Re: iwd + systemd-networkd + resolvconf wrinkles

To: debian-user@lists.debian.org
Subject: Re: iwd + systemd-networkd + resolvconf wrinkles
From: David Wright <deblis@lionunicorn.co.uk>
Date: Tue, 15 Mar 2022 13:20:52 -0500
Message-id: <[🔎] 20220315182051.GA7891@axis.corp>
Reply-to: debian-user@lists.debian.org
In-reply-to: <[🔎] Yi7rgFh6wz3oSeHi@grumpel.local>
References: <[🔎] 20220314010406.GA28706@axis.corp> <[🔎] Yi7rgFh6wz3oSeHi@grumpel.local>

On Mon 14 Mar 2022 at 07:15:12 (+0000), Thomas Pircher wrote:
> David Wright wrote:
> > I was casting round for a simple way to run iwd + resolvconf +
> > systemd-networkd as replacement.
> 
> I run a similar setup, with iwd, systemd-networkd and systemd-resolved.
> This has been working without problems on my host for for quite a while
> now.

As I said, I tried that.

> Make a copy of your /etc/resolv.conf file,

No point, as there's nothing specific in it, but just what gets sent
by DHCP from the router.

> then enable and restart the
> systemd-resolved service. Finally link the /etc/resolv.conf file to
> either /run/systemd/resolve/resolv.conf or
> /run/systemd/resolve/stub-resolv.conf.  I use the latter:
> 
> # ls -l /etc/resolv.conf lrwxrwxrwx 1 root root 37 Jun 28  2020
> /etc/resolv.conf -> /run/systemd/resolve/stub-resolv.conf

(It was created for me.) So, to summarise, I have a three-line
/var/lib/iwd/mySSID.psk (Security, PSK, passphrase), a two-line
/etc/iwd/main.conf (General, EnableNetworkConfiguration=true),
and nothing else: no overrides, no resolvconf package, and no
cat5 cable.

> You can configure various settings for the DNS resolver in your
> systemd-networkd setting and in /etc/systemd/resolved.conf.

Like what?

> On bookworm you also have the resolvectl tool, which helps debugging DNS
> issues.

And bullseye has that too. I don't really know how to use it.

There seem to be timeouts involved in most cases, so   time ping -c 1 foo
will typically take 15sec, and host lookups will take 10 or 20sec.
That's 10sec, or 20sec, depending on whether the message
  ;; connection timed out; no servers could be reached
is emitted once or twice.

I ran   resolvectl log-level debug   and tried    resolvectl query foo
on a few addresses. They were even slower, eg:

# resolvectl query smtp.lionunicorn.co.uk   answered in 57.6 secs.
# resolvectl query lionunicorn.co.uk   failed with:
lionunicorn.co.uk: resolve call failed: Query timed out

The debug output is difficult to interpret, though I did notice that
it was reporting "cache misses" repeatedly on the same address (but
there must be some caching going on, because there was an occasional
hit being reported).

I also noticed that debug output carries on being emitted after
the actual query has finished and returned to a bash prompt;
for something like another minute, achieving nothing (repeating
a query does it all over again).

Everything is comparatively instantaneous when using resolvconf,
which is why I chose to continue using it. The idea of "debugging
DNS issues" doesn't exactly thrill me. I'm imagining a scenario where
I'm sitting in an airport or motel room, having managed to make a
connection with iwd and negotiate their captive portal or whatever,
and then run into /this/ problem.

Cheers,
David.

Reply to:

Follow-Ups:
- Re: iwd + systemd-networkd + resolvconf wrinkles
  - From: Thomas Pircher <thp.debian@p5r.uk>

References:
- iwd + systemd-networkd + resolvconf wrinkles
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: iwd + systemd-networkd + resolvconf wrinkles
  - From: Thomas Pircher <thp.debian@p5r.uk>

Prev by Date: Re: Installing/Preparing Debian on a headless system
Next by Date: Re: got a mdadm puzzler
Previous by thread: Re: iwd + systemd-networkd + resolvconf wrinkles
Next by thread: Re: iwd + systemd-networkd + resolvconf wrinkles
Index(es):
- Date
- Thread