fantastic dns records and where to find them
play

Fantastic DNS records and where to find them Demystifying - PowerPoint PPT Presentation

May 21, 2023 •114 likes •277 views

Fantastic DNS records and where to find them Demystifying systemd-resolved and how it is integrated on Ubuntu Dimitri John Ledkov <xnox@ubuntu.com> What is systemd-resolved? Local, caching, DNS resolver Per-link nameserver

  1. Fantastic DNS records and where to find them Demystifying systemd-resolved and how it is integrated on Ubuntu Dimitri John Ledkov <xnox@ubuntu.com>

  2. What is systemd-resolved? ● Local, caching, DNS resolver ● Per-link nameserver configuration storage ● NSS-module, dbus API, command-line tool ● Networked daemon ● Resolvconf implementation

  3. How to start using systemd-resolved? Symlink /etc/resolv.conf to... ● /run/systemd/resolve/stub-resolv.conf (stub with domains) ● /usr/lib/systemd/resolv.conf (stub resolver, static) ● /run/systemd/resolve/resolv.conf (underlying DNS servers)

  4. How do these resolv.conf files look like? /usr/lib/ systemd/resolv.conf nameserver 127.0.0.53 options edns0

  5. How do these resolv.conf files look like? /run/ systemd/resolve/ stub-resolv.conf nameserver 127.0.0.53 options edns0 search buildd enablement external internal power ppa

  6. How do these resolv.conf files look like? /run /systemd/resolve/ resolv.conf nameserver 10.172.192.1 nameserver 192.168.1.1 search buildd enablement external internal power ppa

  7. How to start using systemd-resolved? (cont) … or don’t mangle /etc/resolv.conf ● Enable NSS module ● Use command line tool ● Use dbus API ● Use the dynamic resolv.conf generated files ● Use dig

  8. How to update resolved nameservers? ● Netplan.io / NetworkManager / Networkd ● DBus API ● resolvctl (systemd-resolved) command line tools ● /sbin/resolvconf -> /usr/bin/resolvctl interface ● Reads /etc/resolv.conf if managed by others ● Configuration file fallbacks ● Compile time fallbacks

  9. Fun Stuff Optional features one can enforce for the whole system #LLMNR=no #MulticastDNS=no #DNSSEC=no #DNSOverTLS=no #Cache=yes #DNSStubListener=yes #ReadEtcHosts=yes

  10. resolvctl command line Global LLMNR setting: no MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no

  11. resolvctl command line Link 2 (wlp2s0) Current Scopes: DNS DefaultRoute setting: yes LLMNR setting: yes MulticastDNS setting: no DNSSEC setting: no DNSOverTLS setting: no DNSSEC supported: no Current DNS Server: 10.0.0.1 DNS Servers: 10.0.0.1 DNS Domain: ~. rieo.lan

  12. resolvctl command line query HOSTNAME|ADDRESS... Resolve domain names, IPv4 and IPv6 addresses service [[NAME] TYPE] DOMAIN Resolve service (SRV) openpgp EMAIL@DOMAIN... Query OpenPGP public key tlsa DOMAIN[:PORT]... Query TLS public key status [LINK...] Show link and server status statistics Show resolver statistics reset-statistics Reset resolver statistics flush-caches Flush all local DNS caches reset-server-features Forget learnt DNS server feature levels

  13. resolvctl command line dns [LINK [SERVER...]] Get/set per-interface DNS server address domain [LINK [DOMAIN...]] Get/set per-interface search domain default-route [LINK [BOOL]] Get/set per-interface default route flag llmnr [LINK [MODE]] Get/set per-interface LLMNR mode mdns [LINK [MODE]] Get/set per-interface MulticastDNS mode dnsovertls [LINK [MODE]] Get/set per-interface DNS-over-TLS mode dnssec [LINK [MODE]] Get/set per-interface DNSSEC mode nta [LINK [DOMAIN...]] Get/set per-interface DNSSEC NTA revert LINK Revert per-interface configuration

