You are not logged in.

Pages: 1

#1 Yesterday 16:26:13

wolfsilver00
Member
Registered: 2024-02-25
Posts: 9

resolv not asking my local DNS, unless I restart the service

Hello, I'm having an issue with DNS resolution with AdGuard as my DNS and some rewrite rules.
Ive set up my DNS correctly (as some rules work, some times) and in my debian server there is no issue at all.
This is my resolv.conf:

cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.1.100
nameserver fd6e:d8e5:114c::1

For example, with a rewrite www.example.magi to 192.168.1.200, if I try to go to www.example.magi on my web browser, I do not get the resolution and I can see on my AdGuard logs that no request got to the DNS provider. If I then do:

resolvectl query www.example.magi

There is no resolution. Even weirder, if I dig instead, it works. And I can see in my adguard that the request was server and rewritten.

The only solution I found was to restart the service with:

systemctl restart systemd-resolved.service

Which works.. For a while. Maybe half an hour later it stops working, both on the browser and with querying resolvectl. Dig keeps working as usual.  Could anyone help me out in debugging this?

networkctl status:

● Interfaces: 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13
       State: routable                                      
Online state: partial                                       
     Address: 192.168.1.150 on enp6s0
              172.18.0.1 on br-845cc8a82242
              172.30.32.1 on hassio
              172.19.0.1 on br-d041ea4073ce
              172.31.0.1 on br-f3c1825155fc
              172.17.0.1 on docker0
              fd6e:d8e5:114c::107 on enp6s0
              fd6e:d8e5:114c:0:642:1aff:fe03:9197 on enp6s0
              fd6e:d8e5:114c:0:a56d:5b00:22e0:3b4f on enp6s0
              fe80::bb90:a560:db76:b0a7 on enp6s0
              fe80::4c45:42ff:fe59:1324 on br-845cc8a82242
              fe80::9851:6eff:fec5:a25d on br-d041ea4073ce
              fe80::a82c:b7ff:fe9d:3bf6 on br-f3c1825155fc
              fe80::fcce:4ff:fe64:fff4 on veth19fb61c
              fe80::a412:83ff:fe11:795a on vethb01b5d7
              fe80::7035:42ff:fec7:2bc0 on veth2dfa08c
              fe80::841e:f5ff:fef9:7ed8 on vethf8bc554
              fe80::4c5d:7dff:fe90:7d5f on vethf165ca9
     Gateway: 192.168.1.1 on enp6s0
         DNS: 192.168.1.100
              1.1.1.1
              fd6e:d8e5:114c::1

Feb 02 09:55:42 MAGI-Assistant systemd-networkd[803]: vethf8bc554: Gained carrier
Feb 02 09:55:42 MAGI-Assistant systemd-networkd[803]: vethf165ca9: Gained carrier
Feb 02 09:55:43 MAGI-Assistant systemd-networkd[803]: br-d041ea4073ce: Gained IPv6LL
Feb 02 09:55:43 MAGI-Assistant systemd-networkd[803]: veth19fb61c: Gained IPv6LL
Feb 02 09:55:43 MAGI-Assistant systemd-networkd[803]: br-f3c1825155fc: Gained IPv6LL
Feb 02 09:55:43 MAGI-Assistant systemd-networkd[803]: br-845cc8a82242: Gained IPv6LL
Feb 02 09:55:43 MAGI-Assistant systemd-networkd[803]: vethb01b5d7: Gained IPv6LL
Feb 02 09:55:44 MAGI-Assistant systemd-networkd[803]: veth2dfa08c: Gained IPv6LL
Feb 02 09:55:44 MAGI-Assistant systemd-networkd[803]: vethf8bc554: Gained IPv6LL
Feb 02 09:55:44 MAGI-Assistant systemd-networkd[803]: vethf165ca9: Gained IPv6LL

and resolvectl status:

