In addition to devising an algorithm for dnsmasq to detect all and only NNNs, the implementation of which will no doubt take a while, we should consider implementing a quick fix too, along the lines suggested by Sergio in #19. NM could be changed to do the following.
"If the nameserver address list to be fed to dnsmasq contains one or more local addresses followed by one or more non-local addresses then run dnsmasq with the --strict-order option."
I must confess that I am not sure what exactly should fall under "local addresses" here. In IPv4 I presume that these would be the familiar ranges 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, but what about IPv6? Nevertheless, I think we can safely proceed with this fix without being sure that we have exactly the right definition of local address since dnsmasq works no worse than libc in strict-order mode.
In addition to devising an algorithm for dnsmasq to detect all and only NNNs, the implementation of which will no doubt take a while, we should consider implementing a quick fix too, along the lines suggested by Sergio in #19. NM could be changed to do the following.
"If the nameserver address list to be fed to dnsmasq contains one or more local addresses followed by one or more non-local addresses then run dnsmasq with the --strict-order option."
I must confess that I am not sure what exactly should fall under "local addresses" here. In IPv4 I presume that these would be the familiar ranges 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, but what about IPv6? Nevertheless, I think we can safely proceed with this fix without being sure that we have exactly the right definition of local address since dnsmasq works no worse than libc in strict-order mode.