[Bug 2024320] Re: systemd-resolved: returns SERVFAIL for uknown domain
Nick Rosbrook
2024320 at bugs.launchpad.net
Tue Jun 20 21:37:20 UTC 2023
I do see this behavior on Lunar as well:
root at lunar:~# resolvectl query oops.
oops.: resolve call failed: No appropriate name servers or networks for name found
root at lunar:~# dig oops.
; <<>> DiG 9.18.12-1ubuntu1-Ubuntu <<>> oops.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 21966
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;oops. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Tue Jun 20 20:53:32 UTC 2023
;; MSG SIZE rcvd: 33
root at lunar:~# resolvectl --version
systemd 252 (252.5-2ubuntu3)
+PAM +AUDIT +SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY +P11KIT +QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD -BPF_FRAMEWORK -XKBCOMMON +UTMP +SYSVINIT default-hierarchy=unified
I took a look at the code but I am not sure the best way to address
this. Can you please open an upstream bug
(https://github.com/systemd/systemd/issues) and share the link here? Be
sure to mention that this can be reproduced on v252.
** Changed in: systemd (Ubuntu)
Status: New => Confirmed
** Changed in: systemd (Ubuntu)
Importance: Undecided => Low
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2024320
Title:
systemd-resolved: returns SERVFAIL for uknown domain
Status in systemd package in Ubuntu:
Confirmed
Bug description:
Ubuntu 22.04.2 amd64
systemd: 249.11-0ubuntu3.9
when I ask for non-existing domain, systemd-resolved replies with
SERVFAIL. I believe that correct answer should be NXDOMAIN (this is
reply from public DNS servers, like 1.1.1.1, 8.8.8.8, 9.9.9.9 and
others).
DEMO, I use `khost` utility from package `knot-host`:
CloudFlare DNS, reference, I believe this is expected answer:
$ khost oops. 1.1.1.1
Host oops. type A error: NXDOMAIN
Host oops. type AAAA error: NXDOMAIN
Host oops. type MX error: NXDOMAIN
systemd-resolved, the bug (and the reply is not consistent, MX record
has different error):
$ khost oops.
Host oops. type A error: SERVFAIL
Host oops. type AAAA error: SERVFAIL
Host oops. type MX error: NXDOMAIN
$ khost -v oops.
;; ->>HEADER<<- opcode: QUERY; status: SERVFAIL; id: 15468
;; Flags: qr aa rd ra; QUERY: 1; ANSWER: 0; AUTHORITY: 0; ADDITIONAL: 0
;;oops. IN A
;; Received 22 B
;; Time 2023-06-18 18:27:02 UTC
;; From 127.0.0.53 at 53(UDP) in 0.0 ms
;; ->>HEADER<<- opcode: QUERY; status: SERVFAIL; id: 55107
;; Flags: qr aa rd ra; QUERY: 1; ANSWER: 0; AUTHORITY: 0; ADDITIONAL: 0
;;oops. IN AAAA
;; Received 22 B
;; Time 2023-06-18 18:27:02 UTC
;; From 127.0.0.53 at 53(UDP) in 0.0 ms
;; ->>HEADER<<- opcode: QUERY; status: NXDOMAIN; id: 46585
;; Flags: qr rd ra; QUERY: 1; ANSWER: 0; AUTHORITY: 1; ADDITIONAL: 0
;;oops. IN MX
. 1390 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2023061800 1800 900 604800 86400
;; Received 97 B
;; Time 2023-06-18 18:27:02 UTC
;; From 127.0.0.53 at 53(UDP) in 3.4 ms
Check that DNS is served by systemd-resolved:
$ sudo ss -nlp | grep ":53 "
udp UNCONN 0 0 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=586,fd=13))
tcp LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=586,fd=14))
Check version
$ resolvectl --version
systemd 249 (249.11-0ubuntu3.9)
+PAM +AUDIT +SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT +GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY -P11KIT -QRENCODE +BZIP2 +LZ4 +XZ +ZLIB +ZSTD -XKBCOMMON +UTMP +SYSVINIT default-hierarchy=unified
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2024320/+subscriptions
More information about the foundations-bugs
mailing list