nixos/avahi-daemon: resolve mdns only over enabled protocols, disable ipv6 by default
see https://github.com/lathiat/nss-mdns#:~:text=in%20such%20a%20situation%20causes%20long%20timeouts%20when%20resolving%20hosts especially: > libnss_mdns.so.2 resolves both IPv6 and IPv4 addresses, libnss_mdns4.so.2 only IPv4 addresses and > libnss_mdns6.so.2 only IPv6 addresses. Due to the fact that most mDNS responders only register local IPv4 > addresses via mDNS, most people will want to use libnss_mdns4.so.2 exclusively. Using libnss_mdns.so.2 > or libnss_mdns6.so.2 in such a situation causes long timeouts when resolving hosts since most modern > Unix/Linux applications check for IPv6 addresses first, followed by a lookup for IPv4.
This commit is contained in:
parent
3bc050455c
commit
bba808dbfa
|
@ -30,6 +30,9 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||||
- `mkosi` was updated to v19. Parts of the user interface have changed. Consult the
|
- `mkosi` was updated to v19. Parts of the user interface have changed. Consult the
|
||||||
[release notes](https://github.com/systemd/mkosi/releases/tag/v19) for a list of changes.
|
[release notes](https://github.com/systemd/mkosi/releases/tag/v19) for a list of changes.
|
||||||
|
|
||||||
|
- `services.avahi.nssmdns` got split into `services.avahi.nssmdns4` and `services.avahi.nssmdns6` which enable the mDNS NSS switch for IPv4 and IPv6 respectively.
|
||||||
|
Since most mDNS responders only register IPv4 addresses, most users want to keep the IPv6 support disabled to avoid long timeouts.
|
||||||
|
|
||||||
## Other Notable Changes {#sec-release-24.05-notable-changes}
|
## Other Notable Changes {#sec-release-24.05-notable-changes}
|
||||||
|
|
||||||
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
|
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
|
||||||
|
|
|
@ -42,6 +42,7 @@ in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
(lib.mkRenamedOptionModule [ "services" "avahi" "interfaces" ] [ "services" "avahi" "allowInterfaces" ])
|
(lib.mkRenamedOptionModule [ "services" "avahi" "interfaces" ] [ "services" "avahi" "allowInterfaces" ])
|
||||||
|
(lib.mkRenamedOptionModule [ "services" "avahi" "nssmdns" ] [ "services" "avahi" "nssmdns4" ])
|
||||||
];
|
];
|
||||||
|
|
||||||
options.services.avahi = {
|
options.services.avahi = {
|
||||||
|
@ -93,7 +94,7 @@ in
|
||||||
|
|
||||||
ipv6 = mkOption {
|
ipv6 = mkOption {
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
default = config.networking.enableIPv6;
|
default = false;
|
||||||
defaultText = literalExpression "config.networking.enableIPv6";
|
defaultText = literalExpression "config.networking.enableIPv6";
|
||||||
description = lib.mdDoc "Whether to use IPv6.";
|
description = lib.mdDoc "Whether to use IPv6.";
|
||||||
};
|
};
|
||||||
|
@ -218,16 +219,31 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
nssmdns = mkOption {
|
nssmdns4 = mkOption {
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
default = false;
|
default = false;
|
||||||
description = lib.mdDoc ''
|
description = lib.mdDoc ''
|
||||||
Whether to enable the mDNS NSS (Name Service Switch) plug-in.
|
Whether to enable the mDNS NSS (Name Service Switch) plug-in for IPv4.
|
||||||
Enabling it allows applications to resolve names in the `.local`
|
Enabling it allows applications to resolve names in the `.local`
|
||||||
domain by transparently querying the Avahi daemon.
|
domain by transparently querying the Avahi daemon.
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
nssmdns6 = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = false;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Whether to enable the mDNS NSS (Name Service Switch) plug-in for IPv6.
|
||||||
|
Enabling it allows applications to resolve names in the `.local`
|
||||||
|
domain by transparently querying the Avahi daemon.
|
||||||
|
|
||||||
|
::: {.note}
|
||||||
|
Due to the fact that most mDNS responders only register local IPv4 addresses,
|
||||||
|
most user want to leave this option disabled to avoid long timeouts when applications first resolve the none existing IPv6 address.
|
||||||
|
:::
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
cacheEntriesMax = mkOption {
|
cacheEntriesMax = mkOption {
|
||||||
type = types.nullOr types.int;
|
type = types.nullOr types.int;
|
||||||
default = null;
|
default = null;
|
||||||
|
@ -257,8 +273,17 @@ in
|
||||||
users.groups.avahi = { };
|
users.groups.avahi = { };
|
||||||
|
|
||||||
system.nssModules = optional cfg.nssmdns pkgs.nssmdns;
|
system.nssModules = optional cfg.nssmdns pkgs.nssmdns;
|
||||||
system.nssDatabases.hosts = optionals cfg.nssmdns (mkMerge [
|
system.nssDatabases.hosts = let
|
||||||
(mkBefore [ "mdns_minimal [NOTFOUND=return]" ]) # before resolve
|
mdnsMinimal = if (cfg.nssmdns4 && cfg.nssmdns6) then
|
||||||
|
"mdns_minimal"
|
||||||
|
else if (!cfg.nssmdns4 && cfg.nssmdns6) then
|
||||||
|
"mdns6_minimal"
|
||||||
|
else if (cfg.nssmdns4 && !cfg.nssmdns6) then
|
||||||
|
"mdns4_minimal"
|
||||||
|
else
|
||||||
|
"";
|
||||||
|
in optionals (cfg.nssmdns4 || cfg.nssmdns6) (mkMerge [
|
||||||
|
(mkBefore [ "${mdnsMinimal} [NOTFOUND=return]" ]) # before resolve
|
||||||
(mkAfter [ "mdns" ]) # after dns
|
(mkAfter [ "mdns" ]) # after dns
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user