dnsconfd.conf - Man Page
dnsconfd configuration file
Description
Dnsconfd.conf is YAML formatted configuration file altering behaviour of Dnsconfd.
Options
- dbus_name
DBUS name that dnsconfd should use, default com.redhat.dnsconfd
- log_level
Log level of dnsconfd, default INFO
- resolv_conf_path
Path to resolv.conf that the dnsconfd should manage, default /etc/resolv.conf
- prioritize_wire
If set to yes then wireless interfaces will have lower priority, default yes
- listen_address
Address on which local resolver listens, default 127.0.0.1
- resolver_options
Options to be used in resolv.conf for alteration of resolver, default "edns0 trust-ad"
- dnssec_enabled
Enable dnssec record validation, default no
- handle_routing
Dnsconfd will submit necessary routes to routing manager, default yes
- api_choice
Dnsconfd will switch between APIs. Allowed options are resolve1 and dnsconfd. Default is dnsconfd
- stderr_log
Dnsconfd will write logs into stderr, default yes
- journal_log
Dnsconfd will send logs into journal, default no
- syslog_log
Dnsconfd will send logs into syslog destination specified by this option, by default disabled. See command line option for destination specification syntax.
- file_log
Dnsconfd will write logs into specified file, not used by default
- certification_authority
Absolute path to a bundle of certification authorities that will be used when no custom were specified.
- static_servers
List of servers that should be configured, default is empty
- certification_authority
Space separated list of CA bundles used for encrypted protocols as default when no custom CA was specified. The first one that can be accessed will be used, default /etc/pki/dns/extracted/pem/tls-ca-bundle.pem /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
Available attributes of servers are:
· address required, string of servers ip address
· protocol optional, DoT or plain
· name optional, name that should be present in server's TLS certificate
· port optional, port on which server is listening. If not given then 53 is used for plain protocol and 853 for DoT
· routing_domains optional, domains whose resolution should be performed through this server
· search_domains optional, domains that should be used for host-name lookup
· nssec optional, boolean indicating whether this server supports dnssec or not
· 0tworks optional, networks whose reverse dns records must be resolved by this serverExamples:
Enabling one global server using DNS over TLS
static_servers:
- address: 192.168.6.3
protocol: "DoT"
name: namedEnabling one server for specific domain and second for everything else
static_servers:
- address: 192.168.6.3
- address: 192.168.6.4
routing_domains:
- example.com- ignore_api
If enabled, dnsconfd will ignore configuration received through API, default no
Reporting Bugs
Please for reporting bugs use Github repository https://github.com/InfrastructureServices/dnsconfd
See Also
dnsconfd(8) Dnsconfd daemon dnsconfd-status(8) Checking status of dnsconfd dnsconfd-reload(8) Reload running cache service dnsconfd-config(8) Change configuration of host dnsconfd-update(8) Change Dnsconfd configuration
Copyright
Copyright (c) 2023 Red Hat, Inc.
Referenced By
dnsconfd(8), dnsconfd-config(8), dnsconfd-reload(8), dnsconfd-status(8).