Archive for September, 2010

Don’t Try to Run, Honey

Thursday, September 23rd, 2010

Excuse me sir! Which way to the DNS?

We periodically get mails and feature requests for making NetworkManager play better with a local caching nameserver.  Why would you want to run one, you ask?  Simple: speed, latency, and split DNS.  Of these, the first two are the most important.  It turns out that DNS service on many ISPs just sucks.  Besides returning utterly useless yet supposedly “helpful” web pages for non-existent domains that you simply mistyped, they are often just glacially slow.  A huge shout out to Qwest in Portland making the Interwebs last year feel like getting all my fingernails gradually pulled off with a pair of red-hot pliers.  I can’t update my Facebooks and browse my collegehumor with lookups that take a second or two.  Especially on high latency connections like 3G or satellite running a local caching nameserver makes things considerably snappier.

dnsmasq makes it trivially easy.  You can do it with BIND too, but like everything involving BIND, it’s certainly not trivially easy.  We actually tried this about 3 or 4 years ago with NetworkManager 0.6 but it just wasn’t time yet and the implementation wasn’t that great.  Oh yeah, there’s also DNSSEC which various people want to deploy.

Here’s How It’s Gonna Be

Cue fully-integrated, seamless local caching nameserver support for NetworkManager 0.8.2.  If you have dnsmasq installed and set the “dns=dnsmasq” key in your /etc/NetworkManager/NetworkManager.conf file then you’re all set.  Distros can enable this by default, which we’ll be doing in Fedora 15 and later.  Now you’ll get a local caching nameserver that will also do split DNS when you’re connected to a VPN, so that queries for resources on the secure network go to the VPN nameservers, and everything else goes to your upstream ISP.  And the results get cached for speed.  This already works great with dnsmasq, but there are still a few issues with the BIND plugin that mean it’s not quite ready yet.

Plus, it’s a plugin-style architecture so it’s easy to create new plugins for services that might want to be aware of your network connection’s DNS servers for prefetching or whatever.  Or if djbdns floats your boat, make a plugin!  It’s pretty simple.

You’re a Fine Piece of Real-Estate

Which brings us to a 0.8.2 release.  In keeping with the goal of speeding up minor point releases we’re going to push out a 0.8.2 really, really soon.  We’ve spent a ton of time on polish and bug fixing and everyone should get a piece of the action.  Then, we’ll start concentrating more heavily on NM 0.9 and pushing the architecture forward while simplifying the API dramatically, all in preparation for an awesome GNOME 3.