DNS - Problem resolving example.com vs google.com

HI.
This is a follow up to my original Squid server thread https://forums.opensuse.org/showthread.php/564820-Squid-not-working-as-expected?p=3097960#post3097960 where I was having issues pinging www.example.com unsuccessfully but www.google.com and other sites ok. This may be a bit long and decided to keep the threads separate as it was more a DNS issue but I found the process interesting.

For this new round of tests my main PC is NOT using proxy at all. The original NetworkManager settings on my PC had a ip4.method of “auto”. This directed the DNS lookups to the ISP provided modem/router at 10.1.1.1.

chris@asus-roc:~> cat /etc/resolv.conf 
### /etc/resolv.conf is a symlink to /var/run/netconfig/resolv.conf
### autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
#     NETCONFIG_DNS_STATIC_SEARCHLIST
#     NETCONFIG_DNS_STATIC_SERVERS
#     NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
#     NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
### Call "netconfig update -f" to force adjusting of /etc/resolv.conf.
search lan asus-roc.lan
nameserver 10.1.1.1
chris@asus-roc:~> 


The modem/router’s DNS settings had been delivered set to my ISP’s ‘choice’ (203.0.178.191/203.215.29.191) but I had reset them to Cloudfare’s DNS 1.1.1.2/1.0.0.2.

In this initial state if I ping www.example.com it would fail -

chris@asus-roc:~> ping www.example.com
ping: www.example.com: Name or service not known
chris@asus-roc:~> 


and tshark show failed responses from 10.1.1.1 -

   17 21.154019127    10.1.1.20 asus-roc.lan 46230 10.1.1.1     dsldevice.lan 53 DNS 75 Standard query 0x9a78 A www.example.com
   18 21.154037973    10.1.1.20 asus-roc.lan 46230 10.1.1.1     dsldevice.lan 53 DNS 75 Standard query 0x2164 AAAA www.example.com
   19 21.155068474     10.1.1.1 dsldevice.lan 53 10.1.1.20    asus-roc.lan 46230 DNS 75 Standard query response 0x9a78 No such name A www.example.com
   20 21.155440387     10.1.1.1 dsldevice.lan 53 10.1.1.20    asus-roc.lan 46230 DNS 75 Standard query response 0x2164 No such name AAAA www.example.com
   21 21.155638649    10.1.1.20 asus-roc.lan 33175 10.1.1.1     dsldevice.lan 53 DNS 79 Standard query 0xdb86 A www.example.com.lan
   22 21.155654569    10.1.1.20 asus-roc.lan 33175 10.1.1.1     dsldevice.lan 53 DNS 79 Standard query 0x388b AAAA www.example.com.lan
   23 21.156618194     10.1.1.1 dsldevice.lan 53 10.1.1.20    asus-roc.lan 33175 DNS 79 Standard query response 0xdb86 No such name A www.example.com.lan
   24 21.157115007     10.1.1.1 dsldevice.lan 53 10.1.1.20    asus-roc.lan 33175 DNS 79 Standard query response 0x388b No such name AAAA www.example.com.lan


If I pinged www.google.com it succeeds -

 chris@asus-roc:~> ping www.google.com
PING www.google.com (142.250.67.4) 56(84) bytes of data.
64 bytes from syd15s16-in-f4.1e100.net (142.250.67.4): icmp_seq=1 ttl=117 time=57.7 ms
64 bytes from syd15s16-in-f4.1e100.net (142.250.67.4): icmp_seq=2 ttl=117 time=57.6 ms
64 bytes from syd15s16-in-f4.1e100.net (142.250.67.4): icmp_seq=3 ttl=117 time=57.6 ms
64 bytes from syd15s16-in-f4.1e100.net (142.250.67.4): icmp_seq=4 ttl=117 time=58.0 ms
^C
--- www.google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 57.598/57.712/57.985/0.158 ms
chris@asus-roc:~>

And tshark shows a successful response -

 
   9 2.647240300    10.1.1.20 asus-roc.lan 48226 10.1.1.1     dsldevice.lan 53 DNS 74 Standard query 0xffd9 A www.google.com
   10 2.647258100    10.1.1.20 asus-roc.lan 48226 10.1.1.1     dsldevice.lan 53 DNS 74 Standard query 0x4cdd AAAA www.google.com
   11 2.656386105     10.1.1.1 dsldevice.lan 53 10.1.1.20    asus-roc.lan 48226 DNS 90 Standard query response 0xffd9 A www.google.com A 142.250.67.4
   12 2.657329836     10.1.1.1 dsldevice.lan 53 10.1.1.20    asus-roc.lan 48226 DNS 102 Standard query response 0x4cdd AAAA www.google.com AAAA 2404:6800:4006:80f::2004


Now using Firefox without DNSoverHTTPS (DoH) (thereby using the 10.1.1.1 DNS) accessing www.example.com would fail.

