You are not logged in.

#1 2019-10-27 18:35:49

dviktor
Member
From: Moscow
Registered: 2015-10-18
Posts: 162

Strange issues with systemd-resolved and dnsmasq

I'm experiencing weird issues with systemd-resolved and dnsmasq. My working PC is behind self-made router with dnsmasq installed and working as DHCP and DNS server. Here is the config:

interface=wlan0

listen-address=192.168.88.1
bind-interfaces

cache-size=1000

no-resolv
server=8.8.8.8
server=8.8.4.4
server=2001:4860:4860::8888
server=2001:4860:4860::8844

dhcp-range=192.168.88.10,192.168.88.255,255.255.255.0,24h

I connect via wireless interface (IPv4 only) and successfully get IP from 192.168.88.0/24 subnet. I see that the only nameserver is 192.168.88.1 in my resolv.conf on working PC and pinging IPv4 sites works great. However, if I comment out IPv6 Google's DNS servers completely from dnsmasq config then I get looooong waiting time (sometimes up to 15 seconds) before first successful ping occurs on working PC. Other apps often fail to work with timeout reason. BUT if I start systemd-resolved.service on my working PC manually then this lag disappears. I don't know how it's related because I have NetworkManager installed on PC. Requesting status of systemd-resolved says to me that service is disabled.

This is really weird at least because of two reasons. First, I don't have global IPv6 address on my working PC and don't try to resolve IPv6 DNS names. Second, be what magical way systemd-resolved can resolve this issue?

Offline

#2 2019-10-27 20:43:56

seth
Member
Registered: 2012-09-03
Posts: 49,987

Re: Strange issues with systemd-resolved and dnsmasq

Try "::", you could use eg. wireshark to see whether the client performs AAAA requests w/o resolved (I'm gonna say "yes") and not w/ resolved (not sure, this could just be because resolved acts a local DNS cache)

Online

#3 2019-10-28 20:57:35

dviktor
Member
From: Moscow
Registered: 2015-10-18
Posts: 162

Re: Strange issues with systemd-resolved and dnsmasq

seth wrote:

Try "::", you could use eg. wireshark to see whether the client performs AAAA requests w/o resolved (I'm gonna say "yes") and not w/ resolved (not sure, this could just be because resolved acts a local DNS cache)

You say use "::". Where?

Offline

#4 2019-10-28 21:00:35

seth
Member
Registered: 2012-09-03
Posts: 49,987

Re: Strange issues with systemd-resolved and dnsmasq

As IPv6 server in the dnsmasq config (:: is the null address)

Online

#5 2019-10-28 21:40:42

progandy
Member
Registered: 2012-05-17
Posts: 5,184

Re: Strange issues with systemd-resolved and dnsmasq

You could also try to make dnsmasq not ask for any AAAA records upstream:

address=/#/::

Edit: Maybe you'll also have set the server like this?

server=/#/8.8.8.8

https://discourse.pi-hole.net/t/solved- … in/13143/8

Last edited by progandy (2019-10-28 21:42:25)


| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |

Offline

#6 2019-10-29 19:45:50

dviktor
Member
From: Moscow
Registered: 2015-10-18
Posts: 162

Re: Strange issues with systemd-resolved and dnsmasq

@seth, @progandy
all suggested variants doesn't solve the problem. long delay is observed while trying to ping something =\

Offline

#7 2019-10-29 21:52:33

seth
Member
Registered: 2012-09-03
Posts: 49,987

Re: Strange issues with systemd-resolved and dnsmasq

You could https://wiki.archlinux.org/index.php/IPv6#Disable_IPv6 on the client (but that's oc. no fix)

As for the resolved condition: afaiu NetworkManager now defaults to resolved (that doesn't mean that the service is enabled, but the daemon should be running, yesno?) and in any event you want to sniff the outgoing DNS requests (not those answered by the localhost, that's resolved) on whether they contain AAAA records and what other differences there might be. (But you might really just benefit from the local global DNS cache)

Online

#8 2019-10-30 14:29:44

dviktor
Member
From: Moscow
Registered: 2015-10-18
Posts: 162

Re: Strange issues with systemd-resolved and dnsmasq

I don't want to disable IPv6 completely - who knows, may be tomorrow I will change my ISP or buy broker tunnel...
Regarding systemd-resolved. On my working PC I see that service is loaded but inactive and ps output says nothing:

[viktor@desolve-nettop ~]$ systemctl status systemd-resolved.service
● systemd-resolved.service - Network Name Resolution
   Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:systemd-resolved.service(8)
           https://www.freedesktop.org/wiki/Software/systemd/resolved
           https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
           https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients
[viktor@desolve-nettop ~]$ ps aux | grep resolv
viktor      6811  0.0  0.0   6304  2336 pts/0    S+   17:26   0:00 grep --color=auto resolv

DNS on 192.168.88.1 is already caching server (dnsmasq) so I want to get benifits of lookup speedup. I'll try to experiment with wireshark though and see what happens in different scenarios

Offline

#9 2019-10-30 16:00:05

hussam
Member
Registered: 2006-03-26
Posts: 572
Website

Re: Strange issues with systemd-resolved and dnsmasq

I was getting large delays till I disabled dnssec (DNSSEC=false in resolved.conf).

Offline

Board footer

Powered by FluxBB