OpenBSD Journal

iked(8) gains client-side support for DNS configuration

Contributed by rueda on from the iked naming things dept.

With the following commit, Tobias Heider (tobhe@) added client-side support for DNS configuration to iked(8):

CVSROOT:	/cvs
Module name:	src
Changes by:	tobhe@cvs.openbsd.org	2021/09/01 09:30:07

Modified files:
	sbin/iked      : config.c iked.c iked.h ikev2.c ikev2_msg.c 
	                 ikev2_pld.c policy.c types.h vroute.c 

Log message:
Add client side support for DNS configuration. Use RTM_PROPOSAL_STATIC
route messages to propose the name server to resolvd(8).
For now, iked will only propose a single name server from the first
established connection.

Automatic name server configuration is enabled by default for policies using
the 'iface' option.

discussed with deraadt@
ok for the DNS parts florian@
ok for the rest patrick@

(Comments are closed)


Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]