resolv.conf: remove rotate comments, attempt to explain the logic behind timeout & attempts

2024-11-25 12:49:26 +01:00 · 2024-04-23 16:23:36 +03:00 · 2024-04-23 16:23:36 +03:00 · 95e17d0a49
commit 95e17d0a49
parent 425af3eabf
1 changed files with 6 additions and 4 deletions
--- a/etc/resolv.conf
+++ b/etc/resolv.conf
@ -6,21 +6,23 @@
 # https://github.com/systemd/systemd/issues/10579 & https://github.com/systemd/systemd/issues/9867
 # Solution that I dislike: use both unbound & systemd-resolved! When one
 # breaks, maybe the other still works! Funnily /etc/resolv.conf is still
-# restricted to three nameservers.
+# restricted to three nameservers. However this may cause slowness unless
+# the options timeout is specified and I increase attempts to further prefer
+# unbound (which is listed twice).

-# unbound
+# unbound or other local resolver
 nameserver ::1
 nameserver 127.0.0.1

 # systemd-resolved. WARNING: May cause DNS leaks.
 nameserver 127.0.0.53
+# also systemd-resolved, but this is limited to three entries (others ignored)
+#nameserver 127.0.0.54

-# rotate = randomly use all
 # edns0 = extended DNS
 # trust-ad = trust DNSSEC authenticated data
 # timeout:1 = nameserver timeout 1 s (default 5, max 30), then next
 # attempts:5 = try the nameserver 5 times, then next (default 2, max 5)
-#options rotate edns0 trust-ad
 options edns0 trust-ad timeout:1 attempts:5

 # no sending local domain to upstream whenever NXDOMAIN happens