  14. Bugs ● Edns0 is sad ● Captive portals are sad ● Abuse of Option 15 for multiple domains ● MDNS taking too long ● Domain-less searches are not forwarded

  15. Ubuntu Defaults ● UseDomains=true (dhcp acquired domains trusted) ● LMMNR, MDNS, DNSSEC, DnsOverTLS - false ● Listen on UDP and TCP port 53 on lo 127.0.0.53 ● FallbackDNS none ● Resolv.conf stub-resolve.conf by default ● No NSS module by default ● Networkd, NetworkManager, ifupdown integration ● Resolvconf replacement (soon)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Fantastic Attacks and How Kalipso can find them Kamila Babayeva Sebastian Garcia

Fantastic Attacks and How Kalipso can find them Kamila Babayeva Sebastian Garcia

Fantastic Attacks and How Kalipso can find them Kamila Babayeva Sebastian Garcia babaykam@fel.cvut.cz, @_kamifai_ sebastian.garcia@agent.fel.cvut.cz, @eldracote What if you need to analyze a very large pcap to find if there was an

472 views • 32 slides
[2/2] Find scary C++ bugs before they find you Konstantin Serebryany, Google May 2014

[2/2] Find scary C++ bugs before they find you Konstantin Serebryany, Google May 2014

[1/2] Fantastic C++ Bugs and Where to Find Them [2/2] Find scary C++ bugs before they find you Konstantin Serebryany, Google May 2014 @compsciclub.ru Agenda AddressSanitizer (aka ASan) detects use-after-free and buffer overflows

742 views • 55 slides
Hope you had a FANTASTIC spring break! Hope you had a FANTASTIC spring break! Thanksgiving CS

Hope you had a FANTASTIC spring break! Hope you had a FANTASTIC spring break! Thanksgiving CS

Hope you had a FANTASTIC spring break! Hope you had a FANTASTIC spring break! Thanksgiving CS 188: Artificial Intelligence Neural Nets (ctd) and IRL Instructor: Anca Dragan --- University of California, Berkeley [These slides were created by

833 views • 80 slides
What Is There to Be Skeptical About? About the Fantastic Success of Deep Learning &amp; The

What Is There to Be Skeptical About? About the Fantastic Success of Deep Learning &amp; The

What Is There to Be Skeptical About? About the Fantastic Success of Deep Learning &amp; The Imperative of Incorporating Priors Into Learning Oliver Brock Robotics and Biology Laboratory The Fantastic Success of Deep Learning Lots of blowout

629 views • 35 slides
Youve Found Your Soldier on Fold3, Now What? It is not enough to find the record Building the

Youve Found Your Soldier on Fold3, Now What? It is not enough to find the record Building the

Youve Found Your Soldier on Fold3, Now What? It is not enough to find the record Building the framework of your ancestors life Build the Framework Using census records and vital records (if they exist) to build a timeline that has:

1.13k views • 101 slides
Records Retention Program Training Managing Records in Schools The Records Liaison What does

Records Retention Program Training Managing Records in Schools The Records Liaison What does

Records Retention Program Training Managing Records in Schools The Records Liaison What does that mean? The guardian ofyour schools records Rule 2380 The RL knows what records are kept in your school The RL is the expert!

361 views • 13 slides
Risk and Records at UTS Records Management Program &gt; University Records, Governance Support

Risk and Records at UTS Records Management Program &gt; University Records, Governance Support

THINK.CHANGE.DO Risk and Records at UTS Records Management Program &gt; University Records, Governance Support Unit, Registrar, DVC (Corporate Services) 6 dedicated f/t positions &gt; Devolved system 2 campuses (city campus over

325 views • 13 slides
Fantastic Tetris By Weipeng Dang ; Benjie Tong ; Yanbo Zou ; Yiran Tao Introduction: The

Fantastic Tetris By Weipeng Dang ; Benjie Tong ; Yanbo Zou ; Yiran Tao Introduction: The

Fantastic Tetris By Weipeng Dang ; Benjie Tong ; Yanbo Zou ; Yiran Tao Introduction: The fantastic Teristic is a variation of a normal Teristic. The game will automatically generate three different blocks into the screen for the users to choose.

