View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0017626 | CentOS-8 | systemd | public | 2020-07-28 22:46 | 2020-07-28 22:56 |
Reporter | vodolaz095 | Assigned To | |||
Priority | normal | Severity | major | Reproducibility | always |
Status | new | Resolution | open | ||
Product Version | 8.2.2004 | ||||
Summary | 0017626: Systemd-resolved do not works with MDNS | ||||
Description | I have local network with few Fedora 31 laptops and Centos8 server. I'm using systemd-resolved on any of this machines. When i try to resolve active local hostnames by resolvectl, it works for fedora 31 ``` [vodolaz095@steel ansible]$ resolvectl query holod.local holod.local: 192.168.1.3 -- link: wlp1s0 -- Information acquired via protocol mDNS/IPv4 in 177.9ms. -- Data is authenticated: no ``` but not works on centos 8 ``` [root@holod vodolaz095]# resolvectl query steel.local steel.local: resolve call failed: 'steel.local' not found ``` I provided `/etc/nsswitch.conf`, `/etc/systemd/resolved.conf` and `resolvectl status` in additional in additional information. Config on all machines are identical, but mdns not works for centos, and works for Fedora 31. Imho configuration i provided in additional information seems sane, and i have no idea why it doesn't works. I'll be very grateful for help. I have feeling systemd-resolved is broken for mDNS in systemd of version 239 provided with Centos8, and its fixed in systemd of version 241 provided with Fedora 31. | ||||
Steps To Reproduce | edit `/etc/nsswitch.conf`, `/etc/systemd/resolved.conf` as provided in additional information. Make `/etc/resolve.conf` symlink to `/run/systemd/resolve/stub-resolv.conf` ``` # systemctl enable --now systemd-resolved # systemctl disable --now avahi-daemon.service # systemctl disable --now avahi-daemon.socket # resolvectl mdns enp3s0 yes # systemctl restart systemd-resolved # resolvectl query something.local ``` | ||||
Additional Information | On Centos8. ``` [root@holod vodolaz095]# systemctl --version systemd 239 +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=legacy ``` On Fedora 31 ``` systemd 243 (v243.8-1.fc31) +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=unified ``` Its worth notice, that `/etc/resolve.conf` is symlink to `/run/systemd/resolve/stub-resolv.conf` on all machines. Avahi is disabled on all machines. Network is controlled by network manager. All interfaces has mdns enabled. ``` [vodolaz095@holod ~]$ cat /etc/sysconfig/network-scripts/ifcfg-enp3s0 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=dhcp DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=enp3s0 UUID=5ed1973d-5613-4f75-a791-877b2969b448 DEVICE=enp3s0 ONBOOT=yes ZONE=home MDNS=yes ``` On both fedora and centos machines ``` [vodolaz095@steel ansible]$ cat /etc/systemd/resolved.conf # This file is part of systemd. # # systemd is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published by # the Free Software Foundation; either version 2.1 of the License, or # (at your option) any later version. # # Entries in this file show the compile time defaults. # You can change settings by editing this file. # Defaults can be restored by simply deleting this file. # # See resolved.conf(5) for details [Resolve] DNS=192.168.1.3 10.0.0.2 10.0.0.3 #FallbackDNS=8.8.8.8 8.8.4.4 2001:4860:4860::8888 2001:4860:4860::8844 #Domains= LLMNR=yes MulticastDNS=yes DNSSEC=no #DNSOverTLS=no #Cache=yes #DNSStubListener=yes #ReadEtcHosts=yes ``` Command `resolvectl status` gives this output for Fedora machine ``` [vodolaz095@steel ansible]$ cat /tmp/resolvectl Global LLMNR setting: yes MulticastDNS setting: yes DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Current DNS Server: 192.168.1.3 DNS Servers: 192.168.1.3 10.0.0.2 10.0.0.3 Fallback DNS Servers: 1.1.1.1 8.8.8.8 1.0.0.1 8.8.4.4 2606:4700:4700::1111 2001:4860:4860::8888 2606:4700:4700::1001 2001:4860:4860::8844 DNSSEC NTA: 10.in-addr.arpa 16.172.in-addr.arpa 168.192.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa corp d.f.ip6.arpa home internal intranet lan local private test Link 27 (vethe6d98c5) Current Scopes: LLMNR/IPv6 DefaultRoute setting: no LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 15 (veth3a5a1eb) Current Scopes: LLMNR/IPv6 DefaultRoute setting: no LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 6 (docker_gwbridge) Current Scopes: LLMNR/IPv4 LLMNR/IPv6 DefaultRoute setting: no LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 5 (docker0) Current Scopes: none DefaultRoute setting: no LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 4 (virbr0-nic) Current Scopes: none DefaultRoute setting: no LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 3 (virbr0) Current Scopes: none DefaultRoute setting: no LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 2 (wlp1s0) Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4 mDNS/IPv6 DefaultRoute setting: yes LLMNR setting: yes MulticastDNS setting: yes DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Current DNS Server: 192.168.1.3 DNS Servers: 192.168.1.3 192.168.1.1 DNS Domain: ~. ``` Command `resolvectl status` gives this output for Centos machine ``` Global LLMNR setting: yes MulticastDNS setting: yes DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Current DNS Server: 10.0.0.2 DNS Servers: 192.168.1.3 10.0.0.2 10.0.0.3 DNS Domain: ~. DNSSEC NTA: 10.in-addr.arpa 16.172.in-addr.arpa 168.192.