systemd-resolved, resolvconf.service, resolvconf and openresolv. Why, which and how?
I'm using a VPN client which adds two name servers to /etc/resolv.conf
. All my connections are managed by Network-Manager.
I have to use this VPN client for my work VPN but after Ubuntu went to systemd-resolved
in 16.10 I am having problems with my connection and DNS. Looks like systemd-resolved
changes /etc/resolv.conf
back to default name servers for some reason which makes internal pages not resolve. I looked into this some more and ended up replacing resolvconf
with openresolv
. That helped a lot, but still systemd-resolved
resets /etc/resolv.conf
after the VPN has been up for a while.
It could be just as the connection is up or after a few minutes or sometimes not at all. I then disabled systemd-resolved
and the systemd resolvconf.service
and only run openresolv
. It all works well it seems.
However, this is all very confusing. Is there a reason for using systemd-resolved
with one of the others? It was enabled in Ubuntu 16.10 so I thought there must be a reason for it but it seems to cause a fight over /etc/resolv.conf
.
It would be great if I could just run operesolv
and get this explained. I have done quite a bit of reading on it but I still do not understand why /etc/resolv.conf
is managed like it is, only that when I use systemd
for it I can't use my VPN client.
networking dns vpn resolv.conf systemd-resolved
add a comment |
I'm using a VPN client which adds two name servers to /etc/resolv.conf
. All my connections are managed by Network-Manager.
I have to use this VPN client for my work VPN but after Ubuntu went to systemd-resolved
in 16.10 I am having problems with my connection and DNS. Looks like systemd-resolved
changes /etc/resolv.conf
back to default name servers for some reason which makes internal pages not resolve. I looked into this some more and ended up replacing resolvconf
with openresolv
. That helped a lot, but still systemd-resolved
resets /etc/resolv.conf
after the VPN has been up for a while.
It could be just as the connection is up or after a few minutes or sometimes not at all. I then disabled systemd-resolved
and the systemd resolvconf.service
and only run openresolv
. It all works well it seems.
However, this is all very confusing. Is there a reason for using systemd-resolved
with one of the others? It was enabled in Ubuntu 16.10 so I thought there must be a reason for it but it seems to cause a fight over /etc/resolv.conf
.
It would be great if I could just run operesolv
and get this explained. I have done quite a bit of reading on it but I still do not understand why /etc/resolv.conf
is managed like it is, only that when I use systemd
for it I can't use my VPN client.
networking dns vpn resolv.conf systemd-resolved
FWIW resolvconf.service is just how systemd operates resolvconf. Which VPN client are you using? If you used systemd-resolved it makes resolv.conf a symlink to it's private/run/systemd/resolve/resolv.conf
file. You might want to try having systemd-networkd manage your connections.
– pbhj
Jun 10 '17 at 15:41
add a comment |
I'm using a VPN client which adds two name servers to /etc/resolv.conf
. All my connections are managed by Network-Manager.
I have to use this VPN client for my work VPN but after Ubuntu went to systemd-resolved
in 16.10 I am having problems with my connection and DNS. Looks like systemd-resolved
changes /etc/resolv.conf
back to default name servers for some reason which makes internal pages not resolve. I looked into this some more and ended up replacing resolvconf
with openresolv
. That helped a lot, but still systemd-resolved
resets /etc/resolv.conf
after the VPN has been up for a while.
It could be just as the connection is up or after a few minutes or sometimes not at all. I then disabled systemd-resolved
and the systemd resolvconf.service
and only run openresolv
. It all works well it seems.
However, this is all very confusing. Is there a reason for using systemd-resolved
with one of the others? It was enabled in Ubuntu 16.10 so I thought there must be a reason for it but it seems to cause a fight over /etc/resolv.conf
.
It would be great if I could just run operesolv
and get this explained. I have done quite a bit of reading on it but I still do not understand why /etc/resolv.conf
is managed like it is, only that when I use systemd
for it I can't use my VPN client.
networking dns vpn resolv.conf systemd-resolved
I'm using a VPN client which adds two name servers to /etc/resolv.conf
. All my connections are managed by Network-Manager.
I have to use this VPN client for my work VPN but after Ubuntu went to systemd-resolved
in 16.10 I am having problems with my connection and DNS. Looks like systemd-resolved
changes /etc/resolv.conf
back to default name servers for some reason which makes internal pages not resolve. I looked into this some more and ended up replacing resolvconf
with openresolv
. That helped a lot, but still systemd-resolved
resets /etc/resolv.conf
after the VPN has been up for a while.
It could be just as the connection is up or after a few minutes or sometimes not at all. I then disabled systemd-resolved
and the systemd resolvconf.service
and only run openresolv
. It all works well it seems.
However, this is all very confusing. Is there a reason for using systemd-resolved
with one of the others? It was enabled in Ubuntu 16.10 so I thought there must be a reason for it but it seems to cause a fight over /etc/resolv.conf
.
