[Bug 1954814] [NEW] systemd.resolved with split domains sends DNS requests to the wrong interface

ihutch 1954814 at bugs.launchpad.net
Tue Dec 14 16:46:38 UTC 2021 

Public bug reported:

When connected simultaneously to two different networks with overlapping domains
$ resolvectl domain
Global:
Link 3 (wlp0s20f3): ~. mit.edu
Link 2 (enp0s31f6): ~. psfc.mit.edu
$ resolvectl dns
Global:
Link 3 (wlp0s20f3): 18.0.70.160 18.0.72.3 18.0.71.151
Link 2 (enp0s31f6): 198.125.177.103 198.125.179.203,

a DNS request for resolution of a name such as
LIBPROXY.GLB.MIT.EDU
is by default sent to the nameservers of Link 3 (e.g. 18.0.70.160) but via Link 2 (enp0s31f6)

This request is refused, presumably because it is seen by those nameservers as coming from
an external network, which ought not to be asking for name resolution from them.

It seems that it ought to be the default behavior that requests for name resolution are sent
only over the interface whose nameservers are being queried, or else that queries go only to the nameservers that are associated with the interface over which the query will go out. 


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
lsb_release -rd
Description:    Ubuntu 20.04.3 LTS
Release:        20.04
$ resolvectl --version
systemd 245 (245.4-4ubuntu3.13)
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=hybrid
$ systemd --version
systemd 245 (245.4-4ubuntu3.13)
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=hybrid

$ apt-cache policy systemd
systemd:
  Installed: 245.4-4ubuntu3.13
  Candidate: 245.4-4ubuntu3.13
  Version table:
 *** 245.4-4ubuntu3.13 500
        500 http://us.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     245.4-4ubuntu3.11 500
        500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages
     245.4-4ubuntu3 500
        500 http://us.archive.ubuntu.com/ubuntu focal/main amd64 Packages

** Affects: systemd (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1954814

Title:
  systemd.resolved with split domains sends DNS requests to the wrong
  interface

Status in systemd package in Ubuntu:
  New

Bug description:
  When connected simultaneously to two different networks with overlapping domains
  $ resolvectl domain
  Global:
  Link 3 (wlp0s20f3): ~. mit.edu
  Link 2 (enp0s31f6): ~. psfc.mit.edu
  $ resolvectl dns
  Global:
  Link 3 (wlp0s20f3): 18.0.70.160 18.0.72.3 18.0.71.151
  Link 2 (enp0s31f6): 198.125.177.103 198.125.179.203,

  a DNS request for resolution of a name such as
  LIBPROXY.GLB.MIT.EDU
  is by default sent to the nameservers of Link 3 (e.g. 18.0.70.160) but via Link 2 (enp0s31f6)

  This request is refused, presumably because it is seen by those nameservers as coming from
  an external network, which ought not to be asking for name resolution from them.

  It seems that it ought to be the default behavior that requests for name resolution are sent
  only over the interface whose nameservers are being queried, or else that queries go only to the nameservers that are associated with the interface over which the query will go out. 

  
  %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
  lsb_release -rd
  Description:    Ubuntu 20.04.3 LTS
  Release:        20.04
  $ resolvectl --version
  systemd 245 (245.4-4ubuntu3.13)
  +PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=hybrid
  $ systemd --version
  systemd 245 (245.4-4ubuntu3.13)
  +PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=hybrid

  $ apt-cache policy systemd
  systemd:
    Installed: 245.4-4ubuntu3.13
    Candidate: 245.4-4ubuntu3.13
    Version table:
   *** 245.4-4ubuntu3.13 500
          500 http://us.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages
          100 /var/lib/dpkg/status
       245.4-4ubuntu3.11 500
          500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages
       245.4-4ubuntu3 500
          500 http://us.archive.ubuntu.com/ubuntu focal/main amd64 Packages

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1954814/+subscriptions

More information about the foundations-bugs mailing list