Global
           Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
    resolv.conf mode: foreign
  Current DNS Server: fd6e:d8e5:114c::1
         DNS Servers: 192.168.1.100 fd6e:d8e5:114c::1
Fallback DNS Servers: 9.9.9.9#dns.quad9.net 2620:fe::9#dns.quad9.net 1.1.1.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 8.8.8.8#dns.google 2001:4860:4860::8888#dns.google

Link 2 (enp6s0)
    Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4 mDNS/IPv6
         Protocols: +DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 1.1.1.1
       DNS Servers: 192.168.1.100 1.1.1.1 fd6e:d8e5:114c::1
     Default Route: yes

Link 3 (wlan0)
    Current Scopes: none
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
     Default Route: no

Link 4 (br-845cc8a82242)
    Current Scopes: LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4 mDNS/IPv6
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
     Default Route: no

Link 5 (hassio)
    Current Scopes: none
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
     Default Route: no

Link 6 (br-d041ea4073ce)
    Current Scopes: LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4 mDNS/IPv6
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
     Default Route: no

Link 7 (br-f3c1825155fc)
    Current Scopes: LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4 mDNS/IPv6
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
     Default Route: no

Link 8 (docker0)
    Current Scopes: none
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
     Default Route: no

Link 9 (veth19fb61c)
    Current Scopes: LLMNR/IPv6 mDNS/IPv6
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
     Default Route: no

Link 10 (vethb01b5d7)
    Current Scopes: LLMNR/IPv6 mDNS/IPv6
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
     Default Route: no

Link 11 (veth2dfa08c)
    Current Scopes: LLMNR/IPv6 mDNS/IPv6
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
     Default Route: no

Link 12 (vethf8bc554)
    Current Scopes: LLMNR/IPv6 mDNS/IPv6
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
     Default Route: no

Link 13 (vethf165ca9)
    Current Scopes: LLMNR/IPv6 mDNS/IPv6

/etc/systemd/resolved.conf:

[Resolve]
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google:     8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9:      9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
#
# Using DNS= configures global DNS servers and does not suppress link-specific
# configuration. Parallel requests will be sent to per-link DNS servers
# configured automatically by systemd-networkd.service(8), NetworkManager(8), or
# similar management services, or configured manually via resolvectl(1). See
# resolved.conf(5) and systemd-resolved(8) for more details.
#DNS=
#FallbackDNS=9.9.9.9#dns.quad9.net 2620:fe::9#dns.quad9.net 1.1.1.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 8.8.8.8#dns.google 2001:4860:4860::8888#dns.google
#Domains=
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=yes
#LLMNR=yes
#Cache=yes
#CacheFromLocalhost=no
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no
#StaleRetentionSec=0
#RefuseRecordTypes=

Last edited by wolfsilver00 (Yesterday 16:27:47)

Offline

#2 Yesterday 17:22:32

Lone_Wolf
Administrator
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 14,708

Re: resolv not asking my local DNS, unless I restart the service

systemd-resolved often has trouble working together with applications that use resolv.conf .

cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.1.100
nameserver fd6e:d8e5:114c::1

That won't work with systemd-resolved as it typically expects /etc/resolv.conf to be a symlink to /run/systemd/resolve/stub-resolv.conf .

Please read https://wiki.archlinux.org/title/Systemd-resolved#DNS thoroughly.

It's also possible you have conflicting network configuration tools running, please post the output of

$ find /etc/systemd -type l -exec test -f {} \; -print | sort

Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.

clean chroot building not flexible enough ?
Try clean chroot manager by graysky

Offline

#3 Yesterday 17:42:10

wolfsilver00
Member
Registered: 2024-02-25
Posts: 9

Re: resolv not asking my local DNS, unless I restart the service

Lone_Wolf wrote:

systemd-resolved often has trouble working together with applications that use resolv.conf .

cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.1.100
nameserver fd6e:d8e5:114c::1

That won't work with systemd-resolved as it typically expects /etc/resolv.conf to be a symlink to /run/systemd/resolve/stub-resolv.conf .