   19 3.231894174    10.1.1.20 asus-roc.lan 42903 10.1.1.1     dsldevice.lan 53 DNS 75 Standard query 0xb5ae A www.example.com
   20 3.231900164    10.1.1.20 asus-roc.lan 42903 10.1.1.1     dsldevice.lan 53 DNS 75 Standard query 0x1ea0 AAAA www.example.com
   21 3.232897819     10.1.1.1 dsldevice.lan 53 10.1.1.20    asus-roc.lan 42903 DNS 75 Standard query response 0xb5ae No such name A www.example.com
   22 3.233322104     10.1.1.1 dsldevice.lan 53 10.1.1.20    asus-roc.lan 42903 DNS 75 Standard query response 0x1ea0 No such name AAAA www.example.com


But if I use Firefox’s DoH it connects but using Cloudfare’s DNS’s bypassing the 10.1.1.1 DNS.

   23 1.999847695    10.1.1.20 asus-roc.lan 55468 10.1.1.1     dsldevice.lan 53 DNS 84 Standard query 0x2955 A detectportal.firefox.com
   24 1.999863565    10.1.1.20 asus-roc.lan 55468 10.1.1.1     dsldevice.lan 53 DNS 84 Standard query 0x535f AAAA detectportal.firefox.com
   25 2.001105037     10.1.1.1 dsldevice.lan 53 10.1.1.20    asus-roc.lan 55468 DNS 198 Standard query response 0x2955 A detectportal.firefox.com CNAME detectportal.prod.mozaws.net CNAME prod.detectportal.prod.cloudops.mozgcp.net A 34.107.221.82
   26 2.001526718     10.1.1.1 dsldevice.lan 53 10.1.1.20    asus-roc.lan 55468 DNS 210 Standard query response 0x535f AAAA detectportal.firefox.com CNAME detectportal.prod.mozaws.net CNAME prod.detectportal.prod.cloudops.mozgcp.net AAAA 2600:1901:0:38d7::


This indicates to me that the 10.1.1.1 router DNS is “faulty” or still using the original ISP DNS addresses - 203.0.178.191/203.215.29.191 which may have their own issues - even though the router still shows 1.1.1.2/1.0.0.2.

After a bit of research I edited the current NetworkManager’s settings and set the ip4.method to “auto (addresses only)” and provided additional DNS servers 1.1.1.2/1.0.0.2.

This shows me that my system wide DNS servers are now -

chris@asus-roc:~> cat /etc/resolv.conf 
### /etc/resolv.conf is a symlink to /var/run/netconfig/resolv.conf
### autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
#     NETCONFIG_DNS_STATIC_SEARCHLIST
#     NETCONFIG_DNS_STATIC_SERVERS
#     NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
#     NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
### Call "netconfig update -f" to force adjusting of /etc/resolv.conf.
search asus-roc.lan
nameserver 1.1.1.2
nameserver 1.0.0.2
chris@asus-roc:~> 


and that ping www.example.org is ok -

chris@asus-roc:~> ping www.example.com
PING www.example.com (93.184.216.34) 56(84) bytes of data.
64 bytes from 93.184.216.34 (93.184.216.34): icmp_seq=1 ttl=58 time=224 ms
64 bytes from 93.184.216.34 (93.184.216.34): icmp_seq=2 ttl=58 time=224 ms
64 bytes from 93.184.216.34 (93.184.216.34): icmp_seq=3 ttl=58 time=223 ms
64 bytes from 93.184.216.34 (93.184.216.34): icmp_seq=4 ttl=58 time=224 ms
^C
--- www.example.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3001ms
rtt min/avg/max/mdev = 223.269/223.564/223.832/0.199 ms
chris@asus-roc:~> 


tshark -

   16 3.218681095    10.1.1.20    10.1.1.20 47440 1.1.1.2      1.1.1.2      53 DNS 75 Standard query 0xf17b A www.example.com
   17 3.218697129    10.1.1.20    10.1.1.20 47440 1.1.1.2      1.1.1.2      53 DNS 75 Standard query 0x2e77 AAAA www.example.com
   18 3.228142259      1.1.1.2      1.1.1.2 53 10.1.1.20    10.1.1.20    47440 DNS 91 Standard query response 0xf17b A www.example.com A 93.184.216.34
   21 3.430762980      1.1.1.2      1.1.1.2 53 10.1.1.20    10.1.1.20    47440 DNS 103 Standard query response 0x2e77 AAAA www.example.com AAAA 2606:2800:220:1:248:1893:25c8:1946


So there you have it. Is it a router issue with a hardwired DNS addresses regardless of user settings or their addresses themselves?

Are ALL DNS servers equal?

Well this adds to my confusion. Found a test called nslookup.

