[Bug 1624320] Re: systemd-resolved appends 127.0.0.53 to resolv.conf alongside existing entries
pavera
pavera at gmail.com
Thu Jul 26 03:22:12 UTC 2018
I'll add my name to the list of people saying this is a blocker. I am
currently working on a massive upgrade of 1000+ systems to Ubuntu 18.04
planned for early next year. Local dns resolution is an absolute must,
and it must work out of the box. I can't update /etc/resolv.conf
symlinks on thousands of systems manually. Even in an automated way,
this is cumbersome and prone to break unexpectedly when updates get
applied and revert the manual change. My DHCP server hands out a DNS
server, and I expect my clients to ask that DNS server for all name
resolution. How this long held tenant of network operation is being so
horribly violated by systemd-resolved I don't understand. Did no one
test this once? This is "Insanely broken and wrong".
Please fix this bug ASAP.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1624320
Title:
systemd-resolved appends 127.0.0.53 to resolv.conf alongside existing
entries
Status in systemd package in Ubuntu:
Confirmed
Bug description:
systemd-resolved, or more precisely the hook script
/lib/systemd/system/systemd-resolved.service.d/resolvconf.conf, causes
resolvconf to add 127.0.0.53 to the set of nameservers in
/etc/resolv.conf alongside the other nameservers. That makes no sense
because systemd-resolved sets up 127.0.0.53 as a proxy for those other
nameservers. The effect is similar to bug 1624071 but for
applications doing their own DNS lookups. It breaks any DNSSEC
validation that systemd-resolved tries to do; applications will
failover to the other nameservers, bypassing validation failures. And
it makes failing queries take twice as long.
/etc/resolv.conf should have only 127.0.0.53 when systemd-resolved is
active.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1624320/+subscriptions
More information about the foundations-bugs
mailing list