Arch Linux

ought

Member

Registered: 2016-06-04

Posts: 39

[Solved] Cannot set up systemd-resolved with NetworkManager

I'm trying to make the systemd-resolved work with networkmanager. From what it seems, the resolved daemon starts, but rejects the attempts to get the domain name:

dig google.com                                   
;; communications error to 127.0.0.53#53: timed out

Right now I am able to use internet only when I put networkmanager into main.dns=none mode and fill resolv.conf manually.

`resolvectl` log:

Global
           Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
    resolv.conf mode: stub
  Current DNS Server: 8.8.8.8
         DNS Servers: 8.8.8.8 192.168.50.1
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 9.9.9.9#dns.quad9.net 8.8.8.8#dns.google
                      2606:4700:4700::1111#cloudflare-dns.com 2620:fe::9#dns.quad9.net
                      2001:4860:4860::8888#dns.google

Link 2 (enp5s0)
    Current Scopes: LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4 mDNS/IPv6
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 3 (wg0)
    Current Scopes: DNS
         Protocols: +DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 10.2.21.2
       DNS Servers: 10.2.21.2 172.16.32.252
        DNS Domain: ~.

Link 5 (br-0555915d899e)
    Current Scopes: none
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 6 (docker0)
    Current Scopes: none
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 7 (br-c25843427f9a)
    Current Scopes: none
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported

`journalctl` entries:

июн 13 12:36:47 oughtlinuxdesktop systemd[1]: Starting Network Name Resolution...
июн 13 12:36:47 oughtlinuxdesktop systemd-resolved[732]: Positive Trust Anchors:
июн 13 12:36:47 oughtlinuxdesktop systemd-resolved[732]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d
июн 13 12:36:47 oughtlinuxdesktop systemd-resolved[732]: Negative trust anchors: home.arpa 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa 168.192.in-addr.arpa d.f.ip6.arpa corp home internal intranet lan local private test
июн 13 12:36:47 oughtlinuxdesktop systemd-resolved[732]: Using system hostname 'oughtlinuxdesktop'.
июн 13 12:36:47 oughtlinuxdesktop systemd[1]: Started Network Name Resolution.
июн 13 12:36:50 oughtlinuxdesktop systemd-resolved[732]: enp5s0: Bus client set default route setting: no
июн 13 12:36:55 oughtlinuxdesktop systemd-resolved[732]: wg0: Bus client set DNS server list to: 10.2.21.2, 172.16.32.252
июн 13 12:36:55 oughtlinuxdesktop systemd-resolved[732]: wg0: Bus client set search domain list to: ~.
июн 13 12:37:08 oughtlinuxdesktop systemd-resolved[732]: Using degraded feature set UDP instead of UDP+EDNS0 for DNS server 10.2.21.2.
июн 13 12:37:13 oughtlinuxdesktop systemd-resolved[732]: Using degraded feature set UDP instead of UDP+EDNS0 for DNS server 172.16.32.252.
июн 13 12:37:18 oughtlinuxdesktop systemd-resolved[732]: Using degraded feature set TCP instead of UDP for DNS server 10.2.21.2.
июн 13 12:37:28 oughtlinuxdesktop systemd-resolved[732]: Using degraded feature set TCP instead of UDP for DNS server 172.16.32.252.
июн 13 12:37:49 oughtlinuxdesktop systemd-resolved[732]: Using degraded feature set UDP instead of TCP for DNS server 172.16.32.252.
июн 13 12:38:04 oughtlinuxdesktop systemd-resolved[732]: Using degraded feature set TCP instead of UDP for DNS server 172.16.32.252.
июн 13 12:38:15 oughtlinuxdesktop systemd-resolved[732]: Using degraded feature set UDP instead of TCP for DNS server 10.2.21.2.
июн 13 12:38:30 oughtlinuxdesktop systemd-resolved[732]: Using degraded feature set TCP instead of UDP for DNS server 10.2.21.2.
июн 13 12:38:40 oughtlinuxdesktop systemd-resolved[732]: Using degraded feature set UDP instead of TCP for DNS server 172.16.32.252.
июн 13 12:38:56 oughtlinuxdesktop systemd-resolved[732]: Using degraded feature set TCP instead of UDP for DNS server 172.16.32.252.
июн 13 12:39:06 oughtlinuxdesktop systemd-resolved[732]: Using degraded feature set UDP instead of TCP for DNS server 10.2.21.2.

My configuration files are here (with stripped comments for brevity).
`/etc/resolv.conf` (symlinked to `/run/systemd/resolve/stub-resolv.conf`):

nameserver 127.0.0.53
options edns0 trust-ad
search .

`/etc/NetworkManager/NetworkManager.conf`:

[main]
dns=systemd-resolved
systemd-resolved=true

`/etc/systemd/resolved.conf.d/dns_servers.conf` (the only configuration file for resolved I have):

[Resolve]
DNS=8.8.8.8 192.168.50.1

Last edited by ought (2023-06-14 06:11:22)

seth

Member

From: Won't reply 2 private help req

Registered: 2012-09-03

Posts: 76,234

Re: [Solved] Cannot set up systemd-resolved with NetworkManager

ping 127.0.0.53
nmap -p53 127.0.0.53
ip a; ip r

and try w/o wireguard & docker first to see whether there'es interference from that side.

---

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

ought

Member

Registered: 2016-06-04

Posts: 39

Re: [Solved] Cannot set up systemd-resolved with NetworkManager

I don't really understand what happened, but the problem solved itself.
After I made this post, I tried to work with dnsmasq instead - with varying degree of success. After reading your message I uninstalled wireguard and docker, uninstalled dnsmasq, turned systemd-resolved on again, and set up the networkmanager in the same way it was in the beginning. And it just started working.
Maybe the problem lied in docker or wireguard, or maybe I just tweaked some configuration while working with dnsmasq in a way that was beneficial to solving the problem - I don't know.

I need Docker for my work, so I'm gonna try to experiment with it for a bit - that's why I'm not marking the thread as [Solved], because the problem may still be present. When I'll confirm that all is OK, I'll set this mark. Thank you! =-)

UPD. Docker works too, thanks!

Last edited by ought (2023-06-14 06:11:06)