Used one of the ISP’s DNS servers and things work.

chris@asus-roc:~> nslookup www.example.org 203.0.178.191
Server:        203.0.178.191
Address:    203.0.178.191#53

Non-authoritative answer:
Name:    www.example.org
Address: 93.184.216.34
Name:    www.example.org
Address: 2606:2800:220:1:248:1893:25c8:1946

chris@asus-roc:~>

Used the router ip address and it fails

hris@asus-roc:~> nslookup www.example.org 10.1.1.1
Server:        10.1.1.1
Address:    10.1.1.1#53

** server can't find www.example.org: NXDOMAIN

chris@asus-roc:~>

What does that mean? Getting confused now >:(

Only read the last post with your two nslookup tests.

To me it means that 10.1.1.1 has a functioning DNS server, but that it does not forward requests to a higher level DNS server. May be on purpose (when one wants a DNS server only to serve information from the local domain) or a misconfiguration (or the requests blocked by some router/firewall on the route to the other server).

Your router isn’t properly configured as a DNS server.

My router is configured properly.:wink:

**i3-4130:~ #** nslookup www.example.com 192.168.178.1 
Server:         192.168.178.1 
Address:        192.168.178.1#53 

Non-authoritative answer: 
Name:   www.example.com 
Address: 93.184.216.34 
Name:   www.example.com 
Address: 2606:2800:220:1:248:1893:25c8:1946 

**i3-4130:~ #**
**i3-4130:~ #** resolvectl  
**Global**
           Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=allow-downgrade/unsupported 
    resolv.conf mode: uplink 
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 8.8.8.8#dns.google 1.0.0.1#cloudflare-dns.com 8.8.4.4#dns.google 2606:4700:4700::1111#cloudflare-dns.com 2001:4860:4860::8888#dns.google 2606:4700:4700::1001#cloudflare-dns.com 2001:4860:4860::8844#dns.google 

**Link 2 (eth0)**
Current Scopes: none 
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=allow-downgrade/supported 

**Link 3 (wlan0)**
    Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 
         Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=allow-downgrade/unsupported 
** Current DNS Server: 192.168.178.1 **
       DNS Servers: 192.168.178.1 fd00::a96:d7ff:fee2:d6cf 
        DNS Domain: fritz.box 
**i3-4130:~ #**



There are very few settings for DNS in my router - basically there is only an option to turn it on and specify the public DNS servers.

I need to install systemd-network to get resolvectl installed. But I use NetworkManager. Will there be a clash with these two installed on the same PC?

The same here. However your setup doesn’t work for sure.

I need to install systemd-network to get resolvectl installed. But I use NetworkManager. Will there be a clash with these two installed on the same PC?

It doesn’t hurt as long you don’t enable or start the service. Check as follows:

**erlangen:~ #** systemctl --no-pager -l status systemd-resolved.service  
**●** systemd-resolved.service - Network Name Resolution 
     **Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: disabled) **
     Active: **active (running)** since Wed 2022-01-26 18:46:32 CET; 7h ago 
       Docs: man:systemd-resolved.service(8) 
             man:org.freedesktop.resolve1(5) 
             https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers 
             https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients 
   Main PID: 735 (systemd-resolve) 
     Status: "Processing requests..." 
      Tasks: 1 (limit: 4915) 
        CPU: 151ms 
     CGroup: /system.slice/systemd-resolved.service 
             └─735 /usr/lib/systemd/systemd-resolved 

Jan 26 18:46:32 erlangen systemd[1]: Starting Network Name Resolution... 
Jan 26 18:46:32 erlangen systemd-resolved[735]: Positive Trust Anchors: 
Jan 26 18:46:32 erlangen systemd-resolved[735]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d 
Jan 26 18:46:32 erlangen systemd-resolved[735]: Negative trust anchors: home.arpa 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr .arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa 168.192.in-addr.arpa d.f.ip6.arpa corp home internal intranet lan local private test 
Jan 26 18:46:32 erlangen systemd-resolved[735]: Using system hostname 'erlangen'. 
Jan 26 18:46:32 erlangen systemd[1]: Started Network Name Resolution. 
Jan 27 01:21:53 erlangen systemd-resolved[735]: Clock change detected. Flushing caches. 
**erlangen:~ #**

OK, so I can have systemd-resolved.service running with NetworkManager so long as systemd-networkd.service is disable. I might set up a VM first and play there just to be safe :wink:

OK. systemd-networkd installed with systemd-networkd disable but systems-resolved running. Router’s DNS is being used.

chris@asus-roc:~> systemctl --no-pager -l status systemd-resolved.service 
● systemd-resolved.service - Network Name Resolution
     Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service; disabled; vendor preset: disabled)
     Active: active (running) since Thu 2022-01-27 12:54:29 AWST; 42s ago
       Docs: man:systemd-resolved.service(8)
             man:org.freedesktop.resolve1(5)
             https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
             https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients
   Main PID: 17934 (systemd-resolve)
     Status: "Processing requests..."
      Tasks: 1 (limit: 4915)
        CPU: 80ms
     CGroup: /system.slice/systemd-resolved.service
             └─17934 /usr/lib/systemd/systemd-resolved

Jan 27 12:54:29 asus-roc.lan systemd[1]: Starting Network Name Resolution...
Jan 27 12:54:29 asus-roc.lan systemd-resolved[17934]: Positive Trust Anchors:
Jan 27 12:54:29 asus-roc.lan systemd-resolved[17934]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d
Jan 27 12:54:29 asus-roc.lan systemd-resolved[17934]: Negative trust anchors: home.arpa 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa 168.192.in-addr.arpa d.f.ip6.arpa corp home internal intranet lan local private test
Jan 27 12:54:29 asus-roc.lan systemd-resolved[17934]: Using system hostname 'asus-roc.lan'.
Jan 27 12:54:29 asus-roc.lan systemd[1]: Started Network Name Resolution.
Jan 27 12:54:29 asus-roc.lan systemd-resolved[17934]: eth0: Bus client set search domain list to: lan, lan
Jan 27 12:54:29 asus-roc.lan systemd-resolved[17934]: eth0: Bus client set default route setting: yes
Jan 27 12:54:29 asus-roc.lan systemd-resolved[17934]: eth0: Bus client set DNS server list to: 10.1.1.1, fe80::1213:31ff:fe61:7d8e


Now -

chris@asus-roc:~> resolvectl 
Global
           Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=allow-downgrade/supported
    resolv.conf mode: foreign
  Current DNS Server: 10.1.1.1
         DNS Servers: 10.1.1.1
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 8.8.8.8#dns.google 1.0.0.1#cloudflare-dns.com 8.8.4.4#dns.google
                      2606:4700:4700::1111#cloudflare-dns.com 2001:4860:4860::8888#dns.google
                      2606:4700:4700::1001#cloudflare-dns.com 2001:4860:4860::8844#dns.google
          DNS Domain: asus-roc.lan lan

Link 2 (eth0)
    Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
         Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=allow-downgrade/supported
Current DNS Server: 10.1.1.1
       DNS Servers: 10.1.1.1 fe80::1213:31ff:fe61:7d8e%21904
        DNS Domain: lan
chris@asus-roc:~>

Our resolverctl outputs look the same except for the ‘resolv.conf’ line.

Switching back to the DNS set via NetworkManager -

chris@asus-roc:~> resolvectl 
Global
           Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=allow-downgrade/supported
    resolv.conf mode: foreign
  Current DNS Server: 1.1.1.2
         DNS Servers: 1.1.1.2 1.0.0.2
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 8.8.8.8#dns.google 1.0.0.1#cloudflare-dns.com 8.8.4.4#dns.google
                      2606:4700:4700::1111#cloudflare-dns.com 2001:4860:4860::8888#dns.google
                      2606:4700:4700::1001#cloudflare-dns.com 2001:4860:4860::8844#dns.google
          DNS Domain: asus-roc.lan

Link 2 (eth0)
    Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
         Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=allow-downgrade/supported
Current DNS Server: 1.1.1.2
       DNS Servers: 1.1.1.2 1.0.0.2 fe80::1213:31ff:fe61:7d8e%22034
        DNS Domain: lan
chris@asus-roc:~>

Nothing obvious jumps out at me.

Obviously you tried “nslookup www.example.org 10.1.1.1” but actually it should have been 1.1.1.2:

**erlangen:~ #**  resolvectl query example.org 
example.org: **2606:2800:220:1:248:1893:25c8:1946**-- link: eth0
             **93.184.216.34**-- link: eth0

-- Information acquired via protocol DNS in 141.2ms.
-- Data is authenticated: yes; Data was acquired via local or encrypted transport: no
-- Data from: network
**erlangen:~ #** nslookup www.example.com 192.168.178.1  
Server:         192.168.178.1 
Address:        192.168.178.1#53 

Non-authoritative answer: 
Name:   www.example.com 
Address: 93.184.216.34 
Name:   www.example.com 
Address: 2606:2800:220:1:248:1893:25c8:1946 

**erlangen:~ #** 

Try: nslookup www.example.org 1.1.1.2.

Ok, set back to using the router’s DNS -

chris@asus-roc:~> nslookup www.example.org 1.1.1.2
Server:        1.1.1.2
Address:    1.1.1.2#53

Non-authoritative answer:
Name:    www.example.org
Address: 93.184.216.34
Name:    www.example.org
Address: 2606:2800:220:1:248:1893:25c8:1946


chris@asus-roc:~> resolvectl query example.org
example.org: resolve call failed: 'example.org' not found

chris@asus-roc:~> resolvectl query google.com
google.com: 2404:6800:4006:804::200e           -- link: eth0
            142.250.204.14                     -- link: eth0

-- Information acquired via protocol DNS in 11.8ms.
-- Data is authenticated: no; Data was acquired via local or encrypted transport: no
-- Data from: network


I must confess that I’m getting lost now :(.

