> On 26 Oct 2022, at 20:17, Thomas HUMMEL <thomas.hummel@xxxxxxxxxx> wrote: > > Hello, > > I'm not sure if this is a systemd-resolved or NetworkManager question but it involves both (I know Thomas HALLER is a member of this list too) > > on > > Fedora release 36 (Thirty Six) using the following kernel and packages > > 5.19.16-200.fc36.x86_64 #1 SMP PREEMPT_DYNAMIC > > systemd-250.8-1.fc36.x86_64 > systemd-resolved-250.8-1.fc36.x86_64 > NetworkManager-1.38.4-1.fc36.x86_64 > > I'm using a proprietary vpn client which does not seem to work very well with systemd-resolved. As a matter of fact it seems to create a manual NM profile which does not include dns properties and it seems to (try to) set /etc/resolv.conf aside (F5 vpn linux client f5fpc for the record) > > Making it work is not the question here. I'm trying to understand how the 2 nameservers it configures may end up in /run/systemd/resolve/resolv.conf (and global systemd-resolved config as shown by resolvectl status) ONLY when I switch from a non systemd-resolved config then back to a systemd-resolved config Can you hook into the vpn client and intercept it doing the dns changes? I do that for the vpn client used a work to solve integration issues. In my case its a matter of the right options to use a wrapper around resolvectl that fixes things before calling the real resolvectl. Barry > > Here's exactly what I'm doing/experiencing: > > Starting from > > a) default NetworkManager config: > > # grep -iE 'dns|rc\.manager' NetworkManager.conf > # ls -l conf.d/ > total 0 > > b) systemd-resolved stub-resolv.conf mode: > > # ls -l /etc/resolv.conf > lrwxrwxrwx 1 root root 37 Oct 26 19:15 /etc/resolv.conf -> /run/systemd/resolve/stub-resolv.conf > > and with (not linked from /etc/resolv.conf) : > > /run/systemd/resolve/resolve.conf following content: > > nameserver 192.168.1.1 > nameserver 2a01:cb00:7e1:3300:aa6a:bbff:fe6e:190 > search home > > matching my auto wireless NM profile > > 1) I start the vpn client > > obviously it does not work very well with systemd-resolved as I don't get corresponding nameserver (10.33.1.2,10.33.1.3) anywhere and name resolution does not work for corresponding zones > > /run/systemd/resolve/resolve.conf content has not changed > > 2) I stop the vpn client, and switch to the following setup > > # rm /etc/resolv.conf > rm: remove symbolic link '/etc/resolv.conf'? y > > # cat <<EOF > /etc/NetworkManager/conf.d/foo.conf > > [main] > > dns=default > > rc.manager=file > > EOF > > # reboot > > -> after the reboot the /etc/resolv.conf link as been recreated : why ? > > (/run/systemd/resolve/resolv.conf hasn't changed, which seems normal to me) > > 3) I remove it again and reboot > > # rm /etc/resolv.conf > rm: remove symbolic link '/etc/resolv.conf'? y > > # reboot > > -> this time /etc/resolv.conf is as expected a regular file which content is handled by NM: > > $ ls -l /etc/resolv.conf > -rw-r--r-- 1 root root 114 Oct 26 20:22 /etc/resolv.conf > $ cat /etc/resolv.conf > # Generated by NetworkManager > search home > nameserver 192.168.1.1 > nameserver 2a01:cb00:7e1:3300:aa6a:bbff:fe6e:190 > > > 4) I start the vpn client > > it wrote to /etc/resolv.conf (which seems wrong to me but is out of scope here) > > $ cat /etc/resolv.conf > #F5 Networks Inc. :File modified by VPN process > search pasteur.fr home > nameserver 10.33.1.2 > nameserver 10.33.1.3 > > the 2 nameservers it provided do not appear in /run/systemd/resolve/resolv.conf > > 6) I stop the vpn client switch back to my orgininal config, and reboot > > # rm /etc/NetworkManager/conf.d/foo.conf > rm: remove regular file '/etc/NetworkManager/conf.d/foo.conf'? y > > # rm /etc/resolv.conf > rm: remove regular file '/etc/resolv.conf'? y > > # ln -s /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf > > # reboot > > -> everything looks as expected > > 7) I start the vpn client > > -> its provided nameserver appear in /run/systemd/resolv/resolv.conf (and resolution of related zones work) > > -> why ? Where does the info come from ? > > nameserver 10.33.1.2 > nameserver 10.33.1.3 > nameserver 192.168.1.1 > # Too many DNS servers configured, the following entries may be ignored. > nameserver 2a01:cb00:7e1:3300:aa6a:bbff:fe6e:190 > search pasteur.fr home > > Can you help me figure out what's happening or at least how can the behavior seem to change with what seem a rollback to the initial state ? > > Thanks for your help > > -- > Thomas HUMMEL >
Re: systemd-resolved/NetworkManager resolv.conf handling
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: systemd-resolved/NetworkManager resolv.conf handling
- From: Barry <barry@xxxxxxxxxxxxxxxx>
- Date: Thu, 27 Oct 2022 14:25:28 +0100
- Cc: systemd-devel@xxxxxxxxxxxxxxxxxxxxx
- In-reply-to: <39ece6d7-51c8-7651-c377-c41f21927d0b@pasteur.fr>
- References: <39ece6d7-51c8-7651-c377-c41f21927d0b@pasteur.fr>
- References:
- systemd-resolved/NetworkManager resolv.conf handling
- From: Thomas HUMMEL
- systemd-resolved/NetworkManager resolv.conf handling
- Prev by Date: Re: How to get a useful peer address when doing accept(3, ...) on a systemd supplied listening socket
- Next by Date: systemctl, unclear error msg/warning, "Refusing to accept PID outside of service control group..."
- Previous by thread: systemd-resolved/NetworkManager resolv.conf handling
- Next by thread: Re: systemd-resolved/NetworkManager resolv.conf handling
- Index(es):
 |