[systemd-devel] systemd-resolved auto configure DNS server changed?
Ed Greshko
ed.greshko at greshko.com
Fri Feb 19 08:29:14 UTC 2021
First a little background. I'm using a Fedora 33 system in a qemu VM. I was doing some research
on a question which arose on a Fedora mailing list regarding changes to FallbackDNS. I don't know
if this change was universal or Fedora only. But a recent update changed the default to have no
FallbackDNS servers defined.
In doing my research I used the default install of Fedora 33 which is running systemd-246.6-3.fc33.
I did not supply a DNS server in the static IP settings and I purposely created a broken
/etc/systemd/resolved.conf file with the bad entry of
DNS=192.168.1.142,192.168.1.1
DNS resolution works and I fully expected that one of the defined FallbackDNS servers would be used.
However, resolvectl shows
Global
LLMNR setting: resolve
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Fallback DNS Servers: 1.1.1.1
8.8.8.8
1.0.0.1
8.8.4.4
2606:4700:4700::1111
2001:4860:4860::8888
2606:4700:4700::1001
2001:4860:4860::8844
DNS Domain: greshko.com
Link 2 (enp1s0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
DefaultRoute setting: yes
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Current DNS Server: fe80::5054:ff:fe9a:e849%32767
DNS Servers: fe80::5054:ff:fe9a:e849%22096
DNS Domain: ~.
The IPv6 address of fe80::5054:ff:fe9a:e849 is that of the Virtual Bridge and wireshark does confirm
DNS requests are being sent to that address' port 53 where dnsmasq is running.
I have no idea how systemd-resolved discovered this server? Why wasn't a Fallback Server
selected used?
Then, continuing my research I upgraded systemd to systemd-246.10-1.fc33. In that version
there are no FallbackDNS servers defined by default.
Owing to previous behavior I was expecting DNS resolution to still work. (Not that I really wanted it to)
But it didn't.
[egreshko at f33T ~]$ host cnn.com
Host cnn.com not found: 2(SERVFAIL)
and
[egreshko at f33T ~]$ resolvectl
Global
Protocols: LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
DNS Domain: greshko.com
Link 2 (enp1s0)
Current Scopes: LLMNR/IPv4 LLMNR/IPv6
Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
So, now my question, why wasn't the dnsmasq server found/configured as had been the case?
An intentional change or unintentional change?
More information about the systemd-devel
mailing list