You are not logged in.
- Topics: Active | Unanswered
#1 2018-06-12 12:07:02
- apex8
- Member
- Registered: 2014-03-29
- Posts: 60
domain name resolution with systemd-resolved
Hi,
I have a setup where my network is configured completely via systemd. However I wasn´t able to access windows clients via their domain name. So to enable this I installed samba and added wins to /etc/nsswitch.conf. My hosts line looked like this:
hosts: files mymachines resolve [!UNAVAIL=return] dns wins myhostnameHowever pinging windows clients via domain name still didn´t work. I tried to remove the part 'resolve [!UNAVAIL=return]' and then it worked, so systemd-resolved might be configured wrong.
My /etc/resolv.conf is now symlinked from /run/systemd/resolve/resolv.conf. I also disabled dhcpcd. My current hosts line in nsswitch.conf looks like this:
hosts: files mymachines resolve wins myhostnameI removed 'dns' as I read here that 'resolve' is intended to replace dns (However its still in the base config which is deliverd by arch) and I also removed the [!UNAVAIL=return] after resolve. With [!UNAVAIL=return] in place every ping to a NetBios name results in an 'Name or service not known'.
So everything at least seems to work now, but still I would like to know if this configuration is correct or if I forgot something that might lead to some bad surprises in the future.
Thanks and best regards
apex
Last edited by apex8 (2018-06-12 12:12:38)
Offline
#2 2018-06-12 16:04:19
- lo1
- Member
- Registered: 2017-09-25
- Posts: 584
Re: domain name resolution with systemd-resolved
man nss-resolve:
it is recommended to place "resolve" early in
/etc/nsswitch.conf's "hosts:" line (but after the "files" or "mymachines"
entries), right before the "dns" entry if it exists, followed by
"[!UNAVAIL=return]", to ensure DNS queries are always routed via systemd-
resolved(8) if it is running, but are routed to nss-dns if this service is not
available.Most likely that you were right and systemd-resolved is not configured properly? What's the output of `systemctl status systemd-resolved` and `cat /etc/systemd/resolved.conf`.
See also https://wiki.archlinux.org/index.php/Do … d-resolved
Offline
#3 2018-06-13 06:42:50
- apex8
- Member
- Registered: 2014-03-29
- Posts: 60
Re: domain name resolution with systemd-resolved
Thanks for your reply! Here's my output:
systemctl status systemd-resolved
● systemd-resolved.service - Network Name Resolution
Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2018-06-13 08:24:45 CEST; 8min ago
Docs: man:systemd-resolved.service(8)
https://www.freedesktop.org/wiki/Software/systemd/resolved
https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients
Main PID: 347 (systemd-resolve)
Status: "Processing requests..."
Tasks: 1 (limit: 4915)
Memory: 1.6M
CGroup: /system.slice/systemd-resolved.service
└─347 /usr/lib/systemd/systemd-resolved
Jun 13 08:24:45 avv-pc-10 systemd[1]: Starting Network Name Resolution...
Jun 13 08:24:45 avv-pc-10 systemd-resolved[347]: Positive Trust Anchors:
Jun 13 08:24:45 avv-pc-10 systemd-resolved[347]: . IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5
Jun 13 08:24:45 avv-pc-10 systemd-resolved[347]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d
Jun 13 08:24:45 avv-pc-10 systemd-resolved[347]: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa 168.192.in-addr.arpa d.f.ip6.arpa corp home internal intranet lan local private test
Jun 13 08:24:45 avv-pc-10 systemd-resolved[347]: Using system hostname 'avv-pc-10'.
Jun 13 08:24:45 avv-pc-10 systemd[1]: Started Network Name Resolution.I haven´t done any adjustments to /etc/systemd/resolved.conf, because using by dhcp (via systemd-networkd) a nameserver is found and network is working. Also I have found here that there may be cases when removing "[!UNAVAIL=return]" fixes issues. Unfortunately there are no reasons given.
cat /etc/systemd/resolved.conf
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See resolved.conf(5) for details
[Resolve]
#DNS=
#FallbackDNS=8.8.8.8 8.8.4.4 2001:4860:4860::8888 2001:4860:4860::8844
#Domains=
#LLMNR=yes
#MulticastDNS=yes
#DNSSEC=no
#Cache=yes
#DNSStubListener=udpsystemd-resolved --status
Global
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 2 (enp0s31f6)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: xxx.xxx.xxx.xx #correct dns server IPOffline