NetworkManager & systemd-resloved: DHCP provided DNS server isn't used
Hello,
I am using NetworkManager (1.24.2) & systemd-resloved (245.6) in their default configuration.
/etc/resolv.conf
is a symlink to /run/systemd/resolve/stub-resolv.conf
As it should, NetworkManager reports in the logs when it starts:
dns-mgr[0x55f2a8093240]: init: dns=systemd-resolved rc-manager=symlink, plugin=systemd-resolved
Which is what I want.
NetworkManager correctly picks-up the right DNS server from DHCP
NetworkManager[19709]: <info> [1593431290.2268] dhcp4 (enp0s13f0u3u3): option domain_name_servers => '192.168.199.1'
But it doesn't detect that there is a change with the running configuration:
dns-mgr: (device_ip_config_changed): queueing DNS updates (1)
dns-mgr: (device_ip_config_changed): DNS configuration did not change
dns-mgr: (device_ip_config_changed): no DNS changes to commit (0)
Therefore, systemd-resolved keeps on using the fallback DNS server:
$ systemd-resolve --status
Global
LLMNR setting: yes
MulticastDNS setting: yes
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Current DNS Server: 8.8.8.8
Fallback DNS Servers: 1.1.1.1
9.9.9.10
8.8.8.8
2606:4700:4700::1111
2620:fe::10
2001:4860:4860::8888
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 12 (enp0s13f0u3u3)
Current Scopes: LLMNR/IPv4 LLMNR/IPv6
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 2 (wlp0s20f3)
Current Scopes: LLMNR/IPv4 LLMNR/IPv6
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Which https://www.dnsleaktest.com/ confirms.
If I manually set the DNS server for the interface with resolvectl, it works and the correct entries are reported in the status.