Systemd-resolved and /etc/resolv.conf

Questions about Wi-Fi and other network devices, file sharing, firewalls, connection sharing etc
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Locked
g4brrr

Systemd-resolved and /etc/resolv.conf

Post by g4brrr »

Hi LM people,
i remember the old times when it was enough to add a dns ip address in etc/reolv.conf and dns resolution for the all system was right working.
Than resolvconf program was born and i already started to wonder why this was made for..
After Linux Mint (tara) install, i come across systemd-resolved listening on 127.0.0.52 ip address always appended to /etc/resolv.conf file on each reboot whatever nameserver you edit /etc/resolv.conf file for.
I always install a local dns resolver, i use unbound (dnssec+) and dnscrypt-proxy so i take dns resolution privacy and secrecy seriously.
I just want to make sure to use my local dns resolver and ,at this stage, confuses me also the role of Network_manager program in all this. Changes i made for dns in Network-Manager itself don't get appended to /etc/resolv.conf
What i did was to disable systemd-resolved and enable unbound-resolvconf and now everything works fine.

This after long struggle !!!
Have a good day
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
User avatar
xenopeek
Level 25
Level 25
Posts: 29504
Joined: Wed Jul 06, 2011 3:58 am

Re: Systemd-resolved and /etc/resolv.conf

Post by xenopeek »

Making changes to DNS settings in NetworkManager didn't seem to affect anything—not even the DNS shown as used by NetworkManager itself. I double checked I had disabled automatic DNS in NetworkManager. Finally, disabling and re-enabling the network in NetworkManager made it pick up the new DNS configuration and systemd-resolve --status also shows it using the DNS I configured in Network Manager.

As for systemd-resolved, it is a local DNS resolver so if you want to use your own local DNS resolver it makes sense to disable systemd-resolved. But you can override the DNS systemd-resolved uses also manually (if you want to bypass NetworkManager's configuration), in its configuration file /etc/systemd/resolved.conf.

The reason your /etc/resolv.conf file changes didn't do anything would have been obvious if you'd read it :) By default it's a stub file managed by systemd-resolved and shouldn't be edited.

Code: Select all

# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "systemd-resolve --status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
Image
PrivateSnafu

Re: Systemd-resolved and /etc/resolv.conf

Post by PrivateSnafu »

Hello,

one question for my understanding: You write systemd-resolved is a local DNS resolver. So it doesn't connect to other "lower" DNS servers like e.g. the one I received by DHCP with my WiFi connection, but it does the full resolution starting at the root level servers, correct?

Cheers,
Snafu
User avatar
xenopeek
Level 25
Level 25
Posts: 29504
Joined: Wed Jul 06, 2011 3:58 am

Re: Systemd-resolved and /etc/resolv.conf

Post by xenopeek »

It means it is available for local programs (on the same computer) to do DNS queries. It forwards those to the configured DNS server (manually or through DHCP).
Image
rene
Level 20
Level 20
Posts: 12240
Joined: Sun Mar 27, 2016 6:58 pm

Re: Systemd-resolved and /etc/resolv.conf

Post by rene »

xenopeek wrote: Mon Jan 07, 2019 2:40 am It means it is available for local programs (on the same computer) to do DNS queries.
Only expanding (and wondering)... listening on 127.0.0.53 is in fact only a tertiary interface to systemd-resolved, with its D-Bus interface primary and the glibc nss-resolve NSS module secondary. I've been wondering why Ubuntu --- assuming it's not Mint specific --- hasn't elected for the NSS route; it makes a lot more sense as the preferred interface given that hardly any program other than specific DNS-geared ones do their resolving not via the system resolver. It seems...
PrivateSnafu

Re: Systemd-resolved and /etc/resolv.conf

Post by PrivateSnafu »

xenopeek wrote: Mon Jan 07, 2019 2:40 am It means it is available for local programs (on the same computer) to do DNS queries. It forwards those to the configured DNS server (manually or through DHCP).
Ah ok, thanks for the explanation. But how can I change the configured DNS then permanently and for all connections? I know that I can click that network-icon and change the DNS for a single connection, but that is a bit cumbersome when you're travelling. :) Changing /etc/resolv.conf like in earlier times obviously doesn't work anymore since it gets overwritten after each boot (?).
rene
Level 20
Level 20
Posts: 12240
Joined: Sun Mar 27, 2016 6:58 pm

Re: Systemd-resolved and /etc/resolv.conf

Post by rene »

Yes, that's NetworkManager being helpful. You can tell it to leave /etc/resolv.conf alone by adding "dns=none" (or "rc-manager=unmanaged") to /etc/NetworkManager/NetworkManager.conf, [main] section. See man NetworkManager.conf for details.
User avatar
Pippin
Level 4
Level 4
Posts: 441
Joined: Wed Dec 13, 2017 11:14 am
Location: The Shire

Re: Systemd-resolved and /etc/resolv.conf

Post by Pippin »

PrivateSnafu wrote: Mon Jan 07, 2019 10:54 pm But how can I change the configured DNS then permanently and for all connections?
What you can do is tell DHCP client to override the DNS server handed out by the DHCP server by adding

Code: Select all

# Override DNS from any DHCP server systemwide
supersede domain-name-servers 9.9.9.9, 149.112.112.112;
to

Code: Select all

/etc/dhcp/dhclient,conf
Be aware though that this might be troublesome to connect to some Captive Portals.
In that case just comment the line (#supersede.......) before connecting.
I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
Halton Arp
PrivateSnafu

Re: Systemd-resolved and /etc/resolv.conf

Post by PrivateSnafu »

Thanks guys, I tried both solutions now and both seem to work. From my understanding both might cause trouble with captive portals though, but I can't test it here at the moment.
Locked

Return to “Networking”