Why openresolv over the Debian implementation? Here’s some reasons:
- Works with POSIX shell and userland
- Does not need awk, grep or sed which means we can work without
- Works with other init systems than Debians’ out of the box
- Available as a 2 clause BSD license
- Prefer configurations via IF_METRIC for dynamic ordering
- Ability to Deprecate and Activate configurations by pattern
- Configures zones for local resolvers other than libc
- Mark configurations as private (so not in
The last two points are quite important, especially when running VPN systems. Take the following resolv.conf files which have been generated by a DHCP client and sent to resolvconf:
# resolv.conf from bge0 search foo.com nameserver 188.8.131.52 # resolv.conf from tap0 domain bar.org nameserver 184.108.40.206
In this instance, queries for foo.com will go to 220.127.116.11 and queries for bar.org will go to 18.104.22.168. If either have been marked as private then they will only be forwarded queries for their search or domain names. This does require the resolvers to be configured to pickup the resolvconf generated configuration for them though. openresolv ships with helpers for dnsmasq, ISC BIND, PowerDNS Recursor and unbound.
See the configuration section for more details.