Interpreting the output from systemd-resolve --status

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP












4















It seems that on newer Linux systems you can no longer check the DNSs by doing cat /etc/resolv.conf. It is now done by systemd-resolve --status.



Below is an example output of that command:



user@user:~$ systemd-resolve --status
Global
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test

Link 3 (wlp4s0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: fe80::e695:6eff:fe40:9af2
DNS Domain: lan


The description states:




--status



Shows the global and per-link DNS settings in currently in effect.



What does the Global section represent, what to those addresses represent and how are they related to DNSs?










share|improve this question




























    4















    It seems that on newer Linux systems you can no longer check the DNSs by doing cat /etc/resolv.conf. It is now done by systemd-resolve --status.



    Below is an example output of that command:



    user@user:~$ systemd-resolve --status
    Global
    DNSSEC NTA: 10.in-addr.arpa
    16.172.in-addr.arpa
    168.192.in-addr.arpa
    17.172.in-addr.arpa
    18.172.in-addr.arpa
    19.172.in-addr.arpa
    20.172.in-addr.arpa
    21.172.in-addr.arpa
    22.172.in-addr.arpa
    23.172.in-addr.arpa
    24.172.in-addr.arpa
    25.172.in-addr.arpa
    26.172.in-addr.arpa
    27.172.in-addr.arpa
    28.172.in-addr.arpa
    29.172.in-addr.arpa
    30.172.in-addr.arpa
    31.172.in-addr.arpa
    corp
    d.f.ip6.arpa
    home
    internal
    intranet
    lan
    local
    private
    test

    Link 3 (wlp4s0)
    Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
    LLMNR setting: yes
    MulticastDNS setting: no
    DNSSEC setting: no
    DNSSEC supported: no
    DNS Servers: fe80::e695:6eff:fe40:9af2
    DNS Domain: lan


    The description states:




    --status



    Shows the global and per-link DNS settings in currently in effect.



    What does the Global section represent, what to those addresses represent and how are they related to DNSs?










    share|improve this question


























      4












      4








      4








      It seems that on newer Linux systems you can no longer check the DNSs by doing cat /etc/resolv.conf. It is now done by systemd-resolve --status.



      Below is an example output of that command:



      user@user:~$ systemd-resolve --status
      Global
      DNSSEC NTA: 10.in-addr.arpa
      16.172.in-addr.arpa
      168.192.in-addr.arpa
      17.172.in-addr.arpa
      18.172.in-addr.arpa
      19.172.in-addr.arpa
      20.172.in-addr.arpa
      21.172.in-addr.arpa
      22.172.in-addr.arpa
      23.172.in-addr.arpa
      24.172.in-addr.arpa
      25.172.in-addr.arpa
      26.172.in-addr.arpa
      27.172.in-addr.arpa
      28.172.in-addr.arpa
      29.172.in-addr.arpa
      30.172.in-addr.arpa
      31.172.in-addr.arpa
      corp
      d.f.ip6.arpa
      home
      internal
      intranet
      lan
      local
      private
      test

      Link 3 (wlp4s0)
      Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
      LLMNR setting: yes
      MulticastDNS setting: no
      DNSSEC setting: no
      DNSSEC supported: no
      DNS Servers: fe80::e695:6eff:fe40:9af2
      DNS Domain: lan


      The description states:




      --status



      Shows the global and per-link DNS settings in currently in effect.



      What does the Global section represent, what to those addresses represent and how are they related to DNSs?










      share|improve this question
















      It seems that on newer Linux systems you can no longer check the DNSs by doing cat /etc/resolv.conf. It is now done by systemd-resolve --status.



      Below is an example output of that command:



      user@user:~$ systemd-resolve --status
      Global
      DNSSEC NTA: 10.in-addr.arpa
      16.172.in-addr.arpa
      168.192.in-addr.arpa
      17.172.in-addr.arpa
      18.172.in-addr.arpa
      19.172.in-addr.arpa
      20.172.in-addr.arpa
      21.172.in-addr.arpa
      22.172.in-addr.arpa
      23.172.in-addr.arpa
      24.172.in-addr.arpa
      25.172.in-addr.arpa
      26.172.in-addr.arpa
      27.172.in-addr.arpa
      28.172.in-addr.arpa
      29.172.in-addr.arpa
      30.172.in-addr.arpa
      31.172.in-addr.arpa
      corp
      d.f.ip6.arpa
      home
      internal
      intranet
      lan
      local
      private
      test

      Link 3 (wlp4s0)
      Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
      LLMNR setting: yes
      MulticastDNS setting: no
      DNSSEC setting: no
      DNSSEC supported: no
      DNS Servers: fe80::e695:6eff:fe40:9af2
      DNS Domain: lan


      The description states:




      --status



      Shows the global and per-link DNS settings in currently in effect.



