On Thu, Sep 24, 2020 at 2:45 PM Roman Odaisky <[email protected]> wrote:
> Hi, > > I have the following resolved configuration: > > [Resolve] > DNS=8.8.8.8 8.8.4.4 > Domains=~. > > and the following resolvectl output: > > Link 76 (usb0) > Current Scopes: DNS > DefaultRoute setting: yes > LLMNR setting: yes > MulticastDNS setting: no > DNSOverTLS setting: no > DNSSEC setting: no > DNSSEC supported: no > Current DNS Server: 192.168.42.129 > DNS Servers: 192.168.42.129 > DNS Domain: ~. > > Link 2 (wlp59s0) > Current Scopes: DNS > DefaultRoute setting: yes > LLMNR setting: yes > MulticastDNS setting: no > DNSOverTLS setting: no > DNSSEC setting: no > DNSSEC supported: no > Current DNS Server: <an IP address> > DNS Servers: <an IP address> > <an IP address> > DNS Domain: ~. > > The default route is via usb0. The wlp59s0 link is faulty (that’s why I’ve > resorted to USB tethering). The DNS servers provided by DHCP for that link > use > public IP addresses yet decline to provide services for clients outside > that > ISP, with responses like this: > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18189 > ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 > ;; WARNING: recursion requested but not available > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 2800 > ;; QUESTION SECTION: > ;freedesktop.org. IN A > > (note it’s not an NXDOMAIN) > > The second IP address is more honest and sets status: REFUSED. > > This situation results in the following behavior: if I query some domain, > it > always fails for the first time then works afterwards. > > $ resolvectl query google.com.uy > google.com.uy: resolve call failed: 'google.com.uy' does not have any RR > of > the requested type > > $ resolvectl query google.com.uy > google.com.uy: 172.217.169.163 -- link: usb0 > > -- Information acquired via protocol DNS in 5.8ms. > -- Data is authenticated: no > > Did I misconfigure something? Did I misread resolved.conf(5) which states > “Use > the construct "~." to use the system DNS server defined with DNS= > preferably > for all domains”? Is there a bug? > You have "~." for the global config, but your Networkmanager or something also sets "~." for each of your two links, so all those settings are back to being the same priority again. -- Mantas Mikulėnas
_______________________________________________ systemd-devel mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/systemd-devel
