Public bug reported: I am facing really strange issues with systemd-resolved.
Local cache of DNS replies seems to be unreliable. For example, when a try to get ANY record for github.com, I get A, AAAA, MX, CAA, TXT and NS records. When the TTL of entries expires, the same request is this ignoring them. The result is getting narrowed. First try: dig ANY github.com ; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> ANY github.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4140 ;; flags: qr rd ra; QUERY: 1, ANSWER: 18, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;github.com. IN ANY ;; ANSWER SECTION: github.com. 227 IN SOA ns-1707.awsdns-21.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 github.com. 2927 IN MX 10 alt4.aspmx.l.google.com. github.com. 2927 IN MX 1 aspmx.l.google.com. github.com. 2927 IN MX 5 alt1.aspmx.l.google.com. github.com. 2927 IN MX 5 alt2.aspmx.l.google.com. github.com. 2927 IN MX 10 alt3.aspmx.l.google.com. github.com. 2927 IN TXT "MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805" github.com. 2927 IN TXT "docusign=087098e3-3d46-47b7-9b4e-8a23028154cd" github.com. 2927 IN TXT "v=spf1 ip4:192.30.252.0/22 ip4:208.74.204.0/22 ip4:46.19.168.0/23 include:_spf.google.com include:esp.github.com include:_spf.createsend.com include:servers.mcsv.net ~all" github.com. 2927 IN TXT "MS=ms44452932" github.com. 227 IN NS ns-421.awsdns-52.com. github.com. 227 IN NS ns4.p16.dynect.net. github.com. 227 IN NS ns3.p16.dynect.net. github.com. 227 IN NS ns-1707.awsdns-21.co.uk. github.com. 227 IN NS ns2.p16.dynect.net. github.com. 227 IN NS ns1.p16.dynect.net. github.com. 227 IN NS ns-520.awsdns-01.net. github.com. 227 IN NS ns-1283.awsdns-32.org. ;; Query time: 9 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Fri Mar 01 12:13:58 CET 2019 ;; MSG SIZE rcvd: 758 Second try (A records are now missing): dig ANY github.com ; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> ANY github.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42356 ;; flags: qr rd ra; QUERY: 1, ANSWER: 18, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;github.com. IN ANY ;; ANSWER SECTION: github.com. 30 IN SOA ns-1707.awsdns-21.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 github.com. 2730 IN MX 5 alt2.aspmx.l.google.com. github.com. 2730 IN MX 10 alt3.aspmx.l.google.com. github.com. 2730 IN MX 10 alt4.aspmx.l.google.com. github.com. 2730 IN MX 1 aspmx.l.google.com. github.com. 2730 IN MX 5 alt1.aspmx.l.google.com. github.com. 2730 IN TXT "v=spf1 ip4:192.30.252.0/22 ip4:208.74.204.0/22 ip4:46.19.168.0/23 include:_spf.google.com include:esp.github.com include:_spf.createsend.com include:servers.mcsv.net ~all" github.com. 2730 IN TXT "MS=ms44452932" github.com. 2730 IN TXT "MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805" github.com. 2730 IN TXT "docusign=087098e3-3d46-47b7-9b4e-8a23028154cd" github.com. 30 IN NS ns1.p16.dynect.net. github.com. 30 IN NS ns-421.awsdns-52.com. github.com. 30 IN NS ns2.p16.dynect.net. github.com. 30 IN NS ns4.p16.dynect.net. github.com. 30 IN NS ns-1707.awsdns-21.co.uk. github.com. 30 IN NS ns-1283.awsdns-32.org. github.com. 30 IN NS ns-520.awsdns-01.net. github.com. 30 IN NS ns3.p16.dynect.net. ;; Query time: 8 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Fri Mar 01 12:17:15 CET 2019 ;; MSG SIZE rcvd: 758 Third try (No more NS) : dig ANY github.com ; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> ANY github.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34183 ;; flags: qr rd ra; QUERY: 1, ANSWER: 9, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;github.com. IN ANY ;; ANSWER SECTION: github.com. 2688 IN MX 10 alt4.aspmx.l.google.com. github.com. 2688 IN MX 1 aspmx.l.google.com. github.com. 2688 IN MX 5 alt1.aspmx.l.google.com. github.com. 2688 IN MX 5 alt2.aspmx.l.google.com. github.com. 2688 IN MX 10 alt3.aspmx.l.google.com. github.com. 2688 IN TXT "MS=ms44452932" github.com. 2688 IN TXT "MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805" github.com. 2688 IN TXT "docusign=087098e3-3d46-47b7-9b4e-8a23028154cd" github.com. 2688 IN TXT "v=spf1 ip4:192.30.252.0/22 ip4:208.74.204.0/22 ip4:46.19.168.0/23 include:_spf.google.com include:esp.github.com include:_spf.createsend.com include:servers.mcsv.net ~all" ;; Query time: 3 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Fri Mar 01 12:17:57 CET 2019 ;; MSG SIZE rcvd: 477 And so on. That's not the only bug that I have noticed. If I look for an non existing record, the response is cached. And any legit request is this ignored. See https://github.com/systemd/systemd/issues/11789 for more details. Try to resolv github.com CNAME record dig CNAME github.com This will return an empty result. Then try to resolve github.com A record dig A github.com. This will now return empty result unless you restart systemd-resolved or wait for cache expiration. systemd version the issue has been seen with Installed: 237-3ubuntu10.13 Used distribution Distributor ID: Ubuntu Description: Ubuntu 18.04.2 LTS Release: 18.04 Codename: bionic Note: I am facing the same issues in ubuntu 16.04 with systemd 229-4ubuntu21.2. ** Affects: systemd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1818217 Title: Systemd Resolve cache handling issues Status in systemd package in Ubuntu: New Bug description: I am facing really strange issues with systemd-resolved. Local cache of DNS replies seems to be unreliable. For example, when a try to get ANY record for github.com, I get A, AAAA, MX, CAA, TXT and NS records. When the TTL of entries expires, the same request is this ignoring them. The result is getting narrowed. First try: dig ANY github.com ; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> ANY github.