[Bug 1880258] Re: Add trailing dot to make connectivity-check.ubuntu.com. absolute and reduce NXDOMAIN warning noise

rjc 1880258 at bugs.launchpad.net
Fri Jan 22 23:37:18 UTC 2021 

I just upgraded two machines to Ubuntu 20.04 LTS and /var/log/syslog is
full of:

systemd-resolved[...]: Server returned error NXDOMAIN, mitigating
potential DNS violation DVE-2018-0001, retrying transaction with reduced
feature level UDP.

with the only thing reported by tcpdump(8) as:

[...] [udp sum ok] 9797 NXDomain* q: AAAA? connectivity-
check.ubuntu.com.[...]

The only thing that fixes it is by making connectivity-check.ubuntu.com
fully qualified.

I have over 250 machines to upgrade. It all adds up.

Please append the dot.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1880258

Title:
  Add trailing dot to make connectivity-check.ubuntu.com. absolute and
  reduce NXDOMAIN warning noise

Status in network-manager package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  Triaged
Status in network-manager source package in Focal:
  Confirmed

Bug description:
  I normally don't like this, but it's a one-character change so it's
  easier to start with the solution:

  diff -u -r1.1 /usr/lib/NetworkManager/conf.d/20-connectivity-ubuntu.conf
  --- /usr/lib/NetworkManager/conf.d/20-connectivity-ubuntu.conf  
  +++ /usr/lib/NetworkManager/conf.d/20-connectivity-ubuntu.conf
  @@ -1,2 +1,2 @@
   [connectivity]
  -uri=http://connectivity-check.ubuntu.com/
  +uri=http://connectivity-check.ubuntu.com./

  Making this name absolute instead of relative avoids spurious
  resolutions of "connectivity-check.ubuntu.com.your_domain." This
  removes a fair amount of NXDOMAIN error noise in journalctl.

  
  Observing the issue and the fix requires 3 terminals:

  1. tcpdump -i any 'port domain'
  2. journalctl --boot -u systemd-resolved -f

  3. nmcli c down "Wired connection 1"; nmcli c up "Wired connection 1"
   => observe the NXDOMAIN noise over a couple few minutes
   
  Now make the hostname absolute with the trailing dot above and run:
     systemctl reload NetworkManager
  Wait 1 min for things to stabilize. Test again:

  nmcli c down "Wired connection 1"; nmcli c up "Wired connection 1"
   => observe non-zero but significantly reduced NXDOMAIN noise over a couple few minutes

  Originally reported at https://askubuntu.com/a/1242611/117217

  Plenty of people annoyed by NXDOMAIN warnings, just Google it.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1880258/+subscriptions

More information about the foundations-bugs mailing list