systemd-resolved would retry DNSSEC after some time.
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| systemd (Ubuntu) |
Won't Fix
|
Undecided
|
Unassigned | ||
Bug Description
Greetings everyone.
I know that recently systemd-resolved switched DNSSEC to off by default. However, there is a "feature set test" function in it. I could see these in my log:
62 May 6 23:27:31 lavender systemd-
63 May 6 23:27:31 lavender systemd-
It looks like this "feature set test" would repeat after some time. And during the test, it would test DNSSEC again regardless it turned off explicitly, which is the so called "DO" test.
I could still sometimes get no DNS, and I caught these log once during that. I can't be sure that this test is connected to my losing DNS, as I only caught it once. I don't know how long the "grace period" is, so can't schedule a trap to catch more.
This "DO" test can not be disabled via configuration.
There is an upstream patch to deal with it: https:/
While I'm not sure if it does cause some problem, I'm thinking it might be worth to cherry pick the patch.
Additional info about my system:
lsb_release -rd:
Description: Ubuntu 17.04
Release: 17.04
It's Ubuntu GNOME.
Package: systemd
Version: 232-21ubuntu3
| Dan Streetman (ddstreet) wrote | #1 |
| Changed in systemd (Ubuntu): | |
| status: | New → Won't Fix |
please reopen if this is still an issue