Last active
September 14, 2023 07:35
-
-
Save ko1ebayev/6e8c87d7997a68a96b273a0aa2d76a37 to your computer and use it in GitHub Desktop.
Systemd-resolved DNS configuration bug workaround
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Known systemd bug https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1624320 | |
| # Bug description: | |
| # systemd-resolved, or more precisely the hook script /lib/systemd/system/systemd-resolved.service.d/resolvconf.conf, | |
| # causes resolvconf to add 127.0.0.53 to the set of nameservers in /etc/resolv.conf alongside the other nameservers. | |
| # That makes no sense because systemd-resolved sets up 127.0.0.53 as a proxy for those other nameservers. | |
| # The effect is similar to bug 1624071 but for applications doing their own DNS lookups. | |
| # It breaks any DNSSEC validation that systemd-resolved tries to do; applications will failover to the other nameservers, | |
| # bypassing validation failures. And it makes failing queries take twice as long. | |
| # /etc/resolv.conf should have only 127.0.0.53 when systemd-resolved is active. | |
| # Fix for Ubuntu less then v22 | |
| sudo rm -f /etc/resolv.conf | |
| sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf | |
| systemctl restart systemd-resolved |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment