OK, I've just talked to the admins for quite some time and while I'm
sure that the previous workaround was fine I'm now not so sure how to
deal with the situation (or: why it worked).
Here we go:
Connecting to the wifi configures two wifi-internal DNS servers and one
internal search zone ( say IPv4_1 and IPv4_2 and search cc.dd.edu)
correctly.
Connecting to the lan configures two LAN-internal DNS servers and one
internal search zone correctly (say IPv4_3 and search xx.dd.edu) - but
from the LAN the system is not allowed to send UDP DNS requests to
IPv4_1 nor IPv4_2 (nor direct UDP DNS requests to anything else than a
set of accepted local DNS servers, which is fine, of course).
Now, being connected to _both_ wifi and LAN and searching for a name
within the former zone (name1.cc.dd.edu) the system seems to attempt to
reach IPv4_1 (which would be fine to reach on the wifi but can't be
reached from lan).
I don't know why circumventing systemd stub resolution solved the issue
before, but I guess what I would need is the ubuntu name resolution to
respect the configuration of the interface that is actually used to send
the DNS queries (hence: ignore the search zone cc.dd.edu, do not attempt
to send the request to the respective DNS server (configured for wifi)
through the interface which in this case is "wrong" (namely: LAN)).
Any static setting doesn't help, stuff works when I'm connected to wifi
or LAN, I just can't resolve names from the search zone configured
through wifi when also connected to the LAN (and interestingly enough I
cannot reach some of the services in the search zone cc.dd.edu from the
wifi, for security reasons - so I have to go through the LAN)...
Testing the hypothesis and manually disconnecting from the wifi does
solve the connection problem (but of course this is no solution to the
underlying issue).
Brief explanatory output:
$ resolvectl status
Global
LLMNR setting: no
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Domain: xx.dd.edu
cc.dd.edu
DNSSEC NTA: 10.in-addr.arpa
--8<---
Link 5 (enx00249b4c7732)
Current Scopes: DNS
DefaultRoute setting: yes
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Current DNS Server: IPv4_3
DNS Servers: IPv4_3 <- not allowed to be reached on
UDP/53 through LAN
IPv4_4
DNS Domain: ~.
xx.dd.edu
--8<---
Link 3 (wlp61s0)
Current Scopes: DNS
DefaultRoute setting: yes
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Current DNS Server: IPv4_1
DNS Servers: IPv4_1
IPv4_2
DNS Domain: ~.
cc.dd.edu
--8<---
Link 2 (enp0s31f6)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
(that last nic isn't configured nor connected)
$ dig name.cc.dd.edu
; <<>> DiG 9.11.5-P4-5.1ubuntu2-Ubuntu <<>> name.cc.dd.edu
;; global options: +cmd
;; connection timed out; no servers could be reached
$ dig @IPv4_3 name.cc.dd.edu
; <<>> DiG 9.11.5-P4-5.1ubuntu2-Ubuntu <<>> @IPv4_3 name.cc.dd.edu
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6951
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 463b1ed1f09e7286207545c95dbad8797c7593d8a2de32d5 (good)
;; QUESTION SECTION:
;name.cc.dd.edu. IN A
;; ANSWER SECTION:
name.cc.dd.edu. 51243 IN A SOME_IP
;; Query time: 2 msec
;; SERVER: IPv4_3#53(IPv4_3)
;; WHEN: Thu Oct 31 13:50:01 CET 2019
;; MSG SIZE rcvd: 88
$ dig @IPv4_1 name.cc.dd.edu
; <<>> DiG 9.11.5-P4-5.1ubuntu2-Ubuntu <<>> @IPv4_1 name.cc.dd.edu
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
Thanks
-- ts
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1850762
Title:
stub-resolver no longer optional, systemd dns broken
Status in systemd package in Ubuntu:
Incomplete
Bug description:
systemd name resolution is broken in professional setups.
https://askubuntu.com/a/974482 used to provide a solution, simply
ignore stub-resolution (which is broken) and fall back to the normal
name resolution as configured (e.g. through dhcp).
this solution does not seem to be available after upgrading to ubuntu
19.10 - there is no clean resolv.conf left.
please advise as to how systemd name resolution through its local
service can be disabled now (as it is broken).
Thanks
$ lsb_release -rd
Description: Ubuntu 19.10
Release: 19.10
$ apt-cache policy systemd
systemd:
Installed: 242-7ubuntu3
Candidate: 242-7ubuntu3
Version table:
*** 242-7ubuntu3 500
500 http://de.archive.ubuntu.com/ubuntu eoan/main amd64 Packages
100 /var/lib/dpkg/status
I expected my computer to resolve names (it used to do so after the
workaround for the systemd bug)
It does not resolve all names anymore (and the old workaround doesn't
work anymore).
ProblemType: Bug
DistroRelease: Ubuntu 19.10
Package: systemd 242-7ubuntu3
ProcVersionSignature: Ubuntu 5.3.0-19.20-generic 5.3.1
Uname: Linux 5.3.0-19-generic x86_64
ApportVersion: 2.20.11-0ubuntu8.1
Architecture: amd64
CurrentDesktop: MATE
Date: Thu Oct 31 10:02:05 2019
InstallationDate: Installed on 2019-04-10 (203 days ago)
InstallationMedia: Ubuntu-MATE 19.04 "Disco Dingo" - Alpha amd64 (20190326.1)
MachineType: LENOVO 20L8S29W00
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.3.0-19-generic
root=UUID=fddb227e-dc5d-4f78-b605-443eeb5bf5c9 ro quiet splash vt.handoff=7
SourcePackage: systemd
UpgradeStatus: Upgraded to eoan on 2019-10-24 (6 days ago)
dmi.bios.date: 09/13/2018
dmi.bios.vendor: LENOVO
dmi.bios.version: N22ET49W (1.26 )
dmi.board.asset.tag: Not Available
dmi.board.name: 20L8S29W00
dmi.board.vendor: LENOVO
dmi.board.version: SDK0R32862 WIN
dmi.chassis.asset.tag: No Asset Information
dmi.chassis.type: 10
dmi.chassis.vendor: LENOVO
dmi.chassis.version: None
dmi.modalias:
dmi:bvnLENOVO:bvrN22ET49W(1.26):bd09/13/2018:svnLENOVO:pn20L8S29W00:pvrThinkPadT480s:rvnLENOVO:rn20L8S29W00:rvrSDK0R32862WIN:cvnLENOVO:ct10:cvrNone:
dmi.product.family: ThinkPad T480s
dmi.product.name: 20L8S29W00
dmi.product.sku: LENOVO_MT_20L8_BU_Think_FM_ThinkPad T480s
dmi.product.version: ThinkPad T480s
dmi.sys.vendor: LENOVO
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1850762/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
