0

My DHCP server returns 3 DNS servers in this order

  • 10.10.0.100
  • 10.10.0.101
  • 10.0.0.1

I can dig all of them from my client (fedora 42, kde plasma):

➜ ~ dig @10.10.0.100 +short google.com 172.217.208.138 ... ➜ ~ dig @10.0.0.1 +short google.com 74.125.29.102 ... ➜ ~ dig @10.10.0.101 +short google.com 74.125.29.101

But systemd-resolved always takes 10.0.0.1 as the current DNS server

Link 3 (enp11s0) Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 Protocols: +DefaultRoute LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported Current DNS Server: 10.0.0.1 DNS Servers: 10.10.0.100 10.10.0.101 10.0.0.1 Default Route: yes

10.0.0.1 is the default route of my interface which is managed by NetworkManager.

➜ ~ ip a 3: enp11s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 3c:8c:f8:61:da:f3 brd ff:ff:ff:ff:ff:ff altname enx3c8cf861daf3 inet 10.0.0.10/23 brd 10.0.1.255 scope global noprefixroute enp11s0 valid_lft forever preferred_lft forever

How can I force systemd-resolved to follow my DHCP servers order?

Improve this question

2 Answers 2

Reset to default
3

How can I force systemd-resolved to follow my DHCP servers order?

As far as I know, you cannot. All servers associated with the same interface are considered equivalent and need to have access to the same data. If some of them don't, then you'll have to stop advertising the unwanted ones via DHCP.

Improve this answer
1
  • It's less about the data and more about the extras i get from my primary-dns server as it has integrated ad-block, which in my opinion do my secondary and tertiary dns not need. Commented Nov 9 at 18:23
1

Like many of the not-actually-init1 things that systemd attempts to do, it's a half-arsed and broken implementation. Your best option is to avoid it entirely:

  1. Install a caching DNS resolver (e.g. unbound) on the same machine that provides DHCP service to your LAN.

    • If you're using dnsmasq as your DHCP server, it is capable of both DNS resolution AND DHCP (and PXE & TFTP too), so it's just a matter of enabling and configuring both features. dnsmasq is suitable for small to medium sized networks, and is often used to provide these services to VMs (e.g. with kvm and/or libvirt), and is frequently used on small linux-based routers, xDSL modems, and wireless access-points.

    • If you're using some other DHCP server, such as ISC's (deprecated but still useful) isc-dhcpd or ISC's newer kea, then use unbound for DNS resolution and caching.

    BTW, as an added benefit, DNS lookups will be faster because you have a cache on your local network serving all local client machines.

  2. Configure the DNS resolver to forward unknown (i.e. not in the local cache) requests to your upstream DNS servers (e.g. 10.10.0.100, 10.10.0.101, and 10.0.0.1).

  3. Configure your DHCP server to tell client machines to use its IP address for DNS resolution.

  4. Disable and uninstall systemd-resolved on all client machines.

1 Systemd unit files aren't a bad way of doing init (i.e. starting, stopping, restarting services), in fact it's pretty good at that - but everything else it tries to do is garbage, inflexible and barely functional minimum viable products focused on the developers' own needs rather than those of the users'.

Improve this answer
1
  • I already have unbound servers in my network. The problem was my client not using the correct order of the announcement of my DHCP. Now everything is back to normal again, but I couldn't figure out what caused it. Commented Nov 9 at 18:21

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.