** Description changed: [impact] systems upgraded from pre-Bionic releases to Bionic or later will continue to use ifupdown/resolvconf for network conf and management, but resolvconf has a new systemd service in Bionic and later that pulls systemd-resolved stub-resolv.conf into its local configuration. With the recent addition of edns0 option to the stub resolver conf in systemd to fix bug 1811471, this means resolvconf now sets up the /etc/resolv.conf file to include upstream servers but also use edns. For any systems where the upstream resolver(s) don't support edns, dns lookups will break. [test case] == upgrade from pre-bionic (e.g. xenial) to bionic or later == 1) create a xenial system with ifupdown/resolvconf. The ifupdown config needs to include an upstream name server (must be static). At this point, once the network is configured and up, the resolvconf should have put the upstream name server(s) and search domain into the /etc/resolv.conf. As is usual for pre-systemd releases, there should be no local dns resolver in /etc/resolv.conf (i.e. 127.0.0.53 should not be included) at this point. 2) upgrade the system to bionic (alternately it should be possible to install bionic, then remove netplan and install/configure ifupdown and resolvconf, but I have not specifically tested this). The upgrade will retain the ifupdown/resolvconf configuration, and will not change to netplan/systemd-networkd. After upgrade is finished, the /etc/resolv.conf will contain: a) the upstream name server(s) b) options edns0 c) the local stub resolver (127.0.0.53) d) search domain - the fixed resolvconf will remove (b) and (c), and restore - /etc/resolv.conf to what it contained in Xenial release, before the - upgrade to Bionic. + the fixed resolvconf will remove (b). As mentioned, this case also should cover the situation of a native Bionic install, where netplan is removed and ifupdown/resolvconf is manually installed. == bionic or later install == with a bionic install, ifupdown is not installed, instead netplan /systemd-networkd handle networking. In this case, systemd-networkd manages the /etc/resolv.conf, and symlinks it to networkd's stub- resolv.conf which always contains only the local stub resolver (127.0.0.53) and (recently) options edns0, and local search domain. If resolvconf is installed while systemd-networkd is managing the network, then currently the resolv.conf contents will remain completely unchanged, still pointing to the local stub resolver. - This resolvconf change will alter that, to revert the /etc/resolv.conf - to Xenial's contents; specifically, the upstream name server(s) and - search domain. It will no longer include the local stub resolver nor - edns0. + This resolvconf change will alter that, to remove 'options edns0'. No + other changes will be made from the stub-resolv.conf. [regression potential] Regressions due to this change would likely be seen in dns query failures with other system configurations. - Additionally, for the case where systemd-networkd is actually managing - the network, this change will stop sending dns traffic to the local stub - resolver, and instead send it to the upstream name server(s). This will - increase outgoing dns traffic (since it's no longer cached locally), but - will matches the behavior from Xenial. Additionally, resolvconf should - not be needed when systemd-networkd is managing the network (and thus - systemd-resolved is managing dns), and resolvconf can simply be - uninstalled from the system to move back to normal use of the local stub - resolver. + This will cause systems with resolvconf installed to lose the fix from + bug 1811471, and again experience that bug. [other info] - This affects only Bionic and later; in Xenial and earlier, resolvconf - does not include the 'resolvconf-pull-resolved' service to pull in the - systemd-resolved stub config, which is what causes this problem. + This affects only Bionic and later; in Xenial and earlier, systemd does + not handle dns, and the 'edns0' option was not added to that systemd- + resolved anyway. This also does not affect Debian, as it does not include the 'resolvconf-pull-resolved' service either. original description: -- Mint 19 (Ubuntu 18.04) Following latest mint update done on 24/02/2019, DNS is broken.... nslookup and dig of certain domain names work as expected, ping does not (ip works but not domain name) After a day of trial and error, testing I found that the problem lies with the presence of "options edns0" in /run/resolvconf/resolv.conf (link to by /etc/resolv.conf) With option present many dns lookups fail with both FF and chrome browswers and thunderbird... This is on a home network, with router set as dns proxy for external wan, not using NetworkManager Deleting the option on live system results in the issue immediately disappearing, but on reboot it is added back in (by systemd-resolve ?) I cannot find any option to prevent this being added, so presumably it is hard-coded in systemd following the update? systemd: Installed: 237-3ubuntu10.13
** Tags removed: verification-done verification-done-bionic verification-done-cosmic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1817903 Title: systemd-resolve appends "options edns0" to resolv.conf To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/resolvconf/+bug/1817903/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