Something is rotten in your setup. For troubleshooting consider a temporary switch (switching back is easy): Network Management With Systemd - openSUSE Wiki

BTW: All my openSUSE desktop machines use systemd-networkd / systemd-resolved.

I’m assuming you mean kill NetworkManager and use the systemd-networkd instead?

But for what it is worth here is my Networkmanager setup

chris@asus-roc:~> nmcli connection show Ethernet\ connection\ 1 
connection.id:                          Ethernet connection 1
connection.uuid:                        a7ba5374-20aa-40d5-baed-b5aeac05e059
connection.stable-id:                   --
connection.type:                        802-3-ethernet
connection.interface-name:              eth0
connection.autoconnect:                 yes
connection.autoconnect-priority:        0
connection.autoconnect-retries:         -1 (default)
connection.multi-connect:               0 (default)
connection.auth-retries:                -1
connection.timestamp:                   1643362279
connection.read-only:                   no
connection.permissions:                 --
connection.zone:                        --
connection.master:                      --
connection.slave-type:                  --
connection.autoconnect-slaves:          -1 (default)
connection.secondaries:                 --
connection.gateway-ping-timeout:        0
connection.metered:                     unknown
connection.lldp:                        default
connection.mdns:                        -1 (default)
connection.llmnr:                       -1 (default)
connection.wait-device-timeout:         -1
802-3-ethernet.port:                    --
802-3-ethernet.speed:                   0
802-3-ethernet.duplex:                  --
802-3-ethernet.auto-negotiate:          no
802-3-ethernet.mac-address:             (I've hidden this)
802-3-ethernet.cloned-mac-address:      --
802-3-ethernet.generate-mac-address-mask:--
802-3-ethernet.mac-address-blacklist:   --
802-3-ethernet.mtu:                     auto
802-3-ethernet.s390-subchannels:        --
802-3-ethernet.s390-nettype:            --
802-3-ethernet.s390-options:            --
802-3-ethernet.wake-on-lan:             default
802-3-ethernet.wake-on-lan-password:    --
802-3-ethernet.accept-all-mac-addresses:-1 (default)
ipv4.method:                            auto
ipv4.dns:                               1.1.1.2,1.0.0.2
ipv4.dns-search:                        --
ipv4.dns-options:                       --
ipv4.dns-priority:                      0
ipv4.addresses:                         --
ipv4.gateway:                           --
ipv4.routes:                            --
ipv4.route-metric:                      -1
ipv4.route-table:                       0 (unspec)
ipv4.routing-rules:                     --
ipv4.ignore-auto-routes:                no
ipv4.ignore-auto-dns:                   yes
ipv4.dhcp-client-id:                    --
ipv4.dhcp-iaid:                         --
ipv4.dhcp-timeout:                      0 (default)
ipv4.dhcp-send-hostname:                yes
ipv4.dhcp-hostname:                     --
ipv4.dhcp-fqdn:                         --
ipv4.dhcp-hostname-flags:               0x0 (none)
ipv4.never-default:                     no
ipv4.may-fail:                          yes
ipv4.required-timeout:                  -1 (default)
ipv4.dad-timeout:                       -1 (default)
ipv4.dhcp-vendor-class-identifier:      --
ipv4.dhcp-reject-servers:               --
ipv6.method:                            auto
ipv6.dns:                               --
ipv6.dns-search:                        --
ipv6.dns-options:                       --
ipv6.dns-priority:                      0
ipv6.addresses:                         --
ipv6.gateway:                           --
ipv6.routes:                            --
ipv6.route-metric:                      -1
ipv6.route-table:                       0 (unspec)
ipv6.routing-rules:                     --
ipv6.ignore-auto-routes:                no
ipv6.ignore-auto-dns:                   yes
ipv6.never-default:                     no
ipv6.may-fail:                          yes
ipv6.required-timeout:                  -1 (default)
ipv6.ip6-privacy:                       0 (disabled)
ipv6.addr-gen-mode:                     stable-privacy
ipv6.ra-timeout:                        0 (default)
ipv6.dhcp-duid:                         --
ipv6.dhcp-iaid:                         --
ipv6.dhcp-timeout:                      0 (default)
ipv6.dhcp-send-hostname:                yes
ipv6.dhcp-hostname:                     --
ipv6.dhcp-hostname-flags:               0x0 (none)
ipv6.token:                             --
proxy.method:                           none
proxy.browser-only:                     no
proxy.pac-url:                          --
proxy.pac-script:                       --