863 views • 14 slides
http://www-history.mcs.st- Fantastic java applet for Blackbody radiation

http://www-history.mcs.st- Fantastic java applet for Blackbody radiation

http://www-history.mcs.st- Fantastic java applet for Blackbody radiation http://phet.colorado.edu/sims/blackbody-spectrum/blackbody-spectrum_en.html Fantastic java applet for the photoelectric effect

149 views • 13 slides
AS/NZS ISO 30300 and AS/NZS ISO 30301 Management systems for records Presented by Judith Ellis

AS/NZS ISO 30300 and AS/NZS ISO 30301 Management systems for records Presented by Judith Ellis

AS/NZS ISO 30300 and AS/NZS ISO 30301 Management systems for records Presented by Judith Ellis Framework for Good Recordkeeping Records are evidence of business Records system Records system Records Records characteristics

404 views • 21 slides
PLASTIC FANTASTIC transparent load-bearing facade Eelko Kroon 1303031 Reinhard Prophitius

PLASTIC FANTASTIC transparent load-bearing facade Eelko Kroon 1303031 Reinhard Prophitius

PLASTIC FANTASTIC transparent load-bearing facade Eelko Kroon 1303031 Reinhard Prophitius 1311689 June 29, 2010 CONTENTS scenario facade prototype element total building conclusions recommendations sponsors PLASTIC FANTASTIC -

282 views • 12 slides
A haiku. Todays 1. Who is a Records Custodian? Topics 2. Why is Records Management

A haiku. Todays 1. Who is a Records Custodian? Topics 2. Why is Records Management

RM1001 Records Custodian Training May 6, 2019 A haiku. Todays 1. Who is a Records Custodian? Topics 2. Why is Records Management important? 3. What is a Public Record? 4. What is Records Management? 5. Resources 2 1. Who is a

796 views • 33 slides
Everything You Ever Wanted To Know About Public Records (but didnt know how to ask) Why Have

Everything You Ever Wanted To Know About Public Records (but didnt know how to ask) Why Have

Everything You Ever Wanted To Know About Public Records (but didnt know how to ask) Why Have Open Records Laws? Sunshine concept Examples of Records Transparent &amp; Ethical Requests: Government Newspaper request for

281 views • 16 slides
1 WIS 2 WIS 3 WIS 4 WIS 5 WIS Funny! Good storyline! Fantastic

1 WIS 2 WIS 3 WIS 4 WIS 5 WIS Funny! Good storyline! Fantastic

1 WIS 2 WIS 3 WIS 4 WIS 5 WIS Funny! Good storyline! Fantastic Animation! 6 WIS 7 WIS Horrible plot! Exiting story! 8 WIS

692 views • 14 slides
Books and Records 1 Overview Records to be maintained Other Information 2 These se

Books and Records 1 Overview Records to be maintained Other Information 2 These se

Guidelines on maintaining Books and Records 1 Overview Records to be maintained Other Information 2 These se gu guidelin elines es are propo posed sed to be enacted cted as a part of the Regu gulati tions ons for External

283 views • 10 slides
WHAT ARE STUDENT RECORDS AND WHAT ARE PUBLIC RECORDS? (Whose Interests Are Being Served?)

WHAT ARE STUDENT RECORDS AND WHAT ARE PUBLIC RECORDS? (Whose Interests Are Being Served?)

