There is a flaky DNS resolution issue observed and it boiled down to unexpected curtin/netplan config generated by MAAS.
Let's say a machine has two (or more) interfaces and one is connected to the main MAAS PXE network and the other is connected to an isolated network (no reachability to MAAS). DNS traffic should be sent from the first interface to MAAS DNS.
However, generated curtin/netplan adds MAAS DNS to the NIC with the isolated network and the DNS traffic goes no where since the isolated network do not have connectivity to MAAS nor any gateway.
[deployed node]
$ ip -br a
lo UNKNOWN 127.0.0.1/8 ::1/128
ens4 UP 192.168.151.116/24 fe80::5054:ff:fe78:ba0d/64
ens8 UP fe80::5054:ff:febf:8f7/64
ens9 UP 192.168.152.101/24 fe80::5054:ff:fea9:2e4/64
Link 2 (ens4)
Current Scopes: DNS
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.151.1
DNS Servers: 192.168.151.1
DNS Domain: maas
Link 3 (ens8)
Current Scopes: none
Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Link 4 (ens9)
Current Scopes: DNS
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.151.1
DNS Servers: 192.168.151.1
DNS Domain: maas
^^^ MAAS DNS (192.168.151.1) should be only added to the main NIC en4.
maas - 1:3.4.0- 14318-g. 3234f5e2a- 0ubuntu1~ 22.04.1
I think this is a regression since the test case in the following bug described the expected status. /bugs.launchpad .net/maas/ +bug/1847537
https:/
There is a flaky DNS resolution issue observed and it boiled down to unexpected curtin/netplan config generated by MAAS.
Let's say a machine has two (or more) interfaces and one is connected to the main MAAS PXE network and the other is connected to an isolated network (no reachability to MAAS). DNS traffic should be sent from the first interface to MAAS DNS.
However, generated curtin/netplan adds MAAS DNS to the NIC with the isolated network and the DNS traffic goes no where since the isolated network do not have connectivity to MAAS nor any gateway.
[deployed node]
$ ip -br a ff:fe78: ba0d/64 ff:febf: 8f7/64 ff:fea9: 2e4/64
lo UNKNOWN 127.0.0.1/8 ::1/128
ens4 UP 192.168.151.116/24 fe80::5054:
ens8 UP fe80::5054:
ens9 UP 192.168.152.101/24 fe80::5054:
$ resolvectl no/unsupported
Global
Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=
resolv.conf mode: stub
Link 2 (ens4) no/unsupported
Current Scopes: DNS
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=
Current DNS Server: 192.168.151.1
DNS Servers: 192.168.151.1
DNS Domain: maas
Link 3 (ens8) no/unsupported
Current Scopes: none
Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=
Link 4 (ens9) no/unsupported
Current Scopes: DNS
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=
Current DNS Server: 192.168.151.1
DNS Servers: 192.168.151.1
DNS Domain: maas
^^^ MAAS DNS (192.168.151.1) should be only added to the main NIC en4.
[isolated subnet definition]
maas admin spaces create name=space-isolated isolated 168.152. 0/24' \ "$fabric_ id" vid=152 \ ip=192. 168.152. 1 end_ip= 192.168. 152.100 ip=192. 168.152. 201 end_ip= 192.168. 152.254
maas admin vlans create "$fabric_id" vid=152 space=space-
maas admin subnets create cidr='192.
fabric=
allow_dns=false
maas admin ipranges create type=reserved \
start_
maas admin ipranges create type=dynamic \
start_
[associating the isolated subnet to a second or third NIC] .cidr== "192.168. 152.0/24" ).id')
vlan_id=$(maas admin vlan read "$fabric_id" 152 | jq -r '.id')
subnet_id=$(maas admin subnets read | jq -r '.[] | select(
for system_id in $(maas admin machines read | jq -r '.[].system_id'); do
maas admin interface update "$system_id" ens9 vlan="$vlan_id"
maas admin interface link-subnet "$system_id" ens9 mode='AUTO' subnet="$subnet_id"
done