I set up an Ubuntu 18.04 test server today as an LXD host machine and
ran into this issue.
network:
version: 2
renderer: networkd
ethernets:
ens33:
dhcp4: no
dhcp6: no
bridges:
br0:
interfaces: [ens33]
dhcp4: no
dhcp6: no
addresses: [192.168.1.101/24]
gateway4: 192.168.1.1
nameservers:
addresses: [192.168.1.1, 8.8.8.8, 8.8.4.4]
root@bionic:/home/bionic# systemd-resolve --status
Global
DNS Servers: 192.168.1.1
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 6 (tun0)
Current Scopes: LLMNR/IPv4 LLMNR/IPv6
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 5 (veth0OI7SQ)
Current Scopes: LLMNR/IPv6
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 3 (br0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 192.168.1.1
8.8.8.8
8.8.4.4
Link 2 (ens33)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
root@bionic:/home/bionic# ping google.com
ping: google.com: Temporary failure in name resolution
Also the error message is misleading, there's nothing "temporary" about
this failure. It's permanent.
I can reach IP addresses directly but all DNS lookups are failing,
preventing me from doing upgrades and normal operations.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1624320
Title:
systemd-resolved appends 127.0.0.53 to resolv.conf alongside existing
entries
Status in systemd package in Ubuntu:
Confirmed
Bug description:
systemd-resolved, or more precisely the hook script
/lib/systemd/system/systemd-resolved.service.d/resolvconf.conf, causes
resolvconf to add 127.0.0.53 to the set of nameservers in
/etc/resolv.conf alongside the other nameservers. That makes no sense
because systemd-resolved sets up 127.0.0.53 as a proxy for those other
nameservers. The effect is similar to bug 1624071 but for
applications doing their own DNS lookups. It breaks any DNSSEC
validation that systemd-resolved tries to do; applications will
failover to the other nameservers, bypassing validation failures. And
it makes failing queries take twice as long.
/etc/resolv.conf should have only 127.0.0.53 when systemd-resolved is
active.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1624320/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
