systemd.resolved

bashtop86

vitualbox -NAT- vm1:pfsense -INTERNAL- vm2:ubuntu 20.04.5

I follow instrution in pdf to init the cluster

After a moment or after a reboot
ping google.com # return an error

Workaround: 8.8.8.8 in /etc/resolv.conf
but systemd.resolved overide my config on reboot

I try calico network troubleshoot in
/etc/NetworkManager/dispactcher.d/calico.conf
without succes.

Could I have any tips how debug DNS in systemd.resolved ?

bashtop86

test 2

cp boot - DNS good
worker boot - DNS good
couple minute later on cp

sudo journalctl -f
# Nov 06 19:04:50 cp1 systemd-resolved[611]: Grace period over, resuming full feature set (UDP+EDNS0) for DNS server 192.168.1.1.

sudo systemctl status systemd-resolved.service
# ● systemd-resolved.service - Network Name Resolution
#      Loaded: loaded (/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: enabled)
#      Active: active (running) since Sun 2022-11-06 19:13:38 UTC; 55s ago
#        Docs: man:systemd-resolved.service(8)
#              https://www.freedesktop.org/wiki/Software/systemd/resolved
#              https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
#              https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients
#    Main PID: 12773 (systemd-resolve)
#      Status: "Processing requests..."
#       Tasks: 1 (limit: 4611)
#      Memory: 4.6M
#      CGroup: /system.slice/systemd-resolved.service
#              └─12773 /lib/systemd/systemd-resolved

# Nov 06 19:13:38 cp1 systemd[1]: Starting Network Name Resolution...
# Nov 06 19:13:38 cp1 systemd-resolved[12773]: Positive Trust Anchors:
# Nov 06 19:13:38 cp1 systemd-resolved[12773]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d
# Nov 06 19:13:38 cp1 systemd-resolved[12773]: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in>
# Nov 06 19:13:38 cp1 systemd-resolved[12773]: Using system hostname 'cp1'.
# Nov 06 19:13:38 cp1 systemd[1]: Started Network Name Resolution.
# Nov 06 19:13:52 cp1 systemd-resolved[12773]: Using degraded feature set (UDP) for DNS server 192.168.1.1.
# Nov 06 19:13:57 cp1 systemd-resolved[12773]: Using degraded feature set (TCP) for DNS server 192.168.1.1.

chrispokorni

Hi @bashtop86,

For vbox VMs I would recommend a single bridged adapter per VM, ensuring that either DHCP or static VM IP addresses are not from the 192.168.0.0/16 subnet (otherwise they overlap with the Pod subnet managed by the Calico network plugin), and vbox promiscuous mode is enabled to allow all inbound traffic on each VM.

Regards,
-Chris

bashtop86

Tanks for your fast response.
My admin machine finally broken too,
so I figure out it was a mist-configuration on my pfsense