      What does the Global section represent, what to those addresses represent and how are they related to DNSs?







      systemd dns






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Jun 18 '17 at 23:24







      TheMeaningfulEngineer

















      asked Jun 18 '17 at 8:32









      TheMeaningfulEngineerTheMeaningfulEngineer

      1,73873774




      1,73873774




















          1 Answer
          1






          active

          oldest

          votes


















          1














          The systemd-resolve documentation says:




          The DNS servers contacted are determined from the global settings in
          /etc/systemd/resolved.conf, the per-link static settings in
          /etc/systemd/network/*.network files, the per-link dynamic settings
          received over DHCP and any DNS server information made available by
          other system services.




          It think this explains your Global flag.



          DNSSEC NTA stands for DNSSEC Negative Trust Anchor. This applies to domains that are not signed or not correctly signed to "override" DNSSEC data, by disabling DNS validation for the specific domain. See RFC7646, which I quote:




          NTAs are configured locally on a validating DNS recursive resolver
          to shield end users from DNSSEC-related authoritative name server
          operational errors. NTAs are intended to be temporary and only
          implemented by the organization requiring an NTA (and not
          distributed by any organizations outside of the administrative
          boundary).







          share|improve this answer






















            Your Answer








            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "106"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: false,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            imageUploader:
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            ,
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );













            draft saved

            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f371759%2finterpreting-the-output-from-systemd-resolve-status%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            1














            The systemd-resolve documentation says:




            The DNS servers contacted are determined from the global settings in
            /etc/systemd/resolved.conf, the per-link static settings in
            /etc/systemd/network/*.network files, the per-link dynamic settings
            received over DHCP and any DNS server information made available by
            other system services.




            It think this explains your Global flag.



            DNSSEC NTA stands for DNSSEC Negative Trust Anchor. This applies to domains that are not signed or not correctly signed to "override" DNSSEC data, by disabling DNS validation for the specific domain. See RFC7646, which I quote:




            NTAs are configured locally on a validating DNS recursive resolver
            to shield end users from DNSSEC-related authoritative name server
            operational errors. NTAs are intended to be temporary and only
            implemented by the organization requiring an NTA (and not
            distributed by any organizations outside of the administrative
            boundary).







            share|improve this answer



























              1














              The systemd-resolve documentation says:




              The DNS servers contacted are determined from the global settings in
              /etc/systemd/resolved.conf, the per-link static settings in
              /etc/systemd/network/*.network files, the per-link dynamic settings
              received over DHCP and any DNS server information made available by
              other system services.




              It think this explains your Global flag.



              DNSSEC NTA stands for DNSSEC Negative Trust Anchor. This applies to domains that are not signed or not correctly signed to "override" DNSSEC data, by disabling DNS validation for the specific domain. See RFC7646, which I quote:




              NTAs are configured locally on a validating DNS recursive resolver
              to shield end users from DNSSEC-related authoritative name server
              operational errors. NTAs are intended to be temporary and only
              implemented by the organization requiring an NTA (and not
              distributed by any organizations outside of the administrative
              boundary).







              share|improve this answer

























                1












                1








                1







                The systemd-resolve documentation says:




                The DNS servers contacted are determined from the global settings in
                /etc/systemd/resolved.conf, the per-link static settings in
                /etc/systemd/network/*.network files, the per-link dynamic settings
                received over DHCP and any DNS server information made available by
                other system services.




                It think this explains your Global flag.



                DNSSEC NTA stands for DNSSEC Negative Trust Anchor. This applies to domains that are not signed or not correctly signed to "override" DNSSEC data, by disabling DNS validation for the specific domain. See RFC7646, which I quote:




                NTAs are configured locally on a validating DNS recursive resolver
                to shield end users from DNSSEC-related authoritative name server
                operational errors. NTAs are intended to be temporary and only
                implemented by the organization requiring an NTA (and not
                distributed by any organizations outside of the administrative
                boundary).







                share|improve this answer













                The systemd-resolve documentation says:




                The DNS servers contacted are determined from the global settings in
                /etc/systemd/resolved.conf, the per-link static settings in
                /etc/systemd/network/*.network files, the per-link dynamic settings
                received over DHCP and any DNS server information made available by
                other system services.




                It think this explains your Global flag.



                DNSSEC NTA stands for DNSSEC Negative Trust Anchor. This applies to domains that are not signed or not correctly signed to "override" DNSSEC data, by disabling DNS validation for the specific domain. See RFC7646, which I quote:




                NTAs are configured locally on a validating DNS recursive resolver
                to shield end users from DNSSEC-related authoritative name server
                operational errors. NTAs are intended to be temporary and only
                implemented by the organization requiring an NTA (and not
                distributed by any organizations outside of the administrative
                boundary).








                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Jun 21 '17 at 21:31









                Patrick MevzekPatrick Mevzek

                2,17511022




                2,17511022



























                    draft saved

                    draft discarded
















































                    Thanks for contributing an answer to Unix & Linux Stack Exchange!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid


                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.

                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f371759%2finterpreting-the-output-from-systemd-resolve-status%23new-answer', 'question_page');

                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown






                    Popular posts from this blog

                    How to check contact read email or not when send email to Individual?

                    Displaying single band from multi-band raster using QGIS

                    How many registers does an x86_64 CPU actually have?