I’m trying to troubleshoot this DNS I have on a small old Odroid C1 board.

I have set up a static IP, but cannot get DNS to work. The image comes with systemd-resolved by default. I have notes that said to set a static IP, then disable systemd-resolved, and after a reboot the DNS would work, but that didn’t work. I’ve looked into systemd-resolved a little bit, and have configured the DNS servers manually, which is required when using a static address.

My gateway is also my DNS.

Here is what I believe to be relevant output:

/etc/systemd/network/eth0.network:

[Match]
Name=eth0

[Network]
Address=192.168.10.44/24
Gateway=192.168.10.254
DNS=192.168.10.254
DNS=1.1.1.1

Output of resolvectl status and some pings:

[root@alarm alarm]# resolvectl status
Global
       LLMNR setting: yes
MulticastDNS setting: yes
  DNSOverTLS setting: no
      DNSSEC setting: allow-downgrade
    DNSSEC supported: yes
  Current DNS Server: 1.1.1.1
         DNS Servers: 192.168.10.254
                      1.1.1.1
Fallback DNS Servers: 1.1.1.1
                      9.9.9.10
                      8.8.8.8
                      2606:4700:4700::1111
                      2620:fe::10
                      2001:4860:4860::8888
          DNSSEC NTA: 10.in-addr.arpa
                      16.172.in-addr.arpa
                      168.192.in-addr.arpa
                      17.172.in-addr.arpa
                      18.172.in-addr.arpa
                      19.172.in-addr.arpa
                      20.172.in-addr.arpa
                      21.172.in-addr.arpa
                      22.172.in-addr.arpa
                      23.172.in-addr.arpa
                      24.172.in-addr.arpa
                      25.172.in-addr.arpa
                      26.172.in-addr.arpa
                      27.172.in-addr.arpa
                      28.172.in-addr.arpa
                      29.172.in-addr.arpa
                      30.172.in-addr.arpa
                      31.172.in-addr.arpa
                      corp
                      d.f.ip6.arpa
                      home
                      internal
                      intranet
                      lan
                      local
                      private
                      test

Link 2 (eth0)
      Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
DefaultRoute setting: yes
       LLMNR setting: yes
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: allow-downgrade
    DNSSEC supported: yes
  Current DNS Server: 1.1.1.1
         DNS Servers: 192.168.10.254
                      1.1.1.1
[root@alarm alarm]# ping google.com
ping: google.com: Name or service not known
[root@alarm alarm]# ping tweakers.net
ping: tweakers.net: Name or service not known
[root@alarm alarm]# ping 192.168.10.254
PING 192.168.10.254 (192.168.10.254) 56(84) bytes of data.
64 bytes from 192.168.10.254: icmp_seq=1 ttl=64 time=0.329 ms
64 bytes from 192.168.10.254: icmp_seq=2 ttl=64 time=0.243 ms
^C
--- 192.168.10.254 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.243/0.286/0.329/0.043 ms
[root@alarm alarm]# ping 1.1.1.1       
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=58 time=22.3 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=58 time=14.3 ms
^C
--- 1.1.1.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 14.258/18.280/22.302/4.022 ms

Alternatives to systemd-resolved welcome, just need it to work.

edit:

The solution was to add DNSSEC=no in /etc/systemd/resolved.conf. I learned this by running journalctl -u systemd-resolved -f, which said DNSSEC validation failed for question google.com IN A: failed-auxiliary.

  • Max-P@lemmy.max-p.me
    link
    fedilink
    arrow-up
    1
    ·
    6 months ago

    If you try to resolve a name via resolvectl it’ll probably work, pointing to /etc/resolv.conf potentially being wrong or overwritten. With systemd-resolved, it should be a symlink to run/systemd/resolve/stub-resolv.conf. Otherwise things won’t be talking to resolved in the first place.

    I would also check your /etc/nsswitch.conf to make sure DNS is enabled at all and not only checking /etc/hosts.