DHCP server handing out DNS server addresses but DHCP client does not write these to resolv.conf

Bug #1045616 reported by David T
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
bind9 (Ubuntu)
Invalid
Medium
Unassigned

Bug Description

ARGH!!!!! Every release causes new problems >:(

If you have:
linux DHCP server on the network with options:
option domain-name "xyz.com";
option domain-name-servers 4.2.2.2, 4.2.2.3;

In Ubuntu 10.x it works fine and the DHCP client pulls the DNS servers from the DHCP fine.

Ubuntu 12.x - It's broken.

Trying to fix with: adding to /etc/network/interfaces

    dns-nameservers 4.2.2.2 4.2.2.3
    dns-search xyz.com

FAIL. Because you have

    iface eth0 inet dhcp

that option isn't read

Try and configure with NetworkManager from command line because you're running a server. NOPE, NetworkManager doesn't run from CLI command line, only GUI.

Can't manually specify the DNS server in /etc/resolv.conf because it's always getting overwritten.

What's the best option here? I think this might be a bug. Only option I haven't tried is using the head file from this description:

Resolvconf has a /etc/resolvconf/resolv.conf.d/ directory that can contain “base”, “head”, “original” and “tail” files. All in resolv.conf format.

base: Used when no other data can be found

head: Used for the header of resolv.conf, can be used to ensure a DNS server is
always the first one in the list

original: Just a backup of your resolv.conf at the time of resolvconf installation

tail: Any entry in tail is appended at the end of the resulting resolv.conf. In some cases, upgrading from a previous Ubuntu release, will make tail a symlink to original (when we think you manually modified resolv.conf in the past)

Tags: bot-comment
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. It seems that your bug report is not filed about a specific source package though, rather it is just filed against Ubuntu in general. It is important that bug reports be filed about source packages so that people interested in the package can find the bugs about it. You can find some hints about determining what package your bug might be about at https://wiki.ubuntu.com/Bugs/FindRightPackage. You might also ask for help in the #ubuntu-bugs irc channel on Freenode.

To change the source package that this bug is filed about visit https://bugs.launchpad.net/ubuntu/+bug/1045616/+editstatus and add the package name in the text box next to the word Package.

[This is an automated message. I apologize if it reached you inappropriately; please just reply to this message indicating so.]

tags: added: bot-comment
Revision history for this message
Edward Donovan (edward.donovan) wrote : Re: DHCP server handing out DNS server but DHCP client not loading DNS settings to client

I'm going to assign this to resolvconf. I'm not 100% sure that's where it will end up, but might not get looked at when it's just assigned to 'Ubuntu'. Thanks.

affects: ubuntu → resolvconf (Ubuntu)
Revision history for this message
Steve Langasek (vorlon) wrote :

> Can't manually specify the DNS server in /etc/resolv.conf because it's
> always getting overwritten.

What value is it being overwritten with?

Resolvconf certainly supports reading in DNS settings from the DHCP server; so if you're not getting those, there must be some other source of DNS information taking precedence - probably a local DNS server that's installed and misconfigured such that it's talking to resolvconf when it shouldn't be.

Changed in resolvconf (Ubuntu):
status: New → Incomplete
Revision history for this message
Thomas Hood (jdthood) wrote :

Hi David.

As Steve has already said, if you are using a DHCP client to configure the interface then any nameserver addresses that the client receives will (normally) be supplied to resolvconf, whether the DHCP client is started by ifup or by NetworkManager. On many, many systems this is exactly what happens.

Based on the nameserver addresses that have been supplied to it, resolvconf writes /run/resolvconf/resolv.conf. Normally /etc/resolv.conf is a symbolic link to /run/resolvconf/resolv.conf.

Please note that if a local nameserver is running and the loopback address 127.0.0.1 has been registered with resolvconf then (normally) resolvconf only lists that one address in resolv.conf. This has been known to confuse people.

You (David) wrote:
> Trying to fix with: adding to /etc/network/interfaces
> dns-nameservers 4.2.2.2 4.2.2.3
> dns-search xyz.com
> FAIL. Because you have iface eth0 inet dhcp that option isn't read

If the interface is being configured by NetworkManager then it's true that those options have no effect; NetworkManager does not fully emulate ifup. The interface is configured by NetworkManager if you are running NetworkManager and /etc/NetworkManager/NetworkManager.conf contains

    [ifupdown]
    managed=true

If the interface is configured by ifup then the dns-* options ARE effective even for an "inet dhcp" interface.

If you can't figure out what's wrong with your configuration, please do the following.

* Reboot, connect to the Internet, fix up DNS, if necessary by editing /etc/resolv.conf by hand, then run "apport-collect 1045616" in order to supply information about the affected system.
* Run the following commands in a terminal and post the output here.

    ls -l /run/resolvconf
    cat /run/resolvconf/resolv.conf
    ls -l /run/resolvconf/interface
    for F in /run/resolvconf/interface/* ; do echo === $F === ; cat $F ; done
    ls -l /etc/resolvconf/resolv.conf.d
    for F in /etc/resolvconf/resolv.conf.d/* ; do echo === $F === ; cat $F ; done
    cat /etc/resolvconf/interface-order
    cat /etc/NetworkManager/NetworkManager.conf
    cat /etc/network/interfaces
    dpkg -l resolvconf network-manager

summary: - DHCP server handing out DNS server but DHCP client not loading DNS
- settings to client
+ DHCP server handing out DNS server addresses but DHCP client does not
+ write these to resolv.conf
Revision history for this message
Thomas Hood (jdthood) wrote :

David wrote:
> Try and configure with Network Manager from commandline because your running a server.
> NOPE, network manager doesn't run from CLI commandline only GUI

Actually, NetworkManager does have a command line interface. See nmcli(1).

Revision history for this message
David T (ubuntuwiki-datmail) wrote :

Hmmm, this might be a bad defaults in Ubuntu 12.04 let me give a little background on the configs.

On the network I have a DHCP server setup, giving out IP's, and the DHCP config file has the options:

option domain-name "xyz.com";
option domain-name-servers 209.51.128.19, 63.247.77.198;

When installing
Ubuntu 10.04 LTS
I do a virgin install of ubuntu, then run the install.sh script for www.virtualmin.com

Logging into SSH I test local DNS:
ping google.com
and I get DNS lookup. Checking it's /etc/resolv.conf it has:

nameserver 127.0.0.1
nameserver 209.51.128.19
domain xyz.com
search xyz.com

(not sure why I'm not getting both DNS servers from the DHCP server but I guess that's for another ticket)

---------------------------

Repeat the process on Ubuntu 12.04 virgin install of ubuntu, then run the install.sh script for www.virtualmin.com
Logging into SSH I test local DNS:
ping google.com
and I get no DNS resolution. Checking it's /etc/resolv.conf it has:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
search xyz.com

------------

So I guess my two questions are:
1) Why isn't resolvconf (or whatever is reading the DNS settings from the DHCP server) on Ubuntu 10.04 putting both DNS servers from the DHCP server into it's local resolv.conf
2) Why isn't resolvconf (or whatever is reading the DNS settings from the DHCP server) on Ubuntu 12.04 putting both DNS servers from the DHCP server into it's local resolv.conf

I'm guessing we're somehow dealing with an interaction of the BIND server that virtualmin installs, and:
> Please note that if a local nameserver is running and the loopback address 127.0.0.1 has been
> registered with resolvconf then (normally) resolvconf only lists that one address in resolv.conf.
> This has been known to confuse people.

but having BIND server installed shouldn't be affecting the local DNS lookups, it's a stand-alone bind server...

If it's the Virtualmin script doing something with the resolvconf initialization, then I can report this issue with the Virtualmin team but I'm having a feeling it's not.

------------
Thanks for the info on nmcli(1) :)

Revision history for this message
Steve Langasek (vorlon) wrote :

> but having BIND server installed shouldn't be affecting the
> local DNS lookups, it's a stand-alone bind server...

Yep, that sounds like my original guess:

> probably a local DNS server that's installed and misconfigured
> such that it's talking to resolvconf when it shouldn't be.

So this sounds like bug #996088, except you say that this is a fresh install of 12.04 rather than an upgrade.

Perhaps virtualmin is misconfiguring bind9?

Anyway, not a resolvconf bug then; possibly a bind9 bug; reassigning.

affects: resolvconf (Ubuntu) → bind9 (Ubuntu)
Changed in bind9 (Ubuntu):
status: Incomplete → New
Revision history for this message
David T (ubuntuwiki-datmail) wrote :

I think I made a mistake....I'm not sure this is a bind, or virtualmin problem as the problem was occurring pre BIND or virtualmin install. Just to re-summarize the steps I originally took:

- Loaded Ubuntu 12.04
- Tried to install virtualmin
- couldn't resolve dns
- found a workaround by editing the /resolvconf.d/head file
- got virtualmin downloaded and installed

I opened this ticket because step three I should have had DNS resolution and I didn't....this problem was there on a virgin base install of Ubuntu 12 with no bind or virtualmin on the system and it was failing resolving DNS because it was pulling and using the DNS servers from the DHCP server.

FYI you can read comments from Virtualmin guys here:
https://virtualmin.com/node/23263#comment-105180--

Dave Walker (davewalker)
Changed in bind9 (Ubuntu):
importance: Undecided → Medium
Revision history for this message
Thomas Hood (jdthood) wrote :

> FYI you can read comments from Virtualmin guys here:
> https://virtualmin.com/node/23263#comment-105180--

"Access denied -- You are not authorized to access this page."

Changed in bind9 (Ubuntu):
status: New → Incomplete
Revision history for this message
Thomas Hood (jdthood) wrote :

David T wrote in comment #8:
> - Loaded Ubuntu 12.04
> - Tried to install [a package]
> - couldn't resolve dns

Possibly this is just another instance of bug #1000244.

David T, can you reproduce the failure?

description: updated
Revision history for this message
David T (ubuntuwiki-datmail) wrote :

I think bug #1000244 is just describing the same issue in another way for sure. I'd be happy to work with someone with commit privileges in a virtual machine virgin install in my server cluster to reproduce the issue.

I'm not savvy enough to try and determine if the problem comes from: resolvconf, default config in network stack for ubuntu, or some interaction when bind gets installed from the repo. I just know how to hard/code fix and work around the issue.

IMHO, it definitely needs to be permanently fixed because whatever happens after a default install or upgrade, DNS resolution should just work, not require changes to get it working.

FYI I was installing a centos 6.x system, and saw a similar interaction which would lead me towards a resolvconf or bind interaction.

Revision history for this message
Thomas Hood (jdthood) wrote :

David, I suggest you get a Linux expert to help you at your location.

Changed in bind9 (Ubuntu):
status: Incomplete → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers