systemd.resolved with split domains sends DNS requests to the wrong interface
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| systemd (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
When connected simultaneously to two different networks with overlapping domains
$ resolvectl domain
Global:
Link 3 (wlp0s20f3): ~. mit.edu
Link 2 (enp0s31f6): ~. psfc.mit.edu
$ resolvectl dns
Global:
Link 3 (wlp0s20f3): 18.0.70.160 18.0.72.3 18.0.71.151
Link 2 (enp0s31f6): 198.125.177.103 198.125.179.203,
a DNS request for resolution of a name such as
LIBPROXY.
is by default sent to the nameservers of Link 3 (e.g. 18.0.70.160) but via Link 2 (enp0s31f6)
This request is refused, presumably because it is seen by those nameservers as coming from
an external network, which ought not to be asking for name resolution from them.
It seems that it ought to be the default behavior that requests for name resolution are sent
only over the interface whose nameservers are being queried, or else that queries go only to the nameservers that are associated with the interface over which the query will go out.
%%%%%%%
lsb_release -rd
Description: Ubuntu 20.04.3 LTS
Release: 20.04
$ resolvectl --version
systemd 245 (245.4-4ubuntu3.13)
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-
$ systemd --version
systemd 245 (245.4-4ubuntu3.13)
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-
$ apt-cache policy systemd
systemd:
Installed: 245.4-4ubuntu3.13
Candidate: 245.4-4ubuntu3.13
Version table:
*** 245.4-4ubuntu3.13 500
500 http://
100 /var/lib/
245.
500 http://
245.4-4ubuntu3 500
500 http://
