[systemd-devel] spurious failures of resolved
Kevin P. Fleming
kevin at km6g.us
Thu Sep 24 12:07:12 UTC 2020
In your network configuration for the faulty link you can just set
"UseDNS=no" in the 'DHCPv4' section and then resolved will not even
try to use those resolvers.
On Thu, Sep 24, 2020 at 7:45 AM Roman Odaisky <roma at qwertty.com> wrote:
>
> Hi,
>
> I have the following resolved configuration:
>
> [Resolve]
> DNS=8.8.8.8 8.8.4.4
> Domains=~.
>
> and the following resolvectl output:
>
> Link 76 (usb0)
> Current Scopes: DNS
> DefaultRoute setting: yes
> LLMNR setting: yes
> MulticastDNS setting: no
> DNSOverTLS setting: no
> DNSSEC setting: no
> DNSSEC supported: no
> Current DNS Server: 192.168.42.129
> DNS Servers: 192.168.42.129
> DNS Domain: ~.
>
> Link 2 (wlp59s0)
> Current Scopes: DNS
> DefaultRoute setting: yes
> LLMNR setting: yes
> MulticastDNS setting: no
> DNSOverTLS setting: no
> DNSSEC setting: no
> DNSSEC supported: no
> Current DNS Server: <an IP address>
> DNS Servers: <an IP address>
> <an IP address>
> DNS Domain: ~.
>
> The default route is via usb0. The wlp59s0 link is faulty (that’s why I’ve
> resorted to USB tethering). The DNS servers provided by DHCP for that link use
> public IP addresses yet decline to provide services for clients outside that
> ISP, with responses like this:
>
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18189
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> ;; WARNING: recursion requested but not available
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 2800
> ;; QUESTION SECTION:
> ;freedesktop.org. IN A
>
> (note it’s not an NXDOMAIN)
>
> The second IP address is more honest and sets status: REFUSED.
>
> This situation results in the following behavior: if I query some domain, it
> always fails for the first time then works afterwards.
>
> $ resolvectl query google.com.uy
> google.com.uy: resolve call failed: 'google.com.uy' does not have any RR of
> the requested type
>
> $ resolvectl query google.com.uy
> google.com.uy: 172.217.169.163 -- link: usb0
>
> -- Information acquired via protocol DNS in 5.8ms.
> -- Data is authenticated: no
>
> Did I misconfigure something? Did I misread resolved.conf(5) which states “Use
> the construct "~." to use the system DNS server defined with DNS= preferably
> for all domains”? Is there a bug?
>
> --
> TIA
> Roman.
>
>
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/systemd-devel
More information about the systemd-devel
mailing list