From: jmc Date: Tue, 21 Feb 2023 07:47:24 +0000 (+0000) Subject: some nameserver proposal bits: X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=f5291493f82d538e1c1c2f0b06fed2a3c1439aaf;p=openbsd some nameserver proposal bits: unwind.8: point to resolvd(8) for autoconf sources unwind.conf.5: order preferred list by order of preference resolvd.8: reformat to read better route.8: no need to discuss unwind in the nameserver command umb.4 + sppp.4: note the sending of nameserver proposals the umb/sppp text is from claudio tobhe confirmed iked sending proposals when configured to do so much assistance and ok: florian claudio --- diff --git a/sbin/resolvd/resolvd.8 b/sbin/resolvd/resolvd.8 index 749ac817cf1..6c704be5df2 100644 --- a/sbin/resolvd/resolvd.8 +++ b/sbin/resolvd/resolvd.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: resolvd.8,v 1.11 2023/01/03 20:58:05 deraadt Exp $ +.\" $OpenBSD: resolvd.8,v 1.12 2023/02/21 07:47:24 jmc Exp $ .\" .\" Copyright (c) 2021 Florian Obser .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: January 3 2023 $ +.Dd $Mdocdate: February 21 2023 $ .Dt RESOLVD 8 .Os .Sh NAME @@ -36,12 +36,11 @@ re-appended. .Nm checks whether .Xr unwind 8 -is running, and if so places +is running and, if so, places a nameserver line at the top +to cause local resolution: .Pp .Dl nameserver 127.0.0.1 .Pp -at the top, to cause local resolution. -.Pp .Nm also monitors the routing socket for proposals learned by .Xr dhcpleased 8 , @@ -51,13 +50,12 @@ or network devices which natively learn DNS information such as .Xr sppp 4 or .Xr umb 4 . -Proposals can also be sent using the +Proposals can be sent manually using the .Xr route 8 .Cm nameserver command. -.Pp -These proposals are added in priority order, but commented out -if +The proposals are added in priority order, +but commented out if .Xr unwind 8 is running. .Pp diff --git a/sbin/route/route.8 b/sbin/route/route.8 index c396795617e..4015d2b7ef7 100644 --- a/sbin/route/route.8 +++ b/sbin/route/route.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: route.8,v 1.110 2023/02/14 00:41:02 kn Exp $ +.\" $OpenBSD: route.8,v 1.111 2023/02/21 07:47:24 jmc Exp $ .\" $NetBSD: route.8,v 1.6 1995/03/18 15:00:13 cgd Exp $ .\" .\" Copyright (c) 1983, 1991, 1993 @@ -30,7 +30,7 @@ .\" .\" @(#)route.8 8.3 (Berkeley) 3/19/94 .\" -.Dd $Mdocdate: February 14 2023 $ +.Dd $Mdocdate: February 21 2023 $ .Dt ROUTE 8 .Os .Sh NAME @@ -173,20 +173,12 @@ only changes in that routing table will be displayed. .Ar interface .Op Ar address ... .Xc -Broadcast a list of up to five nameserver address proposals. -.Pp -.Xr unwind 8 -will learn them and act according to -.Xr unwind.conf 5 . -.Pp -.Xr resolvd 8 -will replace all existing nameservers for the given interface in +Broadcast a list of up to five nameserver address proposals to +.Xr resolvd 8 , +which is used to update the list of namservers for the given interface in .Xr resolv.conf 5 . -.Pp -If no -.Ar address -argument is given, a request to remove the nameservers previously entered for -the given interface is sent. +If no address is given, +a request to remove the nameservers for the given interface is sent. .Pp .It Xo .Nm route diff --git a/sbin/unwind/unwind.8 b/sbin/unwind/unwind.8 index 2fb369c2261..2e8eeb41770 100644 --- a/sbin/unwind/unwind.8 +++ b/sbin/unwind/unwind.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: unwind.8,v 1.12 2023/01/03 20:58:05 deraadt Exp $ +.\" $OpenBSD: unwind.8,v 1.13 2023/02/21 07:47:24 jmc Exp $ .\" .\" Copyright (c) 2018 Florian Obser .\" Copyright (c) 2016 Kenneth R Westerback @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: January 3 2023 $ +.Dd $Mdocdate: February 21 2023 $ .Dt UNWIND 8 .Os .Sh NAME @@ -31,15 +31,16 @@ is a validating DNS resolver. It is intended to run on client machines like workstations or laptops and only listens on localhost. +.Pp .Nm -sends DNS queries to nameservers to answer queries and switches to resolvers -learned from -.Xr dhcpleased 8 -or -.Xr slaacd 8 -if it detects that DNS queries are blocked by the local network. +sends DNS queries to nameservers to answer queries. +If it detects that DNS queries are blocked by the local network, +it can switch to resolvers learned through autoconfiguration. It periodically probes if DNS is no longer blocked and switches back to querying nameservers itself. +A list of sources for proposals learned through autoconfiguration +is documented in +.Xr resolvd 8 . .Pp .Nm keeps the DNS answers in a cache shared by the different DNS name @@ -103,8 +104,6 @@ socket used for communication with .El .Sh SEE ALSO .Xr unwind.conf 5 , -.Xr dhcpleased 8 , -.Xr slaacd 8 , .Xr unbound 8 , .Xr unwindctl 8 .Sh STANDARDS diff --git a/sbin/unwind/unwind.conf.5 b/sbin/unwind/unwind.conf.5 index ae6ee220542..dd64e3e4dd2 100644 --- a/sbin/unwind/unwind.conf.5 +++ b/sbin/unwind/unwind.