Re: systemd.resolved problems

To: debian-user@lists.debian.org
Subject: Re: systemd.resolved problems
From: David Wright <deblis@lionunicorn.co.uk>
Date: Fri, 25 Mar 2022 23:38:50 -0500
Message-id: <[🔎] 20220326043850.GA4177@axis.corp>
Reply-to: debian-user@lists.debian.org
In-reply-to: <[🔎] Yj3nvFVreCmvg9v+@helium.itcfollmann.com>
References: <[🔎] 615d00ce-44f2-e0fd-de74-4a1b9955d623@ardley.org> <[🔎] Yjz+C7ny3mSEWG83@wooledge.org> <[🔎] ac385445-d25f-d907-a20c-c9463593dd5a@ardley.org> <[🔎] 20220325020917.GA11559@axis.corp> <[🔎] Yj3nvFVreCmvg9v+@helium.itcfollmann.com>

On Fri 25 Mar 2022 at 12:03:08 (-0400), Henning Follmann wrote:
> On Thu, Mar 24, 2022 at 09:09:17PM -0500, David Wright wrote:
> > On Fri 25 Mar 2022 at 07:59:15 (+0800), Jeremy Ardley wrote:
> > > On 25/3/22 7:26 am, Greg Wooledge wrote:
> > > > On Fri, Mar 25, 2022 at 06:51:55AM +0800, Jeremy Ardley wrote:
> > 
> > > Anyway, bind9 works pretty well as a local caching nameserver
> > 
> > I'm sticking with resolvconf for the time being.
> > 
> You are aware that resolvconf is a tool to manage your
> resolver configuration? It is not a resolver. 

Yes, that's all I want—it's not a lot to ask. It just mediates
between processes that wish to write into /etc/resolv.conf,
keeping track of who put what in there. On the whole, it works
well. (There's no DNS resolver on the premises—unless you count
/etc/hosts.)

One wrinkle with iwd&resolvconf was that iwd's own configuration
withheld permission for it to communicate the obtained DNS server
information to resolvconf. (I posted the^H^H^H a workaround in
the thread on wrinkles.)

Because iwd is designed to work with systemd-resolved, (and
I know you're keen on us using defaults), I thought I ought to
at least try it out but, as reported here, it was not a success.
I assume the address 127.0.0.53 that it puts in /etc/resolv.conf
directs queries to itself, but I can't understand what it does
with them from then on.

There may be parameters in /etc/nsswitch.conf or /etc/default/nss
that I could tune for my usage, but in the absence of a Debian wiki,¹
I'll just accept that it's a sledgehammer for the task in hand,
which is very simple: make the address of the DHCP server's choice
of DNS server available to all in good old /etc/resolv.conf.

Perhaps it's significant that this usage of systemd-resolved is
relegated in   man systemd-resolved   to an "Additionally"
paragraph, half of which is spent recommending strongly against
this method of resolution.

¹ As is often the case, there are some very good Arch wikis for
  background. But systemd is fast-moving, so it's not always
  possible to use their examples as is. (And buster is w-a-y
  behind.)

  One of the more interesting Arch wiki references I came across
  while reading background was:
  https://moss.sh/name-resolution-issue-systemd-resolved
  I don't think my problem was /directly/ related (eg my
  /etc/resolv.conf only had 127.0.0.53, as recommended
  (though I was sorely tempted to add some)) but I took
  their alternative conclusion to heart:
  "get rid of systemd-resolved – and stick with it."

Cheers,
David.

Reply to:

References:
- systemd.resolved problems
  - From: Jeremy Ardley <jeremy@ardley.org>
- Re: systemd.resolved problems
  - From: Greg Wooledge <greg@wooledge.org>
- Re: systemd.resolved problems
  - From: Jeremy Ardley <jeremy@ardley.org>
- Re: systemd.resolved problems
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: systemd.resolved problems
  - From: Henning Follmann <hfollmann@itcfollmann.com>

Prev by Date: Re: Under each of these scenarios, what is the neatest and simplest way to manipulate the /etc/network/interfaces file?
Next by Date: Thunderbird security
Previous by thread: Re: systemd.resolved problems
Next by thread: Re: systemd.resolved problems
Index(es):
- Date
- Thread