ip link add name test_eth42 address de:ad:be:ef:47:11 type veth peer name router_eth42
ip a flush dev router_eth42
ip a add 192.168.5.1/24 dev router_eth42
ip link set router_eth42 up
ip link add name testvpnclient type veth peer name testvpnrouter
ip a flush dev testvpnrouter
ip a add 10.241.3.1/24 dev testvpnrouter
ip link set testvpnrouter up
Reproducing the case outside the systemd tests
(Commands on Ubuntu 22.04, with root permissions)
jammy-Proposed has dnsmasq 2.86 right now
apt update; apt upgrade -y; apt install dnsmasq-base
systemctl reset-failed systemd-networkd systemd-resolved
mkdir /run/systemd/ resolved. conf.d resolved. conf.d/ test-enable- dnssec. conf << EOF allow-downgrade
cat > /run/systemd/
[Resolve]
DNSSEC=
LLMNR=no
MulticastDNS=no
DNSOverTLS=no
EOF
ip link add name test_eth42 address de:ad:be:ef:47:11 type veth peer name router_eth42
ip a flush dev router_eth42
ip a add 192.168.5.1/24 dev router_eth42
ip link set router_eth42 up
dnsmasq --no-daemon --log-queries --log-facility= /tmp/dnsmasq. log --conf- file=/dev/ null --dhcp- leasefile= /tmp/dnsmasq. leases --bind-interfaces --interface= router_ eth42 --except- interface= lo --dhcp- range=192. 168.5.10, 192.168. 5.200 --address= /#/192. 168.42. 1 &
cat > /run/systemd/ network/ general. network << EOF rustAnchors= search. example. com
[Match]
Name=test_eth42
[Network]
DHCP=ipv4
IPv6AcceptRA=False
DNSSECNegativeT
EOF
ip link add name testvpnclient type veth peer name testvpnrouter
ip a flush dev testvpnrouter
ip a add 10.241.3.1/24 dev testvpnrouter
ip link set testvpnrouter up
dnsmasq --no-daemon --log-queries --log-facility= /tmp/dnsmasq- vpn.log --conf- file=/dev/ null --dhcp- leasefile= /dev/null --bind-interfaces --interface= testvpnrouter --except- interface= lo --address= /math.lab/ 10.241. 3.3 --address= /cantina. company/ 10.241. 4.4 &
cat > /run/systemd/ network/ vpn.network << EOF 10.241. 3.2/24 rustAnchors= company la
[Match]
Name=testvpnclient
[Network]
IPv6AcceptRA=False
Address=
DNS=10.241.3.1
Domains=~company ~lab
DNSSECNegativeT
EOF
systemctl restart systemd-networkd systemd/ systemd- networkd- wait-online --interface test_eth42 --interface= testvpnclient --timeout=20
/usr/lib/
systemctl restart systemd-resolved
# The original test runs "resolvectl query math.lab"
# That would probe everything, do this step by step
#1 ipv4 works and looks pretty much the same result on good/bad case
dig @10.241.3.1 -t A math.lab
root@j- dnsmasq- proposed: ~# dig @10.241.3.1 -t A math.lab
dnsmasq: query[A] math.lab from 10.241.3.1
dnsmasq: config math.lab is 10.241.3.3
; <<>> DiG 9.16.15-Ubuntu <<>> @10.241.3.1 -t A math.lab
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11869
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;math.lab. IN A
;; ANSWER SECTION:
math.lab. 0 IN A 10.241.3.3
;; Query time: 0 msec 3.1#53( 10.241. 3.1)
;; SERVER: 10.241.
;; WHEN: Tue Jan 11 13:09:07 UTC 2022
;; MSG SIZE rcvd: 53
#2 ipv6 fails and gets into a loop
dig @10.241.3.1 -t AAAA math.lab