Re: resolv.conf question

Dan Mahoney wrote:
> I really wish the DNS resolver libraries in the system stack
> supported quicker failover, or perhaps randomizing the list of
> servers.

All of that "fancy stuff" is done in the nameserver level.  Meaning
that if that is desired then the answer is installing a local caching
nameserver.  Or using a tightly coupled LAN one that can't fail.
There can be a significant amount of code to implement this behavior.
And differing opinions on the implementation.  Enough to keep it out
of libc which should avoid those issues.

And also note that the resolver only reads resolv.conf at start up
time.  Meaning that if changes are made any programs using it must be
restarted.  Whereas changes to the namerserver are shared with all
clients of the nameserver immediately when the nameserver is
reconfigured.

> If you're falling back to the second line in your resolv.conf,
> something has gone terribly wrong.

Strongly agree!

> It's trivially easy to run an unbound caching resolver on localhost,
> and it gives you the benefit of DNSSEC as well.

+1

Bob