Re: 127.0.0.53 question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12/17/22 12:32, ToddAndMargo via users wrote:
On 12/17/22 12:22, ToddAndMargo via users wrote:
On 12/17/22 11:47, Samuel Sieb wrote:
On 12/17/22 11:40, ToddAndMargo via users wrote:
On 12/16/22 22:54, Samuel Sieb wrote:
On 12/16/22 22:44, ToddAndMargo via users wrote:
On 12/16/22 22:11, Samuel Sieb wrote:
On 12/16/22 21:18, ToddAndMargo via users wrote:
On 12/16/22 20:23, Mike Wright wrote:
127.0.0.0/8 is the loopback address.  That means that any IP that begins with 127 is a valid loopback address.  The three 0's can each be any number from 0 through 255.


So the 127.0.0.53 was the bind guys being sneaky!

That's not bind.  systemd-resolved is on 127.0.0.53 and 127.0.0.54 on my system.  bind would most likely try to get 127.0.0.1 as you demonstrated in your other email.  If you want systemd-resolved to use your bind server instead of the dhcp offered one, then modify /etc/systemd/resolved.conf to set 127.0.0.1 as the primary DNS server.

Named/bind uses port 53

$ grep -i 53 /etc/services
domain          53/tcp     # name-domain server
domain          53/udp

Not sure what your point is here.  Yes, they *all* use port 53, but on different IP addresses.  By default, resolv.conf points to systemd-resolved, so you need to tell that to pass it on to bind.

Everything is commented out in my
     /etc/systemd/resolved.conf

Yes, so you need to uncomment the DNS line and edit it.

I set DNS=127.0.0.1

No Joy.  It was still random

# systemctl restart systemd-resolved.service


Then I tried DNS=127.0.0.1:53 and it is working
stable and fast, for now.  I have thought I
had it working several times before, but got
my heart broken.

And now it is failing again.

It begs the question, if /etc/resolv.conf states

     nameserver 127.0.0.53

why do I need to explicitly tell resolved what it
is in resolved.conf.

I think you're still missing the difference here.  127.0.0.53 is systemd-resolved.  Your bind is at 127.0.0.1.  You need to tell resolved to pass the requests to bind.

What does "resolvectl" show?

Then put the DNS entry back in the config and restart resolved and try "resolvectl" again.


All this silliness started as of Fedora Core 37.
There were no issues with 36.

eno2 is my internet connected Ethernet port


# host gbis.com
;; communications error to 127.0.0.53#53: timed out
;; communications error to 127.0.0.53#53: timed out
;; no servers could be reached

And two minutes later:
# host gbis.com
gbis.com has address 54.151.57.48
gbis.com mail is handled by 0 gbis.com.

But it does not hold.  Back and forth and
back and forth




# cat /etc/resolv.conf

nameserver 127.0.0.53
options edns0 trust-ad
search .



# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window irtt Iface 0.0.0.0         192.168.250.1   0.0.0.0         UG        0 0 0 eno2 192.168.122.0   0.0.0.0         255.255.255.0   U         0 0 0 virbr0 192.168.250.0   0.0.0.0         255.255.255.0   U         0 0 0 eno2 192.168.255.0   0.0.0.0         255.255.255.0   U         0 0 0 br0


I tried setting DNS= to my IP address of br0.  It shows
up in resolvectl, but not /etc/resolv.conf.

If I set nameserver in resolv.conf to my IP address
of br0, it work great, until resolved over writes it
with 127.0.0.53 next tile I exhale.


with DNS= commented out
Looks like it is working to me:
         Current DNS Server: 127.0.0.1
         DNS Servers: 127.0.0.1



# resolvectl  (all DNF= commented out)
Global
        Protocols: LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub

Link 2 (eno2)
     Current Scopes: DNS LLMNR/IPv4
          Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 127.0.0.1
        DNS Servers: 127.0.0.1

Link 3 (eno1)
Current Scopes: none
      Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 4 (br0)
Current Scopes: none
      Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 5 (virbr0)
Current Scopes: none
      Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported



This might be a hint:  Global and eno2 are different
when I set

   DNS=192.168.255.10:53

# systemctl restart systemd-resolved.service

# resolvectl
Global
          Protocols: LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
   resolv.conf mode: stub
Current DNS Server: 192.168.255.10
        DNS Servers: 192.168.255.10

Link 2 (eno2)
     Current Scopes: DNS LLMNR/IPv4
         Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 127.0.0.1
        DNS Servers: 127.0.0.1

Link 3 (eno1)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 4 (br0)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 5 (virbr0)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported


Fixed the [expletive deleted]

   # dnf remove resolvconf
   # dnf install resolvconf  --releasever=36
   # vi /etc/dnf/dnf.conf
     excludepkgs=resolvconf
   reboot

The ball is back in Fedora's court:
   systemd-resolved messes up bind
   https://bugzilla.redhat.com/show_bug.cgi?id=2154484

_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue



[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux