Arch Linux

Dominik

Member

Registered: 2021-12-21

Posts: 25

[Solved] NordVPN with systemd-resvoled? Some apps no intnet

I recently had a bunch of issues with NordVPN (after it previously worked fine). I found out my `systemd-resolved` service was not running/enabled. I enabled and started it, now I have NordVPN + internet working, but some applications do not work. Like Discord + YouTube Music. Do I need to add some properties to the resolvd manually?

I have the NordVPN Daemon running and enabled.

Any help here would be great.

Last edited by Dominik (2025-08-16 10:41:39)

seth

Member

From: Won't reply 2 private help req

Registered: 2012-09-03

Posts: 75,177

Re: [Solved] NordVPN with systemd-resvoled? Some apps no intnet

resolvectl status
stat /etc/resolv.conf
cat /etc/resolv.conf

---

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Dominik

Member

Registered: 2021-12-21

Posts: 25

Re: [Solved] NordVPN with systemd-resvoled? Some apps no intnet

❯ resolvectl status
Global
           Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
    resolv.conf mode: foreign
  Current DNS Server: 192.168.1.1
         DNS Servers: 192.168.1.1
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 9.9.9.9#dns.quad9.net 8.8.8.8#dns.google
                      2606:4700:4700::1111#cloudflare-dns.com 2620:fe::9#dns.quad9.net
                      2001:4860:4860::8888#dns.google
          DNS Domain: lan

Link 2 (enp6s0)
    Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4 mDNS/IPv6
         Protocols: +DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.1.1
       DNS Servers: 192.168.1.1 2603:9000:f600:5e40::1
        DNS Domain: lan
     Default Route: yes

Link 3 (wlan0)
    Current Scopes: none
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
     Default Route: no

Link 5 (docker0)
    Current Scopes: none
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
     Default Route: no

Link 6 (nordlynx)
    Current Scopes: DNS
         Protocols: +DefaultRoute +LLMNR +mDNS -DNSOverTLS
                    DNSSEC=allow-downgrade/supported
[

❯ stat /etc/resolv.conf
  File: /etc/resolv.conf
  Size: 64        	Blocks: 8          IO Block: 4096   regular file
Device: 0,28	Inode: 7172787     Links: 1
Access: (0644/-rw-r--r--)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2025-04-28 11:40:42.049528306 -0400
Modify: 2025-04-28 11:40:42.049528306 -0400
Change: 2025-04-28 11:40:42.059096991 -0400
 Birth: 2025-04-28 11:40:42.049528306 -0400

❯ cat /etc/resolv.conf
# Generated by NetworkManager
search lan
nameserver 192.168.1.1

Last edited by Dominik (2025-08-10 23:58:34)

seth

Member

From: Won't reply 2 private help req

Registered: 2012-09-03

Posts: 75,177

Re: [Solved] NordVPN with systemd-resvoled? Some apps no intnet

Please use [code][/code] tags, the bbs predates markdown by your age.

That's w/o nordvpn, though?
Either way, probably make resolv.conf a symlink to /run/systemd/resolve/stub-resolv.conf - see https://wiki.archlinux.org/title/Systemd-resolved#DNS for details

---

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Dominik

Member

Registered: 2021-12-21

Posts: 25

Re: [Solved] NordVPN with systemd-resvoled? Some apps no intnet

That output is with NordVPN on.

And I tried running :
ln -sf ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
as recommended, but I don't have permissions. I think it's because I have systemd-resolved running.

❯ systemctl status systemd-resolved
● systemd-resolved.service - Network Name Resolution
     Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service; enabled; preset: >
     Active: active (running) since Sun 2025-08-10 16:20:18 EDT; 3h 40min ago
 Invocation: c29233dce4df458396858f4be56ef30a
       Docs: man:systemd-resolved.service(8)
             man:org.freedesktop.resolve1(5)
             https://systemd.io/WRITING_NETWORK_CONFIGURATION_MANAGERS
             https://systemd.io/WRITING_RESOLVER_CLIENTS
   Main PID: 796 (systemd-resolve)
     Status: "Processing requests..."
      Tasks: 1 (limit: 153415)
     Memory: 5.2M (peak: 7.8M)
        CPU: 417ms
     CGroup: /system.slice/systemd-resolved.service
             └─796 /usr/lib/systemd/systemd-resolved

Aug 10 19:56:27 archdom systemd-resolved[796]: Closing all remaining TCP connections.
Aug 10 19:56:27 archdom systemd-resolved[796]: Resetting learnt feature levels on all se>
Aug 10 19:56:27 archdom systemd-resolved[796]: enp6s0: Bus client reset search domain li>
Aug 10 19:56:27 archdom systemd-resolved[796]: enp6s0: Bus client set default route sett>
Aug 10 19:56:27 archdom systemd-resolved[796]: enp6s0: Bus client reset DNS server list.
Aug 10 19:56:37 archdom systemd-resolved[796]: enp6s0: Bus client set search domain list>
Aug 10 19:56:37 archdom systemd-resolved[796]: enp6s0: Bus client set default route sett>
Aug 10 19:56:37 archdom systemd-resolved[796]: enp6s0: Bus client set DNS server list to>
Aug 10 19:56:37 archdom systemd-resolved[796]: enp6s0: Bus client set DNS server list to>
Aug 10 19:56:42 archdom systemd-resolved[796]: Clock change detected. Flushing caches.

I thought have Systemd resolved which be what manages and fixed this for me. Should I be looking at something else?

seth

Member

From: Won't reply 2 private help req

Registered: 2012-09-03

Posts: 75,177

Re: [Solved] NordVPN with systemd-resvoled? Some apps no intnet

I think it's because I have systemd-resolved running.

No, it's because those files belong to the root.

it would be a very good idea to stop NM and resolved beforehand and restart them afterwards, though.

But the nordlynx device uses the default resolver which is your gateway ("router") everywhere anyway… so it doesn't even seem overly plausible that enabling resolved has changed anything itfp.

ip a; dig google.com

Does your IP from
https://www.whatismyip.com/
belong
https://www.heise.de/netze/tools/whois/
to NordVPN?

Are the concerned clients flatpak or docker installations?

---

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Dominik

Member

Registered: 2021-12-21

Posts: 25

Re: [Solved] NordVPN with systemd-resvoled? Some apps no intnet

Yeah I did try with Sudo

❯ sudo ln -sf ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
ln: failed to create symbolic link '/etc/resolv.conf': Operation not permitted

To answer your questions. Yes, my IP address with NordVPN on is the same at those 2 IP Address weblinks.

❯ ip a; dig google.com
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: enp6s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group 57841 qlen 1000
    link/ether 04:7c:16:70:91:52 brd ff:ff:ff:ff:ff:ff
    altname enx047c16709152
    inet 192.168.1.148/24 brd 192.168.1.255 scope global dynamic noprefixroute enp6s0
       valid_lft 41668sec preferred_lft 41668sec
3: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group 57841 qlen 1000
    link/ether e6:3d:95:8f:9e:73 brd ff:ff:ff:ff:ff:ff permaddr f0:a6:54:f3:3f:91
5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 4e:a5:53:14:0e:9f brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
6: nordlynx: <POINTOPOINT,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none
    inet 10.5.0.2/32 scope global nordlynx
       valid_lft forever preferred_lft forever
;; communications error to 192.168.1.1#53: timed out
;; communications error to 192.168.1.1#53: timed out
;; communications error to 192.168.1.1#53: timed out

; <<>> DiG 9.20.10 <<>> google.com
;; global options: +cmd
;; no servers could be reached

Discord is installed through Snap.
Youtube music through AUR:

❯ yay -Qi youtubemusic
Name            : youtubemusic
Version         : 1.0.10-1
Description     : Youtube Music is a unofficial client to play your music.
Architecture    : x86_64
URL             : https://gitlab.com/linuxbombay/youtube-music
Licenses        : GPL
Groups          : None
Provides        : None
Depends On      : libelectron  nss  gtk3  libxss  git  playerctl
Optional Deps   : None
Required By     : None
Optional For    : None
Conflicts With  : None
Replaces        : None
Installed Size  : 252.18 KiB
Packager        : Unknown Packager
Build Date      : Mon 20 Jan 2025 09:44:19 PM EST
Install Date    : Mon 20 Jan 2025 10:29:36 PM EST
Install Reason  : Explicitly installed
Install Script  : No
Validated By    : None

Dominik

Member

Registered: 2021-12-21

Posts: 25

Re: [Solved] NordVPN with systemd-resvoled? Some apps no intnet

Even after stopping the services I cannot create that symbolic link. both systemd-resolved + nordvpnd.service.

seth

Member

From: Won't reply 2 private help req

Registered: 2012-09-03

Posts: 75,177

Re: [Solved] NordVPN with systemd-resvoled? Some apps no intnet

sudo touch /etc/resolv.conf
findmnt -T /etc/resolv.conf
getfattr /etc/resolv.conf

dig tries to use 192.168.1.1#53 (dns server on your router, which is in line w/ your /etc/resolv.conf) and fails because (likely) the nordvpn LAN segment is 10.5.0.0/32 - resolved probably then falls back to cloudflare (1.1.1.1)

I strongly suspect the inability to manipulate /etc/resolv.conf is the root of your problems.

---

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Dominik

Member

Registered: 2021-12-21

Posts: 25

Re: [Solved] NordVPN with systemd-resvoled? Some apps no intnet

Any place I should start looking through?
Any advice would be great.

seth

Member

From: Won't reply 2 private help req

Registered: 2012-09-03

Posts: 75,177

Re: [Solved] NordVPN with systemd-resvoled? Some apps no intnet

Start w/ the output of the three commands in #9 - the only way root cannot do whatever root wants is if the file is on a r/o mount or flagged immutable.

---

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Dominik

Member

Registered: 2021-12-21

Posts: 25

Re: [Solved] NordVPN with systemd-resvoled? Some apps no intnet

Yeah looks like I fixed my issue. The /etc/resolv.conf was marked immutable for some reason.
So I did

sudo chattr -i /etc/resolv.conf
cd /etc
sudo ln -sf ../run/systemd/resolve/stub-resolv.conf resolv.conf

And that seemed to have fixed me up.

seth

Member

From: Won't reply 2 private help req

Registered: 2012-09-03

Posts: 75,177

Re: [Solved] NordVPN with systemd-resvoled? Some apps no intnet

\o/
Please always remember to mark resolved threads by editing your initial posts subject - so others will know that there's no task left, but maybe a solution to find.
Thanks.

---

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc