lima
lima copied to clipboard
Published
20 hours ago •
lima-vm
lima-vm
DNS resolution does not work in Fedora 35, but works in Fedora 36
Description
On the current HEAD version (8b3bcaf2627552cc4fe7828951d8318b810368fe)
DNS resolution is not functional on Fedora 35, but works on Fedora 36, although they both use systemd-resolved.
Lima configs
#f36
images:
- location: http://ftp.halifax.rwth-aachen.de/fedora/linux/releases/36/Cloud/aarch64/images/Fedora-Cloud-Base-36-1.5.aarch64.qcow2
arch: aarch64
digest: sha256:5c0e7e99b0c542cb2155cd3b52bbf51a42a65917e52d37df457d1e9759b37512
- location: http://ftp.halifax.rwth-aachen.de/fedora/linux/releases/36/Cloud/x86_64/images/Fedora-Cloud-Base-36-1.5. x86_64.qcow2
arch: x86_64
digest: ca9e514cc2f4a7a0188e7c68af60eb4e573d2e6850cc65b464697223f46b4605
#f35
images:
- location: http://ftp.halifax.rwth-aachen.de/fedora/linux/releases/35/Cloud/aarch64/images/Fedora-Cloud-Base-35-1.2.aarch64.qcow2
arch: aarch64
digest: sha256:c71f2e6ce75b516d565e2c297ea9994c69b946cb3eaa0a4bbea400dbd6f59ae6
- location: http://ftp.halifax.rwth-aachen.de/fedora/linux/releases/35/Cloud/x86_64/images/Fedora-Cloud-Base-35-1.2.x86_64.qcow2
arch: x86_64
digest: fe84502779b3477284a8d4c86731f642ca10dd3984d2b5eccdf82630a9ca2de6
Troubleshooting
The only obvious difference I can see is that Fedora 36 has a symlink from /etc/resolv.conf to the "stub" DNS config at /run/systemd/resolve/stub-resolv.conf, and its current DNS server set to the IPv6 fec0::3.
Whereas in Fedora 35, /etc/resolv.conf isn't symlinked and seems to be managed by NetworkManager. Symlinking manually to the same file as in Fedora 36 does NOT solve the issue.
DNS queries
f35:
$ resolvectl query fedoraproject.org
fedoraproject.org: resolve call failed: All attempts to contact name servers or networks failed
f36:
$ resolvectl query fedoraproject.org
fedoraproject.org: 38.145.60.20 -- link: eth0
140.211.169.196 -- link: eth0
152.19.134.198 -- link: eth0
8.43.85.67 -- link: eth0
209.132.190.2 -- link: eth0
38.145.60.21 -- link: eth0
152.19.134.142 -- link: eth0
67.219.144.68 -- link: eth0
8.43.85.73 -- link: eth0
2605:bc80:3010:600:dead:beef:cafe:fed9 -- link: eth0
2604:1580:fe00:0:dead:beef:cafe:fed1 -- link: eth0
2620:52:3:1:dead:beef:cafe:fed6 -- link: eth0
2600:2701:4000:5211:dead:beef:fe:fed3 -- link: eth0
2620:52:3:1:dead:beef:cafe:fed7 -- link: eth0
-- Information acquired via protocol DNS in 47.5ms.
-- Data is authenticated: no; Data was acquired via local or encrypted transport: no
-- Data from: network
Resolver status
f35:
$ ls -l /etc/resolv.conf
-rw-r--r--. 1 root root 53 Nov 6 13:17 /etc/resolv.conf
$ resolvectl status
Global
Protocols: LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: foreign
Current DNS Server: 192.168.5.3
DNS Servers: 192.168.5.3
Link 2 (eth0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.5.3
DNS Servers: 192.168.5.3
f36:
$ ls -l /etc/resolv.conf
lrwxrwxrwx. 1 root root 39 May 4 2022 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf
$ resolvectl status
Global
Protocols: LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Link 2 (eth0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: fec0::3
DNS Servers: 192.168.5.3 fec0::3
Additional notes
- This is not a network issue, I can reach both
192.168.5.3and the public internet (by IP). - Adding a public DNS server to
/etc/systemd/resolved.conf, such asDNS=8.8.8.8, fixes DNS resolution.