Please read https://wiki.archlinux.org/title/Systemd-resolved#DNS thoroughly.

It's also possible you have conflicting network configuration tools running, please post the output of

$ find /etc/systemd -type l -exec test -f {} \; -print | sort

Thanks a lot for the help <3

Here is the output:

find /etc/systemd -type l -exec test -f {} \; -print | sort
/etc/systemd/system/basic.target.wants/disable-c6.service
/etc/systemd/system/bluetooth.target.wants/bluetooth.service
/etc/systemd/system/dbus-org.bluez.service
/etc/systemd/system/dbus-org.freedesktop.Avahi.service
/etc/systemd/system/dbus-org.freedesktop.network1.service
/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service
/etc/systemd/system/dbus-org.freedesktop.resolve1.service
/etc/systemd/system/dbus-org.freedesktop.timesync1.service
/etc/systemd/system/display-manager.service
/etc/systemd/system/getty.target.wants/getty@tty1.service
/etc/systemd/system/hibernate.target.wants/disable-c6.service
/etc/systemd/system/multi-user.target.wants/apparmor.service
/etc/systemd/system/multi-user.target.wants/avahi-daemon.service
/etc/systemd/system/multi-user.target.wants/cups.path
/etc/systemd/system/multi-user.target.wants/cups.service
/etc/systemd/system/multi-user.target.wants/docker.service
/etc/systemd/system/multi-user.target.wants/lm_sensors.service
/etc/systemd/system/multi-user.target.wants/NetworkManager.service
/etc/systemd/system/multi-user.target.wants/ollama.service
/etc/systemd/system/multi-user.target.wants/open-webui.service
/etc/systemd/system/multi-user.target.wants/reflector.service
/etc/systemd/system/multi-user.target.wants/remote-fs.target
/etc/systemd/system/multi-user.target.wants/smb.service
/etc/systemd/system/multi-user.target.wants/sshd.service
/etc/systemd/system/multi-user.target.wants/systemd-networkd.service
/etc/systemd/system/multi-user.target.wants/ufw.service
/etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service
/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service
/etc/systemd/system/printer.target.wants/cups.service
/etc/systemd/system/sockets.target.wants/avahi-daemon.socket
/etc/systemd/system/sockets.target.wants/cups.socket
/etc/systemd/system/sockets.target.wants/docker.socket
/etc/systemd/system/sockets.target.wants/systemd-journal-gatewayd.socket
/etc/systemd/system/sockets.target.wants/systemd-networkd.socket
/etc/systemd/system/sockets.target.wants/systemd-userdbd.socket
/etc/systemd/system/suspend.target.wants/disable-c6.service
/etc/systemd/system/sysinit.target.wants/systemd-network-generator.service
/etc/systemd/system/sysinit.target.wants/systemd-resolved.service
/etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service
/etc/systemd/system/timers.target.wants/fstrim.timer
/etc/systemd/system/timers.target.wants/paccache.timer
/etc/systemd/user/graphical-session-pre.target.wants/xdg-user-dirs.service
/etc/systemd/user/pipewire.service.wants/wireplumber.service
/etc/systemd/user/pipewire-session-manager.service
/etc/systemd/user/sockets.target.wants/p11-kit-server.socket
/etc/systemd/user/sockets.target.wants/pipewire-pulse.socket
/etc/systemd/user/sockets.target.wants/pipewire.socket

As for the symlink, I understood the wiki as the link being necessary with manual config, but using network manager, doesnt resolved just read resolv.conf from etc and just be done? That did seem to be the case as I didnt manually update stub-resolv, so it has the default value yet after a reset to the service, resolved picks up the correct nameserver.
Should I symlink it anyway and just manually put my nameserver on the stub?

Offline

Pages: 1

Board footer

Powered by FluxBB