GENERAL.NAME:                           Ethernet connection 1
GENERAL.UUID:                           a7ba5374-20aa-40d5-baed-b5aeac05e059
GENERAL.DEVICES:                        eth0
GENERAL.IP-IFACE:                       eth0
GENERAL.STATE:                          activated
GENERAL.DEFAULT:                        yes
GENERAL.DEFAULT6:                       no
GENERAL.SPEC-OBJECT:                    --
GENERAL.VPN:                            no
GENERAL.DBUS-PATH:                      /org/freedesktop/NetworkManager/ActiveC>
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/Setting>
GENERAL.ZONE:                           --
GENERAL.MASTER-PATH:                    --
IP4.ADDRESS[1]:                         10.1.1.20/24
IP4.GATEWAY:                            10.1.1.1
IP4.ROUTE[1]:                           dst = 0.0.0.0/0, nh = 10.1.1.1, mt = 100
IP4.ROUTE[2]:                           dst = 10.1.1.0/24, nh = 0.0.0.0, mt = 1>
IP4.DNS[1]:                             1.1.1.2
IP4.DNS[2]:                             1.0.0.2
DHCP4.OPTION[1]:                        broadcast_address = 10.1.1.255
DHCP4.OPTION[2]:                        dad_wait_time = 0
DHCP4.OPTION[3]:                        dhcp_lease_time = 86400
DHCP4.OPTION[4]:                        dhcp_message_type = 5
DHCP4.OPTION[5]:                        dhcp_rebinding_time = 75600
DHCP4.OPTION[6]:                        dhcp_renewal_time = 43200
DHCP4.OPTION[7]:                        dhcp_server_identifier = 10.1.1.1
DHCP4.OPTION[8]:                        domain_name = lan
DHCP4.OPTION[9]:                        domain_name_servers = 10.1.1.1
DHCP4.OPTION[10]:                       expiry = 1643447875
DHCP4.OPTION[11]:                       host_name = asus-roc
DHCP4.OPTION[12]:                       ip_address = 10.1.1.20
DHCP4.OPTION[13]:                       network_number = 10.1.1.0
DHCP4.OPTION[14]:                       next_server = 10.1.1.1
DHCP4.OPTION[15]:                       requested_broadcast_address = 1
DHCP4.OPTION[16]:                       requested_domain_name = 1
DHCP4.OPTION[17]:                       requested_domain_name_servers = 1
DHCP4.OPTION[18]:                       requested_domain_search = 1
DHCP4.OPTION[19]:                       requested_host_name = 1
DHCP4.OPTION[20]:                       requested_interface_mtu = 1
DHCP4.OPTION[21]:                       requested_ms_classless_static_routes = 1
DHCP4.OPTION[22]:                       requested_nds_context = 1
DHCP4.OPTION[23]:                       requested_nds_servers = 1
DHCP4.OPTION[24]:                       requested_nds_tree_name = 1
DHCP4.OPTION[25]:                       requested_netbios_dd_server = 1
DHCP4.OPTION[26]:                       requested_netbios_name_servers = 1
DHCP4.OPTION[27]:                       requested_netbios_node_type = 1
DHCP4.OPTION[28]:                       requested_netbios_scope = 1
DHCP4.OPTION[29]:                       requested_nis_domain = 1
DHCP4.OPTION[30]:                       requested_nis_servers = 1
DHCP4.OPTION[31]:                       requested_ntp_servers = 1
DHCP4.OPTION[32]:                       requested_rfc3442_classless_static_rout>
DHCP4.OPTION[33]:                       requested_root_path = 1
DHCP4.OPTION[34]:                       requested_routers = 1
DHCP4.OPTION[35]:                       requested_static_routes = 1
DHCP4.OPTION[36]:                       requested_subnet_mask = 1
DHCP4.OPTION[37]:                       requested_wpad = 1
DHCP4.OPTION[38]:                       routers = 10.1.1.1
DHCP4.OPTION[39]:                       subnet_mask = 255.255.255.0
IP6.ADDRESS[1]:                         fd6c:1c5d:8413:0:f41b:24bf:51ae:29de/64
IP6.ADDRESS[2]:                         fe80::300c:595d:d756:a655/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 100
IP6.ROUTE[2]:                           dst = fd6c:1c5d:8413::/48, nh = fe80::1>
IP6.ROUTE[3]:                           dst = fd6c:1c5d:8413::/64, nh = ::, mt >
DHCP6.OPTION[1]:                        dad_wait_time = 0
DHCP6.OPTION[2]:                        dhcp6_client_id = 0:4:fa:cf:eb:a6:e1:b4>
DHCP6.OPTION[3]:                        dhcp6_domain_search = lan.
DHCP6.OPTION[4]:                        dhcp6_inf_max_rt = 60
DHCP6.OPTION[5]:                        dhcp6_info_refresh_time = 600
DHCP6.OPTION[6]:                        dhcp6_name_servers = fe80::1213:31ff:fe>
DHCP6.OPTION[7]:                        dhcp6_server_id = 0:3:0:1:10:13:31:61:7>
DHCP6.OPTION[8]:                        requested_dhcp6_client_id = 1
DHCP6.OPTION[9]:                        requested_dhcp6_domain_search = 1
DHCP6.OPTION[10]:                       requested_dhcp6_name_servers = 1
DHCP6.OPTION[11]:      

No. You will disable and stop it. This preserves the configuration.