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: unwind.conf.5,v 1.32 2022/03/31 17:27:20 naddy Exp $ +.\" $OpenBSD: unwind.conf.5,v 1.33 2023/02/21 07:47:24 jmc Exp $ .\" .\" Copyright (c) 2018 Florian Obser .\" Copyright (c) 2005 Esben Norby @@ -18,7 +18,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: March 31 2022 $ +.Dd $Mdocdate: February 21 2023 $ .Dt UNWIND.CONF 5 .Os .Sh NAME @@ -90,40 +90,41 @@ A list of DNS name server types to specify the order in which name servers are picked when measured round-trip time medians are equal. Additionally, the first mentioned type gets a time bonus. Validating name servers are always picked over non-validating name servers. -DNS name server types are: -.Pp -.Bl -tag -width "oDoT-forwarder" -compact -.It Ic stub -Name servers learned via DHCP or SLAAC, queried using the libc functions. -See -.Xr asr_run 3 . -Will never validate. -Useful when running behind broken middle boxes that do not like edns0. -DNS answers from stub name servers are not cached. -.It Ic autoconf -Name servers learned via DHCP or SLAAC. -.It Ic oDoT-autoconf -Name servers learned via DHCP or SLAAC. -.Nm unwind -tries to opportunistically use DNS over TLS. +DNS name server types are, +in default order of preference: +.Bl -tag -width "oDoT-forwarder" .It Ic DoT DNS over TLS name servers configured in .Nm . -.It Ic forwarder -Name servers configured in -.Nm . .It Ic oDoT-forwarder Name servers configured in .Nm . .Nm unwind tries to opportunistically use DNS over TLS. +.It Ic forwarder +Name servers configured in +.Nm . .It Ic recursor .Nm unwind itself recursively resolves names. +.It Ic oDoT-autoconf +Name servers learned from autoconfiguration. +A list of sources for proposals learned through autoconfiguration +is documented in +.Xr resolvd 8 . +.Nm unwind +tries to opportunistically use DNS over TLS. +.It Ic autoconf +Name servers learned from autoconfiguration. +.It Ic stub +Name servers learned from autoconfiguration, +queried using the libc functions +(see +.Xr asr_run 3 ) . +Will never validate. +Useful when running behind broken middle boxes that do not like edns0. +DNS answers from stub name servers are not cached. .El -.Pp -The default preference is -.Ic DoT oDoT-forwarder forwarder recursor oDoT-autoconf autoconf stub . .It Ic force Oo Cm accept bogus Oc Ar type Brq Ar name ... Force resolving of .Ar name diff --git a/share/man/man4/sppp.4 b/share/man/man4/sppp.4 index 1f55986af79..295767a661c 100644 --- a/share/man/man4/sppp.4 +++ b/share/man/man4/sppp.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sppp.4,v 1.26 2021/11/10 15:04:26 bket Exp $ +.\" $OpenBSD: sppp.4,v 1.27 2023/02/21 07:47:24 jmc Exp $ .\" .\" Copyright (c) 1997 Joerg Wunsch .\" @@ -25,7 +25,7 @@ .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" .\" -.Dd $Mdocdate: November 10 2021 $ +.Dd $Mdocdate: February 21 2023 $ .Dt SPPP 4 .Os .Sh NAME @@ -135,6 +135,14 @@ You can of course something or other 0.0.0.1 and it will do exactly what you would want it to. .Pp +Once a connection is established, +the device will send out a nameserver proposal, +which +.Xr resolvd 8 +can act on. +If during IPCP negotiation no DNS server options were exchanged, +the nameserver proposal will be empty. +.Pp The PAP and CHAP authentication protocols, as described in RFCs 1334 and 1994, respectively, are also implemented. Their parameters are controlled by the diff --git a/share/man/man4/umb.4 b/share/man/man4/umb.4 index 82e779e0e32..04ff4a98f15 100644 --- a/share/man/man4/umb.4 +++ b/share/man/man4/umb.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: umb.4,v 1.15 2022/10/08 17:08:55 kevlo Exp $ +.\" $OpenBSD: umb.4,v 1.16 2023/02/21 07:47:24 jmc Exp $ .\" .\" Copyright (c) 2016 genua mbH .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: October 8 2022 $ +.Dd $Mdocdate: February 21 2023 $ .Dt UMB 4 .Os .Sh NAME @@ -31,6 +31,12 @@ MBIM devices establish connections via cellular networks such as GPRS, UMTS, and LTE. They appear as a regular point-to-point network interface, transporting raw IP frames. +Once a connection is established, +the device will automatically set an IP address +and send out a nameserver proposal, +which +.Xr resolvd 8 +can act on. .Pp Required configuration parameters like PIN and APN have to be set with