Strange DNS issue
Sam Varshavchik
mrsam at courier-mta.com
Thu Dec 4 13:46:58 UTC 2025
Alexander H. writes:
> Via DHCP we are allocated two DNS servers
>
>
> resolvectl
> Global
> Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
> resolv.conf mode: stub
>
> Link 2 (eth0)
> Current Scopes: DNS
> Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/
> unsupported
> Current DNS Server: 10.1.1.1
> DNS Servers: 10.1.1.1 10.1.1.2
> DNS Domain: reddog.domain.local
>
> Link 3 (enP28932s1)
> Current Scopes: none
> Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/
> unsupported
>
>
> The reverse lookup completes successfully
>
>
> dig -x 10.1.1.1 and dig -x 10.1.1.2 both correctly resolve to the DNS
> server's hostnames
>
>
> However the forward lookup fails
>
>
> dig dnsserver1.domain.local -> Fails
>
> dig dnsserver2.domain.local -> Fails
>
> However with specifying the DNS server explicitly the requests complete
> successfully
>
>
>
> dig @10.1.1.1 dnsserver1.domain.local -> Works
>
> dig @10.1.1.1 dnsserver2.domain.local -> Works
> dig @10.1.1.2 dnsserver1.domain.local -> Works
>
> dig @10.1.1.2 dnsserver2.domain.local -> Works
>
>
> I don't understand why it works when we set the DNS server and fails when
> using the default system DNS servers.
dig does not know anything about this strange program called "resolvectl".
All that dig knows how to do, is read /etc/resolv.conf, which has specified
where the DNS servers are, for the last 50+ years. What are the contents of
your /etc/resolv.conf?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20251204/50c0901e/attachment.sig>
More information about the ubuntu-users
mailing list