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4140 ;; flags: qr rd ra; QUERY: 1, ANSWER: 18, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;github.com. IN ANY ;; ANSWER SECTION: github.com. 227 IN SOA ns-1707.awsdns-21.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 github.com. 2927 IN MX 10 alt4.aspmx.l.google.com. github.com. 2927 IN MX 1 aspmx.l.google.com. github.com. 2927 IN MX 5 alt1.aspmx.l.google.com. github.com. 2927 IN MX 5 alt2.aspmx.l.google.com. github.com. 2927 IN MX 10 alt3.aspmx.l.google.com. github.com. 2927 IN TXT "MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805" github.com. 2927 IN TXT "docusign=087098e3-3d46-47b7-9b4e-8a23028154cd" github.com. 2927 IN TXT "v=spf1 ip4:192.30.252.0/22 ip4:208.74.204.0/22 ip4:46.19.168.0/23 include:_spf.google.com include:esp.github.com include:_spf.createsend.com include:servers.mcsv.net ~all" github.com. 2927 IN TXT "MS=ms44452932" github.com. 227 IN NS ns-421.awsdns-52.com. github.com. 227 IN NS ns4.p16.dynect.net. github.com. 227 IN NS ns3.p16.dynect.net. github.com. 227 IN NS ns-1707.awsdns-21.co.uk. github.com. 227 IN NS ns2.p16.dynect.net. github.com. 227 IN NS ns1.p16.dynect.net. github.com. 227 IN NS ns-520.awsdns-01.net. github.com. 227 IN NS ns-1283.awsdns-32.org. ;; Query time: 9 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Fri Mar 01 12:13:58 CET 2019 ;; MSG SIZE rcvd: 758 Second try (A records are now missing): dig ANY github.com ; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> ANY github.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42356 ;; flags: qr rd ra; QUERY: 1, ANSWER: 18, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;github.com. IN ANY ;; ANSWER SECTION: github.com. 30 IN SOA ns-1707.awsdns-21.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 github.com. 2730 IN MX 5 alt2.aspmx.l.google.com. github.com. 2730 IN MX 10 alt3.aspmx.l.google.com. github.com. 2730 IN MX 10 alt4.aspmx.l.google.com. github.com. 2730 IN MX 1 aspmx.l.google.com. github.com. 2730 IN MX 5 alt1.aspmx.l.google.com. github.com. 2730 IN TXT "v=spf1 ip4:192.30.252.0/22 ip4:208.74.204.0/22 ip4:46.19.168.0/23 include:_spf.google.com include:esp.github.com include:_spf.createsend.com include:servers.mcsv.net ~all" github.com. 2730 IN TXT "MS=ms44452932" github.com. 2730 IN TXT "MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805" github.com. 2730 IN TXT "docusign=087098e3-3d46-47b7-9b4e-8a23028154cd" github.com. 30 IN NS ns1.p16.dynect.net. github.com. 30 IN NS ns-421.awsdns-52.com. github.com. 30 IN NS ns2.p16.dynect.net. github.com. 30 IN NS ns4.p16.dynect.net. github.com. 30 IN NS ns-1707.awsdns-21.co.uk. github.com. 30 IN NS ns-1283.awsdns-32.org. github.com. 30 IN NS ns-520.awsdns-01.net. github.com. 30 IN NS ns3.p16.dynect.net. ;; Query time: 8 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Fri Mar 01 12:17:15 CET 2019 ;; MSG SIZE rcvd: 758 Third try (No more NS) : dig ANY github.com ; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> ANY github.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34183 ;; flags: qr rd ra; QUERY: 1, ANSWER: 9, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;github.com. IN ANY ;; ANSWER SECTION: github.com. 2688 IN MX 10 alt4.aspmx.l.google.com. github.com. 2688 IN MX 1 aspmx.l.google.com. github.com. 2688 IN MX 5 alt1.aspmx.l.google.com. github.com. 2688 IN MX 5 alt2.aspmx.l.google.com. github.com. 2688 IN MX 10 alt3.aspmx.l.google.com. github.com. 2688 IN TXT "MS=ms44452932" github.com. 2688 IN TXT "MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805" github.com. 2688 IN TXT "docusign=087098e3-3d46-47b7-9b4e-8a23028154cd" github.com. 2688 IN TXT "v=spf1 ip4:192.30.252.0/22 ip4:208.74.204.0/22 ip4:46.19.168.0/23 include:_spf.google.com include:esp.github.com include:_spf.createsend.com include:servers.mcsv.net ~all" ;; Query time: 3 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Fri Mar 01 12:17:57 CET 2019 ;; MSG SIZE rcvd: 477 And so on. That's not the only bug that I have noticed. If I look for an non existing record, the response is cached. And any legit request is this ignored. See https://github.com/systemd/systemd/issues/11789 for more details. Try to resolv github.com CNAME record dig CNAME github.com This will return an empty result. Then try to resolve github.com A record dig A github.com. This will now return empty result unless you restart systemd-resolved or wait for cache expiration. systemd version the issue has been seen with Installed: 237-3ubuntu10.13 Used distribution Distributor ID: Ubuntu Description: Ubuntu 18.04.2 LTS Release: 18.04 Codename: bionic Note: I am facing the same issues in ubuntu 16.04 with systemd 229-4ubuntu21.2. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1818217/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
