man page
What I miss: You don't explain when this is actually used... I have a
theory, but it would be nice to explicitely state that for the user
As I read in man comman:
Depending on how ConnMan is compiled, it will by default direct all DNS
traffic to itself by setting nameserver to 127.0.0.1 in
resolv.conf(5) file or leave DNS management to an external entity, such
So I suspect about FallbackNameservers:
FallbackNameservers are used in case ConnMan
internally handles DNS management (see --nodnsproxy and man connman how
to change this default behaviour). This variable allows to specify a
comma separated list of nameservers that will be questioned once the
DNS server(s) received via DHCP were consulted first.
Is this correct?
Yes, but it should also mention two other things:
- ConnMan supports also external DNS resolver such as systemd-resolved.
The Service API contains the Nameservers property which will also be
populated with the DNS servers (including the FallbackNameservers)
- Additional DNS server can be configured (Service API) which will be
inserted (if available == reachable) before the the fallbacks.
// 2) A question / potential feature request
I would /love/ to be able to use my OWN dns server and only as a
Fallback use the DNS servers provided by the DHCP response that connman
But why do I want that???
I am privacy aware and don't like to
give metainformation like all of my DNS requests to some company /
Hence I run dnsmasq using a local powerDNS recursor service as upstream
But also more and more people I know setup the DNS to be 188.8.131.52 (to
not use google's 184.108.40.206, 220.127.116.11, 18.104.22.168 servers ;)).
The problem: Some wifi-hotspots have their own custom DNS entries to
e.g. resolve the login URL! (e.g. often in hotels or with the public
transportation wifi hotspot)
So in this case and just for resolving this 1 or 2 URLs I need the DNS
server provided by DHCP.
I can think of 3 implementations but I have the feeling there should be
a more elegant solution, which I was not able to think of yet ;)
a) Provide a way to define default setting for new wifi connections.
And by default I can set the nameserver for this connection to
127.0.0.1 (pointing to my local dnsmasq). And then for connections
where this does not work, I could then leave the nameserver setting
blank / remove that setting so that it uses the connman default
nameserver settings (e.g. the nameserver received via DHCP)
So I could imagine connman setting up 127.0.0.1:53 and then providing a
possibility to set the Nameservers to use to my ip(s)
and then provide the possibility to set the FallbackNameserves to
"DHCP". Meaning it would put whatever DNS servers connman received over
connman would the nameservers that connman received via DHCP (e.g. in a
/var/lib/connmand/dhcp-resolv.conf or something like that ;))
So that then I can try to figure out a way to point my DNS service
(dnsmasq) to them as fallback...
The FallbackNameservers is though as the last resort. If everything else
fails try those. I'd like to keep this way. If you don't want to add
well known (not trustworthy) servers, this is fine, just leave it blank.
Not sure if I understood you correctly. It's all about priority. You
want something like:
Currently we do
use configured DNS servers
Not sure how you can implement this without changing the existing behavior.