Skip to content

Support automatically adding DNS routes

Beniamino Galvani requested to merge bg/dns-routes into main

Summary

When the ipvX.add-dns-routes property is set to true, add a route for each DNS server via the current interface.

Purpose

The systemd-resolved and dnsmasq DNS backends are capable of binding each DNS server to the interface that provides it.

This is not currently possible when using plain /etc/resolv.conf. For example, suppose there are two name servers A and B, respectively provided by interfaces intA and intB; both interfaces have a default route, and the default route on intA has lower metric. Then, both name servers A and B will be reached via intA, which might be undesirable.

To avoid this, we need to add a new route to reach B over intB.

Example

# nmcli connection add type ethernet ifname enp7s0 \
                       ipv4.method manual \
                       ipv4.address 172.16.1.1/24 \
                       ipv4.gateway 172.16.1.254 \
                       ipv4.dns 10.0.0.53 \
                       ipv4.add-dns-routes yes
Connection 'ethernet-enp7s0' (6ebd1eaa-c556-4c86-b205-f3f19a63418f) successfully added.

# ip rule
0:	from all lookup local
22000:	not from all fwmark 0x4e4d3030 lookup 1313681456 proto static
32766:	from all lookup main
32767:	from all lookup default

# ip route
default via 172.16.1.254 dev enp7s0 proto static metric 100 
172.16.1.0/24 dev enp7s0 proto kernel scope link src 172.16.1.1 metric 100 

# ip route show table 1313681456
10.0.0.53 via 172.16.1.254 dev enp7s0 proto static

# ip route get 10.0.0.53
10.0.0.53 via 172.16.1.254 dev enp7s0 table 1313681456 src 172.16.1.1 uid 0 
    cache 

Checklist

Please read https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/CONTRIBUTING.md before opening the merge request. In particular, check that:

  • the subject for all commits is concise and explicative
  • the message for all commits explains the reason for the change
  • the source is properly formatted
  • any relevant documentation is up to date
  • you have added unit tests if applicable
  • the NEWS file is updated when the change deserves to be mentioned, for example for new features, behavior changes, API deprecations, etc.
Edited by Beniamino Galvani

Merge request reports