Strange DNS issue

Alexander H. thahartner at gmail.com
Fri Dec 5 01:16:03 UTC 2025 

The resolv.conf file points to localhost, which I believe is the resolvectl
service.

*cat /etc/resolv.conf *
# This is /run/systemd/resolve/stub-resolv.conf managed by
man:systemd-resolved(8).
# Do not edit.
#
# This file might be symlinked as /etc/resolv.conf. If you're looking at
# /etc/resolv.conf and seeing this text, you have followed the symlink.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs should typically not access this file directly, but
only
# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
# different way, replace this symlink by a static file or a different
symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes
of
# operation for /etc/resolv.conf.

nameserver 127.0.0.53
options edns0 trust-ad
search th.local


On Fri, Dec 5, 2025 at 7:58 AM Sam Varshavchik <mrsam at courier-mta.com>
wrote:

> Alexander H. writes:
>
> > Via DHCP we are allocated two DNS servers
> >
> >
> > resolvectl
> > Global
> >          Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
> >   resolv.conf mode: stub
> >
> > Link 2 (eth0)
> >     Current Scopes: DNS
> >          Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/
> > unsupported
> > Current DNS Server: 10.1.1.1
> >        DNS Servers: 10.1.1.1 10.1.1.2
> >         DNS Domain: reddog.domain.local
> >
> > Link 3 (enP28932s1)
> >     Current Scopes: none
> >          Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/
> > unsupported
> >
> >
> > The reverse lookup completes successfully
> >
> >
> > dig -x 10.1.1.1 and dig -x 10.1.1.2 both correctly resolve to the DNS
> > server's hostnames
> >
> >
> > However the forward lookup fails
> >
> >
> > dig dnsserver1.domain.local -> Fails
> >
> > dig dnsserver2.domain.local -> Fails
> >
> > However with specifying the DNS server explicitly the requests complete
> > successfully
> >
> >
> >
> > dig @10.1.1.1 dnsserver1.domain.local -> Works
> >
> > dig @10.1.1.1 dnsserver2.domain.local -> Works
> > dig @10.1.1.2 dnsserver1.domain.local -> Works
> >
> > dig @10.1.1.2 dnsserver2.domain.local -> Works
> >
> >
> > I don't understand why it works when we set the DNS server and fails
> when
> > using the default system DNS servers.
>
> dig does not know anything about this strange program called
> "resolvectl".
>
> All that dig knows how to do, is read /etc/resolv.conf, which has
> specified
> where the DNS servers are, for the last 50+ years. What are the contents
> of
> your /etc/resolv.conf?
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20251205/2cb8b6ba/attachment.html>

More information about the ubuntu-users mailing list