类型:【转载】
原文作者:【 Lex R 】
日期:【Sep 5 ’18 at 22:53】
原文地址:https://serverfault.com/questions/859038/what-does-the-systemd-resolved-service-do-and-does-it-need-to-listen-on-all-inte

 

systemd-resolved is needed by systemd. Unless you’re installing an alternative DNS resolver, you should keep it.

It’s important to note that it is actually listening for UDP packets on 127.0.0.53:53 to do DNS resolution for you:

# netstat -npa | grep systemd-resolve
tcp        0      0 0.0.0.0:5355            0.0.0.0:*               LISTEN      205/systemd-resolve
tcp6       0      0 :::5355                 :::*                    LISTEN      205/systemd-resolve
udp        0      0 127.0.0.53:53           0.0.0.0:*                           205/systemd-resolve
udp        0      0 0.0.0.0:5355            0.0.0.0:*                           205/systemd-resolve
udp6       0      0 :::5355                 :::*                                205/systemd-resolve

The port 5355 sockets are to implement Link-Local Multicast Name Resolution (LLMNR) which is a feature only useful in LANs.

To disable it, edit /etc/systemd/resolved.conf and change the line

#LLMNR=yes

to

LLMNR=no

and then restart the service with service systemd-resolved restart and check again:

# netstat -npa | grep systemd-resolve
udp        0      0 127.0.0.53:53           0.0.0.0:*

发表评论