[systemd-devel] resolved and dnssec
contact at xogium.me
Wed May 15 08:28:52 UTC 2019
I have the following setup:
* home made router that I configured all on my own including
compilation, running dnsmasq to provide everything from dhcp to slaac
* said dnsmasq has no dnssec support. It is neither compiled in the
binary nor set up in the dnsmasq.conf file.
* systemd-resolved runs on my laptop connected to the router, and
believes dnssec to be supported while it is not supported at all,
leading to random and very annoying dnssec failures.
* if I disable resolved and create a manual /etc/resolved.conf, I have
no such problems, which would tend to show that resolved wrongly thinks
dnssec is supported.
The only workaround I've found is to intentionally add 'DNSSEC=false' to
my .network files and also on new installation because timesyncd will
silently fail syncing time with the dnssec failures. How can I debug
this further ?
More information about the systemd-devel