Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-45878

RFE: Create routes for DNS servers

Linking RHIVOS CVEs to...Migration: Automation ...Sync from "Extern...XMLWordPrintable

    • NetworkManager-1.51.5-1.el9
    • None
    • rhel-net-mgmt
    • ssg_networking
    • 5
    • False
    • False
    • Hide

      None

      Show
      None
    • Yes
    • None
    • Hide

      Given a system with multiple network interfaces configured via DHCP, each providing its own DNS servers and default gateway,

      When a connection update occurs and NetworkManager configures the network interfaces,

      Then NetworkManager must create a route for each DNS server provided by the connections, using the default gateway of the respective connection

      Definition of Done:

      • The implementation meets the acceptance criteria
      • Integration tests are written and pass
      • The code is part of a downstream build attached to an errata
      Show
      Given a system with multiple network interfaces configured via DHCP, each providing its own DNS servers and default gateway, When a connection update occurs and NetworkManager configures the network interfaces, Then NetworkManager must create a route for each DNS server provided by the connections, using the default gateway of the respective connection Definition of Done: The implementation meets the acceptance criteria Integration tests are written and pass The code is part of a downstream build attached to an errata
    • Pass
    • None
    • Enhancement
    • Hide
      .NetworkManager can automatically add routes to DNS servers

      With the `ipv4.routed-dns` parameter, you can configure NetworkManager so that name servers are reachable only through the correct network interface. Apart from `systemd-resolved` and `dnsmasq` backend DNS services in NetworkManager, other backend services do not support binding name servers to the correct network interface. As a result, you can use NetworkManager to add an explicit route to the name server through the related network interface.
      Show
      .NetworkManager can automatically add routes to DNS servers With the `ipv4.routed-dns` parameter, you can configure NetworkManager so that name servers are reachable only through the correct network interface. Apart from `systemd-resolved` and `dnsmasq` backend DNS services in NetworkManager, other backend services do not support binding name servers to the correct network interface. As a result, you can use NetworkManager to add an explicit route to the name server through the related network interface.
    • Done
    • None

      Goal

      • Provide configuration option that ensures creation of routes to dns servers on connection update.

      Context

      In RHEL 10 we need to provide split-dns support. For that we created Dnsconfd project which uses our already supported DNS servers to provide new cache features. Using specialized daemon allows us to not change or implement new features into different servers repeatedly but configuring them with unified interface. Unfortunately, split-dns presents new challenge and that is connecting not only to the right dns server but also through the right interface.

      Example situation:

      There are two networks. That provide following configuration through DHCP:

      Interface 1:

      IP: 10.5.0.1

      Default gateway: 10.5.255.254

      DNS: 10.6.0.5, 10.6.0.6

      Domain: dummy.com

       

      Interface 2:

      IP: 10.8.0.1

      Default gateway: 10.8.255.254

      DNS: 10.9.0.5

      Domain:

       

      Interface 2 was connected before interface 1 and thus its default route took precedence over the other.

      Now dns service to honor split dns, has to contact either 10.6.0.5 or 10.6.0.6 to resolve for example whatever.dummy.com but it tries to do so with the second interface, gateway of second interface does not route to 10.6.0.0/24 network and thus the resolution fails.

      Acceptance Criteria

      A list of verification conditions, successful functional tests, or expected outcomes in order to declare this story/task successfully completed.

      • For each DNS server, a route has to be set up that forces system to connect to it through the right interface.

              rhn-engineering-vbenes Vladimir Benes
              tkorbar@redhat.com Tomáš Korbař
              Network Management Team Network Management Team
              Vladimir Benes Vladimir Benes
              Mayur Patil Mayur Patil
              Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

                Created:
                Updated:
                Resolved: