[systemd-devel] systemd-resolved service ignores UseDNS=false
Lennart Poettering
lennart at poettering.net
Wed Apr 8 08:39:46 PDT 2015
On Wed, 25.03.15 04:20, Mikhail Morfikov (mmorfikov at gmail.com) wrote:
> In the systemd-resolved manual we can read something like this:
>
> The DNS servers contacted are determined from the global settings in
> resolved.conf(5), the per-link static settings in .network files, and
> the per-link dynamic settings received over DHCP.
>
> 1. Let's say that I have set all the three settings, which one will be
> applied?
Per-interface DHCP acquired DNS servers take precedence over manually
configured per-interface DHCP servers.
Global settings are used only if no per-interface DNS server settings
are known.
> 2. If I set the global settings via the /etc/systemd/resolved.conf file,
> for instance:
>
> [Resolve]
> DNS=127.0.2.1
> FallbackDNS=208.67.222.222 208.67.220.220
>
> will this local resolver be used all the time, even when dhcp
> server sends an ip address of other resolver in the network to
> the client?
No. It is only used if no per-interface DNS servers are known. They
always take precedence.
In this case FallbackDNS= is without effect, since it is only used if no
other DNS servers is configured. In fact FallbackDNS= only makes sense
if you leave DNS= empty in which case it is read from
/etc/resolv.conf instead. In that case FallbackDNS= is used when
/etc/resolv.conf is missing or contains no entries.
> So UseDNS is set to false, and I thought the system will be using
> the local resolver, but it sometimes uses the local settings and
> sometimes not -- it depends on restarting the systemd-resolved
> service, for example:
You need to set UseDNS= to false and DNS= to the empty list in the
interface file.
Use "networkctl status -a" to check which per-interface DNS servers
are being used.
> # ls -al /etc/resolv.conf
> lrwxrwxrwx 1 root root 32 2015-02-27 23:52:39 /etc/resolv.conf -> /run/systemd/resolve/resolv.conf
>
> # cat /etc/resolv.conf
> nameserver 127.0.2.1
> nameserver 192.168.1.1
> search mhouse.lh
>
> # systemctl restart systemd-resolved.service
> # cat /etc/resolv.conf
> nameserver 192.168.1.1
> nameserver 127.0.2.1
> search mhouse.lh
>
> (I've cut the comments for readability)
Ah, this is actually a bug. The order wasn't stable. I fixed that now:
http://cgit.freedesktop.org/systemd/systemd/commit/?id=822db23cfa98a9fbc48f41e11caafb6f1017e052
> 3. Shouldn't there be just one resolver in the /etc/resolv.conf
> file?
We write the global servers out first, followed by the per-interface ones.
> 4. How to force the system to use the one particular resolver no matter
> what? I know I could probably do that by creating a static file instead
> of a link (and maybe chattr +i if necessary), but I want to do this
> using the systemd native tools if that is possible of course.
Turn off UseDNS= for all interfaces and set DNS= for them to the empty string.
> 5. Is the /etc/resolv.conf file necessary when using systemd?
Nope. Not if you list "resolve" instead of "dns" in your nsswitch.conf.
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list