[Bug 1624320] Re: systemd-resolved appends 127.0.0.53 to resolv.conf alongside existing entries

Rick Timmis 1624320 at bugs.launchpad.net
Wed Dec 13 17:19:41 UTC 2017 

Today I discovered some additional information in regard to this issue.

I am using Virt-Manager and KVM, I have a Br0 bridge configured to start
onboot. When this is the case name resolution as above fails.

If I delete the bridge using VMM name resolution starts working ( after
a reboot ). Put the bridge back in and it fails.

I do have 3 network interfaces, 1 wlan, 1 ethernet, and and additional
usb ethernet configured as eth1.

I've configured the 3 interfaces using a persistent-rules file in
/etc/udev/rules.d/ so that they bind to eth0, wlan0 and eth1.

By configuring my VMM Br0 interface to Hotplug, so that it does not
start onboot, this has resolved the issue. However, on Ubuntu 16.04
everything worked as expected including having the Br0 bridge start
onboot.

Can't say I understand what magic SystemD witchcraft is going up here,
but I hope the above info provides some useful clues.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1624320

Title:
  systemd-resolved appends 127.0.0.53 to resolv.conf alongside existing
  entries

Status in systemd package in Ubuntu:
  Confirmed

Bug description:
  systemd-resolved, or more precisely the hook script
  /lib/systemd/system/systemd-resolved.service.d/resolvconf.conf, causes
  resolvconf to add 127.0.0.53 to the set of nameservers in
  /etc/resolv.conf alongside the other nameservers.  That makes no sense
  because systemd-resolved sets up 127.0.0.53 as a proxy for those other
  nameservers.  The effect is similar to bug 1624071 but for
  applications doing their own DNS lookups.  It breaks any DNSSEC
  validation that systemd-resolved tries to do; applications will
  failover to the other nameservers, bypassing validation failures.  And
  it makes failing queries take twice as long.

  /etc/resolv.conf should have only 127.0.0.53 when systemd-resolved is
  active.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1624320/+subscriptions

More information about the foundations-bugs mailing list