[Bug 1624320] Re: systemd-resolved appends 127.0.0.53 to resolv.conf alongside existing entries

Chris Gutierrez 1624320 at bugs.launchpad.net
Tue Sep 18 00:21:20 UTC 2018 

I'll chime in as well.  This bug is absolutely ridiculous. I lost half a
day to this.

I completely agree with Marten in 35:
> This is a blocking issue for non-technical users 

I thought I had some nasty bug with my alexa to ngrok to django set up.
Turns out, name lookups were just slow, causing my Alexa skill to time
out.  Once I figured out the cause, it was a 10m fix, but the hours of
troubleshooting python packages to figure out the issue was just a
waste.

Thank you to those of you who provided the details for the fix.  Saved
me a bunch of time.

To anyone that stumbles on this, I followed 8, 14 and 31 above, removing
the file, relinking, and editing the systemd file to add a nameserver.

Here were my steps, YMMV:
sudo rm -f /etc/resolv.conf
sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf
sudo nano /etc/systemd/resolved.conf

then added the google nameservers to my file, adding this line.
nameserver 8.8.8.8

Good luck!

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1624320

Title:
  systemd-resolved appends 127.0.0.53 to resolv.conf alongside existing
  entries

Status in systemd package in Ubuntu:
  Confirmed

Bug description:
  systemd-resolved, or more precisely the hook script
  /lib/systemd/system/systemd-resolved.service.d/resolvconf.conf, causes
  resolvconf to add 127.0.0.53 to the set of nameservers in
  /etc/resolv.conf alongside the other nameservers.  That makes no sense
  because systemd-resolved sets up 127.0.0.53 as a proxy for those other
  nameservers.  The effect is similar to bug 1624071 but for
  applications doing their own DNS lookups.  It breaks any DNSSEC
  validation that systemd-resolved tries to do; applications will
  failover to the other nameservers, bypassing validation failures.  And
  it makes failing queries take twice as long.

  /etc/resolv.conf should have only 127.0.0.53 when systemd-resolved is
  active.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1624320/+subscriptions

More information about the foundations-bugs mailing list