WHAT ARE STUDENT RECORDS AND WHAT ARE PUBLIC RECORDS? (Whose Interests Are Being Served?) Presented by Jack B. Clarke, Jr. BEST BEST &amp; KRIEGER LLP February 15, 2018 ACSA SYMPOSIUM ANAHEIM, CALIFORNIA AN OVERVIEW 1. The Basics: The

648 views • 50 slides
Examples in Planning for Non-Transmission Alternatives (NTAs) Kenneth Sahm White Director

Examples in Planning for Non-Transmission Alternatives (NTAs) Kenneth Sahm White Director

Examples in Planning for Non-Transmission Alternatives (NTAs) Kenneth Sahm White Director of Policy &amp; Economic Analysis Clean Coalition (831) 425-5866 sahm@clean-coalition.org 30 July 2015 Making Clean Local

681 views • 20 slides
Annual General Meeting 2 Disclaimer This presentation has been prepared by Argo Service Company

Annual General Meeting 2 Disclaimer This presentation has been prepared by Argo Service Company

1 Welcome to the 2018 Annual General Meeting 2 Disclaimer This presentation has been prepared by Argo Service Company Pty Ltd ( ASCO ) (ACN 603 367 479) (Australian Financial Services Licence 470477), on behalf of Argo Global Listed

523 views • 40 slides
- binomial inequality Pure In linear inequality or logs - log Xo Ye - { Lilli 2 E Bi Yi { ( Li

- binomial inequality Pure In linear inequality or logs - log Xo Ye - { Lilli 2 E Bi Yi { ( Li

in Real Algebraic Tropical izatiou and Geometry Gurbiuatorics Extremal How I learned not to ( Or worry the tropics ) love and . Joint with : . Raymond , M . Singh , R . Thomas A , J . Yu F . Rincon , R . Sinn , C. Vinzant Se RI

371 views • 13 slides
2020 Annual General Meeting presentation Please find attached the presentation slides which

2020 Annual General Meeting presentation Please find attached the presentation slides which

26 October 2020 The Manager Company Announcements ASX Limited 20 Bridge Street SYDNEY NSW 2000 2020 Annual General Meeting presentation Please find attached the presentation slides which accompany the Chairmans and Managing Directors

401 views • 17 slides
The PAPI libpfm4 Transition and unrelated Software Prefetch Research Vince Weaver ICL Lunch

The PAPI libpfm4 Transition and unrelated Software Prefetch Research Vince Weaver ICL Lunch

The PAPI libpfm4 Transition and unrelated Software Prefetch Research Vince Weaver ICL Lunch Talk 11 February 2011 Part I: The PAPI libpfm4 Transition 1 Layers of Abstraction PAPI_TOT_INS PAPI INSTRUCTION_RETIRED Event Name Translator

486 views • 30 slides
Outline Shelahs classification theory and NTP 2 Examples of fields with NTP 2 Implications of

Outline Shelahs classification theory and NTP 2 Examples of fields with NTP 2 Implications of

Fields with NTP 2 Artem Chernikov Hebrew University of Jerusalem Model theory seminar Konstanz, 6 May 2013 Outline Shelahs classification theory and NTP 2 Examples of fields with NTP 2 Implications of NTP 2 for properties of definable groups

608 views • 25 slides
DUNE timing system Stoyan Trilov, University of Bristol DUNE UK Meeting 11/12/2019 1 Outline

DUNE timing system Stoyan Trilov, University of Bristol DUNE UK Meeting 11/12/2019 1 Outline

DUNE timing system Stoyan Trilov, University of Bristol DUNE UK Meeting 11/12/2019 1 Outline DUNE timing system Requirements Design Hardware CCM Summary 11/12/2019 2 DUNE timing requirements Clock alignment within

402 views • 8 slides
Recursive inventory management Martin F. Krafft madduck@debian.org 13 Aug 2013 @ DebConf 13,

Recursive inventory management Martin F. Krafft madduck@debian.org 13 Aug 2013 @ DebConf 13,

Recursive inventory management Martin F. Krafft madduck@debian.org 13 Aug 2013 @ DebConf 13, Vaumarcus, Switzerland Configuration management (system administration) Configuration management CFEngine bcfg2 Puppet Chef Salt Ansible

1.7k views • 108 slides

More recommend