Control: retitle -1 DNSOverTLS=yes in systemd-resolved conf breaks
riseup-vpn dns
On 20/11/23 3:29 PM, Nilesh Patra wrote:
I do not have this installed however riseup-vpn works for me without any
issues. Others who have tested this package on bookworm in the past also
did not have any such issues.
This dependency is needed if you are running systemd-resolved only, so
this would be a problem only for people with systemd-resolved installed.
I tried with systemd-resolved installed without openvpn-systemd-resolved
install - no problems observed.
hmm, I got it to work with a plain openvpn connection only with this
installed. I don't remember if I tested riseup-vpn without it.
But on mobian trixie, which has
systemd-resolved installed by default (through mobian-base), dns
resolution fails when riseup vpn is connected.
I do not have a device to try out mobian. I tried it on debian
trixie/testing with openvpn-system-resolved and I do not see any such
issue.
;; communications error to 127.0.0.53#53: timed out
;; communications error to 127.0.0.53#53: timed out
;; no servers could be reached
OTOH, this log has very superficial info and is not helpful into
debugging if there's even anything wrong with riseup-vpn.
The error comes only when riseup-vpn is running. When it is turned off
the DNS works as expected.
This maybe a setup/configuration issue for your system. I did find a
similar issue on the systemd repository itself[1] and the fix was to add
in a "DNS=" entry in resolved.conf. Can you try this and report back?
I already have DNS= 103.87.68.194 (opennic.org dns resolver) set to and
FallbackDNS=9.9.9.9
I also had DNSOverTLS=yes. After disabling this host command works.
Could you also check this on a different network connection?
[1]: https://github.com/systemd/systemd/issues/25397
Best,
Nilesh