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa corp d.f.ip6.arpa home internal intranet lan local private test Link 72 (veth0c565fe) Current Scopes: LLMNR/IPv6 LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 64 (veth9d9ad3f) Current Scopes: LLMNR/IPv6 LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 60 (vethd005098) Current Scopes: LLMNR/IPv6 LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 54 (vethf29aec4) Current Scopes: LLMNR/IPv6 LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 43 (veth0eb93fc) Current Scopes: LLMNR/IPv6 LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 39 (veth7e95100) Current Scopes: LLMNR/IPv6 LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 33 (veth1bac4a5) Current Scopes: LLMNR/IPv6 LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 31 (veth44e985b) Current Scopes: LLMNR/IPv6 LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 25 (veth5d0b068) Current Scopes: LLMNR/IPv6 LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 12 (vethc820800) Current Scopes: LLMNR/IPv6 LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 6 (docker_gwbridge) Current Scopes: LLMNR/IPv4 LLMNR/IPv6 LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 5 (docker0) Current Scopes: none LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 4 (tun0) Current Scopes: LLMNR/IPv4 LLMNR/IPv6 LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Link 3 (enp3s0) Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4 mDNS/IPv6 LLMNR setting: yes MulticastDNS setting: yes DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Current DNS Server: 192.168.1.3 DNS Servers: 192.168.1.3 192.168.1.1 DNS Domain: ~. Link 2 (enp4s0) Current Scopes: none LLMNR setting: yes MulticastDNS setting: yes DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no ``` Its worth notice that avahi-daemon is disabled on all machines `/etc/nsswitch.conf` has this string for hosts on both machines (Fedora 31/ Centos 8) ``` hosts: files resolve dns ``` | ||||
Tags | avahi, hostname, mdns, systemd, systemd-resolved | ||||
This is what `journalctl -u systemd-resolved -e` says on centos8 machine when i try to `resolvectl query steel.local` where `steel.local` is fedora 31 laptop working on same network ``` Jul 29 01:53:30 holod systemd-resolved[27136]: Processing query... Jul 29 01:53:35 holod systemd-resolved[27136]: Got message type=method_call sender=:1.223 destination=org.freedesktop.resolve1 path=/org/freedesktop/resolve1 interface=org.> Jul 29 01:53:35 holod systemd-resolved[27136]: idn2_lookup_u8: steel.local → steel.local Jul 29 01:53:35 holod systemd-resolved[27136]: Looking up RR for steel.local IN A. Jul 29 01:53:35 holod systemd-resolved[27136]: Looking up RR for steel.local IN AAAA. Jul 29 01:53:35 holod systemd-resolved[27136]: Sent message type=method_call sender=n/a destination=org.freedesktop.DBus path=/org/freedesktop/DBus interface=org.freedeskto> Jul 29 01:53:35 holod systemd-resolved[27136]: Sent message type=method_call sender=n/a destination=org.freedesktop.DBus path=/org/freedesktop/DBus interface=org.freedeskto> Jul 29 01:53:35 holod systemd-resolved[27136]: Got message type=method_return sender=org.freedesktop.DBus destination=:1.219 path=n/a interface=n/a member=n/a cookie=11 rep> Jul 29 01:53:35 holod systemd-resolved[27136]: NXDOMAIN cache hit for steel.local IN A Jul 29 01:53:35 holod systemd-resolved[27136]: Transaction 5722 for <steel.local IN A> on scope dns on */* now complete with <rcode-failure> from cache (unsigned). Jul 29 01:53:35 holod systemd-resolved[27136]: NXDOMAIN cache hit for steel.local IN A Jul 29 01:53:35 holod systemd-resolved[27136]: Transaction 16251 for <steel.local IN A> on scope dns on enp3s0/* now complete with <rcode-failure> from cache (unsigned). Jul 29 01:53:35 holod systemd-resolved[27136]: Freeing transaction 5722. Jul 29 01:53:35 holod systemd-resolved[27136]: Freeing transaction 16251. Jul 29 01:53:35 holod systemd-resolved[27136]: Sent message type=error sender=n/a destination=:1.223 path=n/a interface=n/a member=n/a cookie=30 reply_cookie=2 signature=s > Jul 29 01:53:35 holod systemd-resolved[27136]: Sent message type=method_call sender=n/a destination=org.freedesktop.DBus path=/org/freedesktop/DBus interface=org.freedeskto> Jul 29 01:53:35 holod systemd-resolved[27136]: Got message type=method_return sender=org.freedesktop.DBus destination=:1.219 path=n/a interface=n/a member=n/a cookie=10 rep> ``` |
|
Firewalld is tunned to allow `mdns` in home zone. and all active connections are in home zone for all machines ``` [root@holod vodolaz095]# firewall-cmd --list-services --zone=home amqp amqps dhcpv6-client dns docker-swarm http https imap imaps lmtp mdns nfs openvpn samba-client smtp smtp-submission ssh syncthing syncthing-gui ``` |
|
Date Modified | Username | Field | Change |
---|---|---|---|
2020-07-28 22:46 | vodolaz095 | New Issue | |
2020-07-28 22:46 | vodolaz095 | Tag Attached: systemd-resolved | |
2020-07-28 22:46 | vodolaz095 | Tag Attached: avahi | |
2020-07-28 22:46 | vodolaz095 | Tag Attached: mdns | |
2020-07-28 22:50 | vodolaz095 | Tag Attached: hostname | |
2020-07-28 22:53 | vodolaz095 | Tag Attached: systemd | |
2020-07-28 22:55 | vodolaz095 | Note Added: 0037437 | |
2020-07-28 22:56 | vodolaz095 | Note Added: 0037438 |