Create the following file:

**i3-4130:~ #** cat **/etc/systemd/network/ethernet.network**  
**[Match] 
Name=e* 

[Network] 
DHCP=yes 
Domains=lan**
**i3-4130:~ #**

For details refer to the above link.

Well I’m stumped. I followed page you linked.

NetworkManager and wicked disabled

chris@asus-roc:~> systemctl list-unit-files 'Network*'
UNIT FILE                          STATE    VENDOR PRESET
NetworkManager-dispatcher.service  disabled disabled     
NetworkManager-wait-online.service disabled disabled     
NetworkManager.service             disabled disabled     

3 unit files listed.
chris@asus-roc:~> systemctl list-unit-files 'wick*'
UNIT FILE             STATE    VENDOR PRESET
wicked.service        disabled disabled     
wickedd-auto4.service disabled disabled     
wickedd-dhcp4.service disabled disabled     
wickedd-dhcp6.service disabled disabled     
wickedd-nanny.service disabled disabled     
wickedd-pppd@.service static   -            
wickedd.service       indirect disabled     

7 unit files listed.
chris@asus-roc:~> 



DNS thing disabled

chris@asus-roc:~> grep NETCONFIG_DNS_POLICY /etc/sysconfig/network/config
#NETCONFIG_DNS_POLICY="auto"
NETCONFIG_DNS_POLICY=""
ch

Network file created

chris@asus-roc:~> cat /etc/systemd/network/ethernet.network 
[Match] 
Name=e* 

[Network] 
DHCP=yes 
Domains=lan
chris@asus-roc:~> 



Services started etc

chris@asus-roc:~> networkctl 
IDX LINK TYPE     OPERATIONAL SETUP     
  1 lo   loopback carrier     unmanaged
  2 eth0 ether    routable    configured

2 links listed.
chris@asus-roc:~>

Resolv.conf symlink changed

chris@asus-roc:~> ll /etc/resolv.conf
lrwxrwxrwx 1 root root 32 Jan 29 18:19 /etc/resolv.conf -> /run/systemd/resolve/resolv.conf
chris@asus-roc:~>

chris@asus-roc:~> resolvectl
Global
           Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=allow-downgrade/supported
    resolv.conf mode: uplink
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 8.8.8.8#dns.google
                      1.0.0.1#cloudflare-dns.com 8.8.4.4#dns.google
                      2606:4700:4700::1111#cloudflare-dns.com
                      2001:4860:4860::8888#dns.google
                      2606:4700:4700::1001#cloudflare-dns.com
                      2001:4860:4860::8844#dns.google

Link 2 (eth0)
    Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
         Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS
                    DNSSEC=allow-downgrade/supported
Current DNS Server: 10.1.1.1
       DNS Servers: 10.1.1.1 fe80::1213:31ff:fe61:7d8e%21932
        DNS Domain: lan
chris@asus-roc:~> 



Rebooted. But it is still the same -

chris@asus-roc:~> nslookup example.com 10.1.1.1
Server:        10.1.1.1
Address:    10.1.1.1#53

** server can't find example.com: NXDOMAIN

chris@asus-roc:~> nslookup example.com 1.1.1.2
Server:        1.1.1.2
Address:    1.1.1.2#53

Non-authoritative answer:
Name:    example.com
Address: 93.184.216.34
Name:    example.com
Address: 2606:2800:220:1:248:1893:25c8:1946

chris@asus-roc:~> ping www.example.com
ping: www.example.com: Name or service not known
chris@asus-roc:~> 

ggggggggggggggggggggggggg

I found these in journalctl, are they a clue?

Jan 29 18:44:08 asus-roc.lan systemd-resolved[1239]: Using degraded feature set UDP instead of UDP+EDNS0+DO for DNS server 10.1.1.1.
Jan 29 18:44:08 asus-roc.lan systemd-resolved[1239]: 🡕] Server 10.1.1.1 does not support DNSSEC, downgrading to non-DNSSEC mode.
Jan 29 18:45:04 asus-roc.lan sudo[4044]: gkr-pam: unable to locate daemon control file
Jan 29 18:45:04 asus-roc.lan sudo[4044]: gkr-pam: stashed password to try later in open session
Jan 29 18:45:04 asus-roc.lan sudo[4044]:    chris : TTY=pts/0 ; PWD=/home/chris ; USER=root ; COMMAND=/usr/bin/journalctl -f
Jan 29 18:45:04 asus-roc.lan sudo[4044]: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=1000)
Jan 29 18:45:04 asus-roc.lan kernel: "filter_IN_public_REJECT: "IN=eth0 OUT= MAC=(redacted by me) SRC=10.1.1.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 



