You are not logged in.

#1 2022-09-12 13:17:47

freebench
Member
Registered: 2020-06-14
Posts: 33

DNS doesn't resolve CNAME

hey, can anyone advice on DNS problem.

Generally it works good, except one case - CNAME. It couldn't resolve some addresses, for instance - abc.mysite.com
so I re-created /etc/resolv.conf and put some conf for NetworkManager, then it's started to resolve CNAME for some time but then jammed again

Restarting of some services fixes it temporarily
Details - http://ix.io/4ai3

My biggest guess is some dns configuration was done wrong, including dnsmasq

Thanks in advance

Offline

#2 2022-09-12 14:58:51

-thc
Member
Registered: 2017-03-15
Posts: 485

Re: DNS doesn't resolve CNAME

What do you want to use for DNS management?

NetworkManager with dnsmasq as cache or NetworkManager with systemd-resolved as cache or NetworkManager alone or ...

Offline

#3 2022-09-12 15:25:28

freebench
Member
Registered: 2020-06-14
Posts: 33

Re: DNS doesn't resolve CNAME

got your point
removed dnsmasq, will monitor how it'll go

Offline

#4 2022-09-13 12:11:42

freebench
Member
Registered: 2020-06-14
Posts: 33

Re: DNS doesn't resolve CNAME

Didn't help.
Tried to make NM + dnsmasq(disable systemd-resolved) - didn't work as well, rolled back to systemd-resolved

Let me add some details to this
A vpn(tun) changes the route table, so the address I'm trying to resolve is inside some network(if I got it right...).

The odd thing that
dig @1.1.1.1 cname.abc.omg.com
works fine
but ping can't resolve

For now added to /etc/hosts manually
Any ideas ?

Offline

#5 2022-09-13 12:44:04

Lone_Wolf
Member
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 11,868

Re: DNS doesn't resolve CNAME

$ drill cname.abc.omg.com
;; ->>HEADER<<- opcode: QUERY, rcode: NXDOMAIN, id: 9796
;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 
;; QUESTION SECTION:
;; cname.abc.omg.com.   IN      A

;; ANSWER SECTION:

;; AUTHORITY SECTION:
omg.com.        3374    IN      SOA     hidden-master.yahoo.com. hostmaster.yahoo-inc.com. 2022010601 28800 7200 604800 86400

;; ADDITIONAL SECTION:

;; Query time: 2 msec
;; SERVER: fd00::2e91:abff:fe46:fcdc
;; WHEN: Tue Sep 13 14:42:05 2022
;; MSG SIZE  rcvd: 112
$ ping -c 5 cname.abc.omg.com
ping: cname.abc.omg.com: Name or service not known
$ ping -c 5 abc.omg.com
ping: abc.omg.com: Name or service not known
$ ping -c 5 omg.com
PING omg.com (74.6.136.150) 56(84) bytes of data.
64 bytes from w2.src.vip.bf1.yahoo.com (74.6.136.150): icmp_seq=1 ttl=46 time=173 ms
64 bytes from w2.src.vip.bf1.yahoo.com (74.6.136.150): icmp_seq=2 ttl=46 time=170 ms
64 bytes from w2.src.vip.bf1.yahoo.com (74.6.136.150): icmp_seq=3 ttl=46 time=170 ms
64 bytes from w2.src.vip.bf1.yahoo.com (74.6.136.150): icmp_seq=4 ttl=46 time=171 ms
64 bytes from w2.src.vip.bf1.yahoo.com (74.6.136.150): icmp_seq=5 ttl=46 time=169 ms

--- omg.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4005ms
rtt min/avg/max/mdev = 169.417/170.592/173.006/1.356 ms
$ 

Look like this is not a dns issue, but the other side only supports ping responses for the TLD .


Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.


(A works at time B)  && (time C > time B ) ≠  (A works at time C)

Offline

#6 2022-09-13 13:32:15

freebench
Member
Registered: 2020-06-14
Posts: 33

Re: DNS doesn't resolve CNAME

Lone_Wolf wrote:

cname.abc.omg.com

This is a bogus sample address only.

Another odd thing, that some times it could've resolved it, but most of the time nope. After all the DNS changes I've done - now it can't

Offline

#7 2022-09-13 14:27:15

-thc
Member
Registered: 2017-03-15
Posts: 485

Re: DNS doesn't resolve CNAME

freebench wrote:

Didn't help.
Tried to make NM + dnsmasq(disable systemd-resolved) - didn't work as well, rolled back to systemd-resolved

At the same time you have configured this:

$ cat /etc/NetworkManager/conf.d/dns.conf
[main]
dns=none
main.systemd-resolved=false

Which means you have ordered NetworkManager to leave /etc/resolv.conf and systemd-resolved alone.
Your /etc/resolv.conf looks manual. What is the purpose of systemd-resolved in your setup? 

freebench wrote:

A vpn(tun) changes the route table, so the address I'm trying to resolve is inside some network(if I got it right...).

Is there a difference if the VPN is turned off?

freebench wrote:

The odd thing that
dig @1.1.1.1 cname.abc.omg.com
works fine
but ping can't resolve

That is not odd at all. "ping" cannot ask 1.1.1.1 directly.

Offline

#8 2022-09-13 20:32:27

freebench
Member
Registered: 2020-06-14
Posts: 33

Re: DNS doesn't resolve CNAME

-thc wrote:

At the same time you have configured this:

$ cat /etc/NetworkManager/conf.d/dns.conf
[main]
dns=none
main.systemd-resolved=false

Nope, each time changed as per manual

-thc wrote:

Your /etc/resolv.conf looks manual. What is the purpose of systemd-resolved in your setup?

Now, done as per manual for NM + systemd-resolved

-thc wrote:

Is there a difference if the VPN is turned off?

yes
$ip route
returns more records when turned on

-thc wrote:

That is not odd at all. "ping" cannot ask 1.1.1.1 directly.

yep, the general idea is that the address in question can be resolved at all

Last edited by freebench (2022-09-13 20:32:41)

Offline

Board footer

Powered by FluxBB