Interpreting the output from systemd-resolve --status
Clash Royale CLAN TAG#URR8PPP
It seems that on newer Linux systems you can no longer check the DNSs by doing cat /etc/resolv.conf
. It is now done by systemd-resolve --status
.
Below is an example output of that command:
user@user:~$ systemd-resolve --status
Global
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 3 (wlp4s0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: fe80::e695:6eff:fe40:9af2
DNS Domain: lan
The description states:
--status
Shows the global and per-link DNS settings in currently in effect.
What does the Global
section represent, what to those addresses represent and how are they related to DNSs?
systemd dns
add a comment |
It seems that on newer Linux systems you can no longer check the DNSs by doing cat /etc/resolv.conf
. It is now done by systemd-resolve --status
.
Below is an example output of that command:
user@user:~$ systemd-resolve --status
Global
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 3 (wlp4s0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: fe80::e695:6eff:fe40:9af2
DNS Domain: lan
The description states:
--status
Shows the global and per-link DNS settings in currently in effect.
What does the Global
section represent, what to those addresses represent and how are they related to DNSs?
systemd dns
add a comment |
It seems that on newer Linux systems you can no longer check the DNSs by doing cat /etc/resolv.conf
. It is now done by systemd-resolve --status
.
Below is an example output of that command:
user@user:~$ systemd-resolve --status
Global
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 3 (wlp4s0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: fe80::e695:6eff:fe40:9af2
DNS Domain: lan
The description states:
--status
Shows the global and per-link DNS settings in currently in effect.
What does the Global
section represent, what to those addresses represent and how are they related to DNSs?
systemd dns
It seems that on newer Linux systems you can no longer check the DNSs by doing cat /etc/resolv.conf
. It is now done by systemd-resolve --status
.
Below is an example output of that command:
user@user:~$ systemd-resolve --status
Global
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 3 (wlp4s0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: fe80::e695:6eff:fe40:9af2
DNS Domain: lan
The description states:
--status
Shows the global and per-link DNS settings in currently in effect.
What does the Global
section represent, what to those addresses represent and how are they related to DNSs?
systemd dns
systemd dns
edited Jun 18 '17 at 23:24
TheMeaningfulEngineer
asked Jun 18 '17 at 8:32
TheMeaningfulEngineerTheMeaningfulEngineer
1,73873774
1,73873774
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
The systemd-resolve
documentation says:
The DNS servers contacted are determined from the global settings in
/etc/systemd/resolved.conf, the per-link static settings in
/etc/systemd/network/*.network files, the per-link dynamic settings
received over DHCP and any DNS server information made available by
other system services.
It think this explains your Global
flag.
DNSSEC NTA stands for DNSSEC Negative Trust Anchor. This applies to domains that are not signed or not correctly signed to "override" DNSSEC data, by disabling DNS validation for the specific domain. See RFC7646, which I quote:
NTAs are configured locally on a validating DNS recursive resolver
to shield end users from DNSSEC-related authoritative name server
operational errors. NTAs are intended to be temporary and only
implemented by the organization requiring an NTA (and not
distributed by any organizations outside of the administrative
boundary).
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f371759%2finterpreting-the-output-from-systemd-resolve-status%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
The systemd-resolve
documentation says:
The DNS servers contacted are determined from the global settings in
/etc/systemd/resolved.conf, the per-link static settings in
/etc/systemd/network/*.network files, the per-link dynamic settings
received over DHCP and any DNS server information made available by
other system services.
It think this explains your Global
flag.
DNSSEC NTA stands for DNSSEC Negative Trust Anchor. This applies to domains that are not signed or not correctly signed to "override" DNSSEC data, by disabling DNS validation for the specific domain. See RFC7646, which I quote:
NTAs are configured locally on a validating DNS recursive resolver
to shield end users from DNSSEC-related authoritative name server
operational errors. NTAs are intended to be temporary and only
implemented by the organization requiring an NTA (and not
distributed by any organizations outside of the administrative
boundary).
add a comment |
The systemd-resolve
documentation says:
The DNS servers contacted are determined from the global settings in
/etc/systemd/resolved.conf, the per-link static settings in
/etc/systemd/network/*.network files, the per-link dynamic settings
received over DHCP and any DNS server information made available by
other system services.
It think this explains your Global
flag.
DNSSEC NTA stands for DNSSEC Negative Trust Anchor. This applies to domains that are not signed or not correctly signed to "override" DNSSEC data, by disabling DNS validation for the specific domain. See RFC7646, which I quote:
NTAs are configured locally on a validating DNS recursive resolver
to shield end users from DNSSEC-related authoritative name server
operational errors. NTAs are intended to be temporary and only
implemented by the organization requiring an NTA (and not
distributed by any organizations outside of the administrative
boundary).
add a comment |
The systemd-resolve
documentation says:
The DNS servers contacted are determined from the global settings in
/etc/systemd/resolved.conf, the per-link static settings in
/etc/systemd/network/*.network files, the per-link dynamic settings
received over DHCP and any DNS server information made available by
other system services.
It think this explains your Global
flag.
DNSSEC NTA stands for DNSSEC Negative Trust Anchor. This applies to domains that are not signed or not correctly signed to "override" DNSSEC data, by disabling DNS validation for the specific domain. See RFC7646, which I quote:
NTAs are configured locally on a validating DNS recursive resolver
to shield end users from DNSSEC-related authoritative name server
operational errors. NTAs are intended to be temporary and only
implemented by the organization requiring an NTA (and not
distributed by any organizations outside of the administrative
boundary).
The systemd-resolve
documentation says:
The DNS servers contacted are determined from the global settings in
/etc/systemd/resolved.conf, the per-link static settings in
/etc/systemd/network/*.network files, the per-link dynamic settings
received over DHCP and any DNS server information made available by
other system services.
It think this explains your Global
flag.
DNSSEC NTA stands for DNSSEC Negative Trust Anchor. This applies to domains that are not signed or not correctly signed to "override" DNSSEC data, by disabling DNS validation for the specific domain. See RFC7646, which I quote:
NTAs are configured locally on a validating DNS recursive resolver
to shield end users from DNSSEC-related authoritative name server
operational errors. NTAs are intended to be temporary and only
implemented by the organization requiring an NTA (and not
distributed by any organizations outside of the administrative
boundary).
answered Jun 21 '17 at 21:31
Patrick MevzekPatrick Mevzek
2,17511022
2,17511022
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f371759%2finterpreting-the-output-from-systemd-resolve-status%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown