Redes

Fedora habilita ahora el servicio systemd-resolved de manera predeterminada

Con la mejora, habilitando el servicio systemd-resolved por defecto, la Librería GNU C (glibc) llevará a cabo la resolución de nombre usando el módulo nss-resolve en lugar del módulo nss-dns. Los cambios notables incluyen:

  • systemd-resolved provides a system-level DNS cache that can substantially improve performance for applications that do not cache their own DNS results;

  • systemd-resolved allows correct handling of split DNS scenarios such as when VPNs are in use;

  • /etc/resolv.conf will now be managed by systemd-resolved rather than by NetworkManager;

  • /etc/resolv.conf will no longer be read when performing name resolution using glibc; however, it is still provided for compatibility with applications that manually read this file to perform name resolution;

  • Writing to /etc/resolv.conf will no longer work as expected.

NSS dbm support removal

Applications that use the Network Security Services (NSS) library often use a database for storing keys, certificates and trust. NSS supports two different storage formats:

  • SQLite

  • The dbm file format

Nowadays, NSS uses the SQLite file format by default and provides a transparent migration mechanism from dbm to SQLite.

The dbm file format has been deprecated since Fedora 28 due to various drawbacks, and from Fedora 33 dbm will not be supported.

This support removal will slightly reduce the size of the NSS library binary and the developers will be able to focus on the sole file format.