[Dnssec-trigger] status of dnssec-trigger and NetworkManager in upstream and Fedora
Pavel Simerda
psimerda at redhat.com
Mon Jun 23 15:01:06 UTC 2014
Hi,
a number of patches have been accepted to dnssec-trigger upstream to support
seamless integration with NetworkManager. We're not done yet and but at least
we have something to test. The target release is Fedora 22:
https://fedoraproject.org/wiki/Changes/Default_Local_DNS_Resolver
I'm using Fedora rawhide for testing, always using the latest f21 koji build:
http://koji.fedoraproject.org/koji/packageinfo?packageID=13240
We hope to release an update for Fedora 20 as soon as possible. Upstream SVN
trunk can be used for testing as well – I'm using it on Gentoo using a live
ebuild:
https://github.com/okias/ixit/blob/master/net-misc/dnssec-trigger/dnssec-trigger-9999.ebuild
During the testing I found out that the fallback mechanisms don't work for me at all. This
is covered by the following Fedora bug report:
https://bugzilla.redhat.com/show_bug.cgi?id=1109292
Another issue is that full recursion is treated as a fallback that always works and the user
doesn't get the chance to use a non-DNSSEC configuration as he doesn't even know why DNS
resolution fails:
https://bugzilla.redhat.com/show_bug.cgi?id=1112310
While there are other issues to be considered, the former issue linked here seems to spoil the
whole user experience of dnssec-trigger. I don't currently have any more information to identify
the version where the issue appeared. I'm just notifying you that about its existence for now.
Cheers,
Pavel
More information about the dnssec-trigger
mailing list