Jan 29 18:47:09 asus-roc.lan kernel: "filter_IN_public_REJECT: "IN=eth0 OUT= MAC=(redacted by me) SRC=10.1.1.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 


Presumably DNS of your router is broken and resolved switches to fallback server. Show full output of unit:

**erlangen:~ #** journalctl -b -u systemd-resolved.service --no-pager 
Jan 29 19:19:14 erlangen systemd[1]: Starting Network Name Resolution... 
Jan 29 19:19:14 erlangen systemd-resolved[733]: Positive Trust Anchors: 
Jan 29 19:19:14 erlangen systemd-resolved[733]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d 
Jan 29 19:19:14 erlangen systemd-resolved[733]: Negative trust anchors: home.arpa 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr
.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa 168.192.in-addr.arpa d.f.ip6.arpa corp home internal intranet lan local private test 
Jan 29 19:19:14 erlangen systemd-resolved[733]: Using system hostname 'erlangen'. 
Jan 29 19:19:14 erlangen systemd[1]: Started Network Name Resolution. 
**erlangen:~ #**

Here tis -

chris@asus-roc:~> sudo journalctl -b -u systemd-resolved.service --no-pager
[sudo] password for root: 
Journal file /var/log/journal/514041a033454edc8c63fae67c0830e1/user-1000@0005d55b74123179-8c57b74c34c34d0c.journal~ is truncated, ignoring file.
Jan 30 08:39:37 asus-roc systemd[1]: Starting Network Name Resolution...
Jan 30 08:39:37 asus-roc systemd-resolved[1227]: Positive Trust Anchors:
Jan 30 08:39:37 asus-roc systemd-resolved[1227]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d
Jan 30 08:39:37 asus-roc systemd-resolved[1227]: Negative trust anchors: home.arpa 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa 168.192.in-addr.arpa d.f.ip6.arpa corp home internal intranet lan local private test
Jan 30 08:39:37 asus-roc systemd-resolved[1227]: Using system hostname 'asus-roc'.
Jan 30 08:39:37 asus-roc systemd[1]: Started Network Name Resolution.
Jan 30 08:39:43 asus-roc.lan systemd-resolved[1227]: System hostname changed to 'asus-roc.lan'.
Jan 30 08:39:45 asus-roc.lan systemd-resolved[1227]: Clock change detected. Flushing caches.
chris@asus-roc:~>

Looks the same as yours to me. I’m wondering if we’re chasing phantoms here and I am wasting your time (though it is very much appreciated!). This box was an Offline Upgrade from Leap 15.2 to tumbleweed. I ran a KVM/QEMU tumbleweed VM and that seemed to work as expected with NetworkManager - I’ll double check tomorrow.

Thanks,
Chris.

You’re welcome. Some minor comment:

  1. Use “su -” instead of “sudo …”.

  2. Use static host names to avoid changes:

**erlangen:~ #** hostnamectl  
 Static hostname: erlangen 
       Icon name: computer-desktop 
         Chassis: desktop 
        Location: home 
      Machine ID: 94f3af277bac4a8eb57da425c9677379 
         Boot ID: c18d80dc83104381a1e42a01a80add52 
Operating System: openSUSE Tumbleweed                 
     CPE OS Name: cpe:/o:opensuse:tumbleweed:20220128 
          Kernel: Linux 5.16.2-1-default 
    Architecture: x86-64 
 Hardware Vendor: To Be Filled By O.E.M. 
  Hardware Model: To Be Filled By O.E.M. 
**erlangen:~ #**

  1. A misconfigured resolver can be annoying. Make sure it works for any name and caching works properly:
**erlangen:~ #** resolvectl query example.org                
example.org: 2606:2800:220:1:248:1893:25c8:1946-- link: eth0
             93.184.216.34-- link: eth0

**-- Information acquired via protocol DNS in 72.4ms.**
-- Data is authenticated: yes; Data was acquired via local or encrypted transport: no
**-- Data from: cache network**
**erlangen:~ #** resolvectl query example.org 
example.org: 2606:2800:220:1:248:1893:25c8:1946-- link: eth0
             93.184.216.34-- link: eth0

**-- Information acquired via protocol DNS in 755us.**
-- Data is authenticated: yes; Data was acquired via local or encrypted transport: no
**-- Data from: cache**
**erlangen:~ #**


Just to finish this off, I built a new tumbleweed in a VM. I also have 2 laptops running arch. Using the same NetworkManager settings where DNS is via the ISP router I get that example.com issue. Set al NetworkManagers to use DHCP addresses only and specify 1.1.1.2,1.0.0.2 in it’s setup, example.com responds.

Problem surely has to be in the ISP router.
One day if my pension returns a decent dividend (hardly these days) I will buy a NUC or something similar and run pfSense - I love to dabble :wink: