You are not logged in.
- Topics: Active | Unanswered
#1 2025-09-19 20:28:25
- justm3
- Member
- Registered: 2019-11-12
- Posts: 51
systemd 258-2 no internet connection
Upgraded today (pacman -Syu)
With systemd 258-2 I have no internet connection but I can ping the lan.
Using systemd-networkd and systemd-resolved (stub).
Downgrading systemd, systemd-libs, systemd-resolvconf, systemd-sysvcompat to 257.9-1 corrects the issue.
Could not find anything reported here other than a necrobump related one.
Is it known? Should it be reported upstream?
Offline
#2 2025-09-19 21:53:47
- spatz
- Member
- Registered: 2013-01-08
- Posts: 4
Re: systemd 258-2 no internet connection
I believe the problem is that DNSSEC was enabled by default by the maintainers, which also broke my machine.
Setting DNSSEC=no in /etc/systemd/resolved.conf and then restarting systemd-resolved.service fixed the issue for me.
Offline
#3 2025-09-20 05:00:04
- justm3
- Member
- Registered: 2019-11-12
- Posts: 51
Re: systemd 258-2 no internet connection
I chose to downgrade because I had already tried it. It is a temporary fix which I had implemented after issuing resolvectl status.
Interestingly it reports
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=allow-downgrade/supported
As opposed to DNSSEC=no which returns
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
And then there is the /usr/share/doc/systemd/NEWS which is very confusing and in my reading suggests the use of "allow-downgrade"
Not to mention the wiki warning in systemd-resolved where it specifically states that dnssec is disabled by default.
Bottom line,
It does not look like a bug to me. A glitch is more likely.
I hope that some of the "heavy artillery" will have eyes on it.
Otherwise a huge amount of people will go blind. It is already all over the internet.
Offline
#4 2025-09-20 07:43:05
- nl6720
- The Evil Wiki Admin
- Registered: 2016-07-02
- Posts: 707
Re: systemd 258-2 no internet connection
The upstream behaviour didn't change, but Arch's systemd package changed the build-time default: https://gitlab.archlinux.org/archlinux/ … fcf50ec98a & https://gitlab.archlinux.org/archlinux/ … 54c6587e8c.
justm3 wrote:
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=allow-downgrade/supported
"supported" means that the DNS server supports DNSSEC, so it should work. Check the journal and see if there are any related messages.
justm3 wrote:
Not to mention the wiki warning in systemd-resolved where it specifically states that dnssec is disabled by default.
That's because no one has updated the wiki page. These things don't magically happen by themselves.
Offline
#5 2025-09-20 09:47:24
- justm3
- Member
- Registered: 2019-11-12
- Posts: 51
Re: systemd 258-2 no internet connection
nl6720 wrote:
That's because no one has updated the wiki page. These things don't magically happen by themselves.
I am aware of that.
I guess we can agree that for the vast majority of users the warning stands at the time of writing my comment.
Back to the issue.
My .network file points to a local unbound server. No changes were made.
And the router also points to the unbound server.
[Network]
Address=192.168.2.151/24
Gateway=192.168.2.1
DNS=192.168.2.180
/etc/resolv.conf is a stub mode
And it does not work after the upgrade.
So what stands for the moment, in my case, is either declare DNSSEC=no or downgrade as stated before.
If any journals are required, I will be happy to provide.
Offline
#6 2025-09-20 10:00:29
- nl6720
- The Evil Wiki Admin
- Registered: 2016-07-02
- Posts: 707
Re: systemd 258-2 no internet connection
Post the output of:
# journalctl -u systemd-resolved.service -bOffline
#7 2025-09-20 10:19:49
- justm3
- Member
- Registered: 2019-11-12
- Posts: 51
Re: systemd 258-2 no internet connection
Sorry to keep you waiting but had to export it to a file and toggle DNSSEC back and forth.
sudo journalctl -u systemd-resolved.service -b
Sep 20 13:10:06 int-hypr systemd[1]: Starting Network Name Resolution...
Sep 20 13:10:06 int-hypr systemd-resolved[329]: Positive Trust Anchors:
Sep 20 13:10:06 int-hypr systemd-resolved[329]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d
Sep 20 13:10:06 int-hypr systemd-resolved[329]: . IN DS 38696 8 2 683d2d0acb8c9b712a1948b27f741219298d0a450d612c483af444a4c0fb2b16
Sep 20 13:10:06 int-hypr systemd-resolved[329]: Negative trust anchors: home.arpa 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa 170.0.0.192.in-addr.arpa 171.0.0.192.in-addr.arpa 168.192.in-addr.arpa d.f.ip6.arpa ipv4only.arpa resolver.arpa corp home internal intranet lan local private test
Sep 20 13:10:06 int-hypr systemd-resolved[329]: Using system hostname 'int-hypr'.
Sep 20 13:10:06 int-hypr systemd[1]: Started Network Name Resolution.
Sep 20 13:10:13 int-hypr systemd-resolved[329]: DNSSEC validation failed for question com IN DS: no-signature
Sep 20 13:10:13 int-hypr systemd-resolved[329]: DNSSEC validation failed for question osbeck.com IN DS: no-signature
Sep 20 13:10:13 int-hypr systemd-resolved[329]: DNSSEC validation failed for question mirror.osbeck.com IN A: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question nu IN DS: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question nu IN DNSKEY: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question braindrainlan.nu IN DS: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question mirror.braindrainlan.nu IN DS: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question mirror.braindrainlan.nu IN A: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question se IN DS: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question se IN DNSKEY: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question accum.se IN DS: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question accum.se IN DNSKEY: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question mirror.accum.se IN A: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question se IN DS: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question se IN DNSKEY: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question myrveln.se IN DS: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question ftp.myrveln.se IN A: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question net IN DS: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question bahnhof.net IN DS: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question mirror.bahnhof.net IN DS: no-signature
Sep 20 13:10:14 int-hypr systemd-resolved[329]: DNSSEC validation failed for question mirror.bahnhof.net IN A: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question se IN DS: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question se IN DNSKEY: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question liu.se IN DS: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question lysator.liu.se IN DS: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question ftp.lysator.liu.se IN DS: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question ftp.lysator.liu.se IN A: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question net IN DS: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question infania.net IN DS: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question ftpmirror.infania.net IN DS: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question ftpmirror.infania.net IN A: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question se IN DS: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question se IN DNSKEY: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question ltu.se IN DS: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question ludd.ltu.se IN DS: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question ftp.ludd.ltu.se IN A: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:10:15 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:10:16 int-hypr systemd-resolved[329]: DNSSEC validation failed for question org IN DS: no-signature
Sep 20 13:10:16 int-hypr systemd-resolved[329]: DNSSEC validation failed for question org IN DNSKEY: no-signature
Sep 20 13:10:16 int-hypr systemd-resolved[329]: DNSSEC validation failed for question archlinux.org IN DS: no-signature
Sep 20 13:10:16 int-hypr systemd-resolved[329]: DNSSEC validation failed for question aur.archlinux.org IN DS: no-signature
Sep 20 13:10:16 int-hypr systemd-resolved[329]: DNSSEC validation failed for question aur.archlinux.org IN A: no-signature
Sep 20 13:10:17 int-hypr systemd-resolved[329]: DNSSEC validation failed for question org IN DS: no-signature
Sep 20 13:10:17 int-hypr systemd-resolved[329]: DNSSEC validation failed for question org IN DNSKEY: no-signature
Sep 20 13:10:17 int-hypr systemd-resolved[329]: DNSSEC validation failed for question archlinux.org IN DS: no-signature
Sep 20 13:10:17 int-hypr systemd-resolved[329]: DNSSEC validation failed for question www.archlinux.org IN DS: no-signature
Sep 20 13:10:17 int-hypr systemd-resolved[329]: DNSSEC validation failed for question www.archlinux.org IN A: no-signature
Sep 20 13:10:17 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:10:17 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:10:17 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:10:17 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:10:19 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:10:19 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:10:19 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:10:19 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:10:21 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:10:21 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:10:21 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:10:21 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:10:24 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:10:24 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:10:24 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:10:24 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:10:28 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:10:28 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:10:28 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:10:28 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:10:32 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:10:32 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:10:32 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:10:32 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:10:36 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:10:36 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:10:36 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:10:36 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:10:40 int-hypr systemd-resolved[329]: Clock change detected. Flushing caches.
Sep 20 13:10:41 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:10:41 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:10:41 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:10:41 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:10:46 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:10:46 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:10:46 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:10:46 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:10:52 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:10:52 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:10:52 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:10:52 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:10:59 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:10:59 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:10:59 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:10:59 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:11:06 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:11:06 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:11:06 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:11:06 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:11:13 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:11:13 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:11:13 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:11:13 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:11:21 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:11:21 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:11:21 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:11:21 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:11:30 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:11:30 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:11:30 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:11:30 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:11:39 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:11:39 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:11:39 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:11:39 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signature
Sep 20 13:11:48 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DS: no-signature
Sep 20 13:11:48 int-hypr systemd-resolved[329]: DNSSEC validation failed for question in IN DNSKEY: no-signature
Sep 20 13:11:48 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN DS: no-signature
Sep 20 13:11:48 int-hypr systemd-resolved[329]: DNSSEC validation failed for question wttr.in IN A: no-signatureOffline
#8 2025-09-20 10:33:21
- nl6720
- The Evil Wiki Admin
- Registered: 2016-07-02
- Posts: 707
Re: systemd 258-2 no internet connection
Unless your unbound is misconfigured in some way (e.g. DNSSEC validation is disabled), then it's likely an issue in systemd-resolved.
There's a recently created https://github.com/systemd/systemd/issues/39041 which may be a duplicate of https://github.com/systemd/systemd/issues/38401 that look similar to your issue. Or you can look through https://github.com/systemd/systemd/issu … e%20DNSSEC and find one that you like better. 
Offline
#9 2025-09-20 11:33:37
- justm3
- Member
- Registered: 2019-11-12
- Posts: 51
Re: systemd 258-2 no internet connection
The unbound server is running for a very long time without any issues.
I sincerely thank you for looking into this matter. And yes I will read the links you provided.
Be well.
Offline
#10 2025-09-21 05:40:36
- nl6720
- The Evil Wiki Admin
- Registered: 2016-07-02
- Posts: 707
Re: systemd 258-2 no internet connection
For reference: archlinux/packaging/packages/systemd#57.
Offline