<!DOCTYPE html>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<p> </p>
<div class="moz-text-html" lang="x-unicode">
<p>Hi, I hope it’s OK to ask a question here (the About section
said as much).</p>
<p>I’m receiving messages in the journal that I have difficulty
interpreting. It appears to repeatedly switch from TCP to UDP
and back, claiming that both are a “degraded feature set”…</p>
<p>Here is a sample journal output:<br>
<font face="monospace">~$ journalctl --unit
systemd-resolved.service -r | head -n 60<br>
May 02 10:29:56 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:29:56 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:29:46 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:29:46 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:29:46 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:29:46 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:29:46 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:29:46 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:27:50 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:27:50 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:27:33 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:27:33 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:27:19 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:27:19 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:27:16 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:27:16 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:26:53 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:26:53 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:26:39 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:26:39 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:26:38 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:26:38 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:26:36 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:26:36 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:25:25 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:25:25 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:25:24 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:25:24 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:25:24 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:25:24 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:25:24 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:25:24 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:25:23 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:25:23 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:25:23 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:25:23 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:25:23 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:25:23 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:25:23 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:25:23 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:25:22 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:25:22 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:24:55 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:24:55 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:24:51 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:24:51 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:24:51 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:24:51 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:24:48 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:24:48 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:24:48 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:24:35 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of UDP+EDNS0 for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:24:35 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of UDP+EDNS0 for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:23:54 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:23:54 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:23:54 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:23:54 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:23:54 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.1.1.1#cloudflare-dns.com.<br>
May 02 10:22:56 nailbox systemd-resolved[95890]: Using
degraded feature set TCP instead of UDP for DNS server
1.0.0.1#cloudflare-dns.com.<br>
May 02 10:22:56 nailbox systemd-resolved[95890]: Using
degraded feature set UDP instead of TCP for DNS server
1.0.0.1#cloudflare-dns.com.</font></p>
<p>Do you know if this is intended behavior? What am I supposed to
make of this?</p>
<p>Here is my <font face="monospace">/etc/systemd/resolved.conf</font>:<br>
<font face="monospace">[Resolve]<br>
DNS=1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com
2606:4700:4700::1111#cloudflare-dns.com
2606:4700:4700::1001#cloudflare-dns.com<br>
<br>
<br>
LLMNR=true<br>
DNSSEC=false<br>
DNSOverTLS=false</font><br>
</p>
<p>Here is the output of <font face="monospace">resolvectl status</font>
(with the local DNS redacted):<br>
<font face="monospace">Global<br>
Protocols: +LLMNR +mDNS -DNSOverTLS
DNSSEC=no/unsupported<br>
resolv.conf mode: stub<br>
Current DNS Server: 1.1.1.1#cloudflare-dns.com<br>
DNS Servers: 1.1.1.1#cloudflare-dns.com
1.0.0.1#cloudflare-dns.com
2606:4700:4700::1111#cloudflare-dns.com
2606:4700:4700::1001#cloudflare-dns.com<br>
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com
8.8.8.8#dns.google 1.0.0.1#cloudflare-dns.com
8.8.4.4#dns.google 2606:4700:4700::1111#cloudflare-dns.com
2001:4860:4860::8888#dns.google<br>
2606:4700:4700::1001#cloudflare-dns.com
2001:4860:4860::8844#dns.google<br>
<br>
Link 2 (docker0)<br>
Current Scopes: none<br>
Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS
DNSSEC=no/unsupported<br>
<br>
Link 3 (wlp4s0)<br>
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4
mDNS/IPv6<br>
Protocols: +DefaultRoute +LLMNR +mDNS -DNSOverTLS
DNSSEC=no/unsupported<br>
Current DNS Server: </font><font face="monospace">███████████████</font><br>
<font face="monospace"> DNS Servers: ███████████████<br>
DNS Domain: intern</font><br>
</p>
<p>I’m using NixOS (24.05.20240425.7bb2ccd (Uakari)) and running
systemd 255.4. Here is the output of <font face="monospace">systemctl
--version</font>:<br>
<font face="monospace">systemd 255 (255.4)<br>
+PAM +AUDIT -SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT
-GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN
+IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 +PWQUALITY +P11KIT
+QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK
-XKBCOMMON +UTMP -SYSVINIT default-hierarchy=unified</font></p>
<p>Normally I have an Autocrypt header with PGP information but I
just set up this system and haven’t configured GPG/Thunderbird
with that yet.<br>
Sincerely, Anselm Schüler (<a moz-do-not-send="true"
href="mailto:mail@anselmschueler.com">email</a>, <a
moz-do-not-send="true" href="https://anselmschueler.com/">website</a>)<br>
</p>
</div>
</body>
</html>