It would be great if I could just run operesolv
and get this explained. I have done quite a bit of reading on it but I still do not understand why /etc/resolv.conf
is managed like it is, only that when I use systemd
for it I can't use my VPN client.
networking dns vpn resolv.conf systemd-resolved
networking dns vpn resolv.conf systemd-resolved
edited Apr 11 '17 at 9:14
muru
1
1
asked Jan 17 '17 at 19:36
ChristianChristian
4311519
4311519
FWIW resolvconf.service is just how systemd operates resolvconf. Which VPN client are you using? If you used systemd-resolved it makes resolv.conf a symlink to it's private/run/systemd/resolve/resolv.conf
file. You might want to try having systemd-networkd manage your connections.
– pbhj
Jun 10 '17 at 15:41
add a comment |
FWIW resolvconf.service is just how systemd operates resolvconf. Which VPN client are you using? If you used systemd-resolved it makes resolv.conf a symlink to it's private/run/systemd/resolve/resolv.conf
file. You might want to try having systemd-networkd manage your connections.
– pbhj
Jun 10 '17 at 15:41
FWIW resolvconf.service is just how systemd operates resolvconf. Which VPN client are you using? If you used systemd-resolved it makes resolv.conf a symlink to it's private
/run/systemd/resolve/resolv.conf
file. You might want to try having systemd-networkd manage your connections.– pbhj
Jun 10 '17 at 15:41
FWIW resolvconf.service is just how systemd operates resolvconf. Which VPN client are you using? If you used systemd-resolved it makes resolv.conf a symlink to it's private
/run/systemd/resolve/resolv.conf
file. You might want to try having systemd-networkd manage your connections.– pbhj
Jun 10 '17 at 15:41
add a comment |
2 Answers
2
active
oldest
votes
Which VPN client are you using? I was having trouble with straight OpenVPN, but installing the NM version of the client cleared up the problems. Well, most of them, I could not prevent a route being pushed, but that's a completely different issue.
The point is: your VPN client has to know about how to interact with systemd's idea of how to manage DNS service. I don't recommend this, but you may try to disabling the resolvd service (systemctl disable systemd-resolved.service
) to see if it improves things, but ultimately you will have to get a client that understands how to submit to systemd's caprices :)
(The systemd ship sailed a long time ago, let's not open a discussion on why some things were done.)
This problem got resolved in an update of the VPN client. It was the OpenFortiGui client for my work Fortinet VPN. So you are absolutely right, the client has now learned systemd! :)
– Christian
3 hours ago
add a comment |
An update to the VPN client I used resolved (pun intended) the problem. It was the OpenFortiGui client for Fortinet VPN.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f873060%2fsystemd-resolved-resolvconf-service-resolvconf-and-openresolv-why-which-and%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Which VPN client are you using? I was having trouble with straight OpenVPN, but installing the NM version of the client cleared up the problems. Well, most of them, I could not prevent a route being pushed, but that's a completely different issue.
The point is: your VPN client has to know about how to interact with systemd's idea of how to manage DNS service. I don't recommend this, but you may try to disabling the resolvd service (systemctl disable systemd-resolved.service
) to see if it improves things, but ultimately you will have to get a client that understands how to submit to systemd's caprices :)
(The systemd ship sailed a long time ago, let's not open a discussion on why some things were done.)
This problem got resolved in an update of the VPN client. It was the OpenFortiGui client for my work Fortinet VPN. So you are absolutely right, the client has now learned systemd! :)
– Christian
3 hours ago
add a comment |
Which VPN client are you using? I was having trouble with straight OpenVPN, but installing the NM version of the client cleared up the problems. Well, most of them, I could not prevent a route being pushed, but that's a completely different issue.
The point is: your VPN client has to know about how to interact with systemd's idea of how to manage DNS service. I don't recommend this, but you may try to disabling the resolvd service (systemctl disable systemd-resolved.service
) to see if it improves things, but ultimately you will have to get a client that understands how to submit to systemd's caprices :)
(The systemd ship sailed a long time ago, let's not open a discussion on why some things were done.)
This problem got resolved in an update of the VPN client. It was the OpenFortiGui client for my work Fortinet VPN. So you are absolutely right, the client has now learned systemd! :)
– Christian
3 hours ago
add a comment |
Which VPN client are you using? I was having trouble with straight OpenVPN, but installing the NM version of the client cleared up the problems. Well, most of them, I could not prevent a route being pushed, but that's a completely different issue.
The point is: your VPN client has to know about how to interact with systemd's idea of how to manage DNS service. I don't recommend this, but you may try to disabling the resolvd service (systemctl disable systemd-resolved.service
) to see if it improves things, but ultimately you will have to get a client that understands how to submit to systemd's caprices :)
(The systemd ship sailed a long time ago, let's not open a discussion on why some things were done.)
Which VPN client are you using? I was having trouble with straight OpenVPN, but installing the NM version of the client cleared up the problems. Well, most of them, I could not prevent a route being pushed, but that's a completely different issue.
The point is: your VPN client has to know about how to interact with systemd's idea of how to manage DNS service. I don't recommend this, but you may try to disabling the resolvd service (systemctl disable systemd-resolved.service
) to see if it improves things, but ultimately you will have to get a client that understands how to submit to systemd's caprices :)
(The systemd ship sailed a long time ago, let's not open a discussion on why some things were done.)
answered 7 hours ago
JayEyeJayEye
753416
753416
This problem got resolved in an update of the VPN client. It was the OpenFortiGui client for my work Fortinet VPN. So you are absolutely right, the client has now learned systemd! :)
– Christian
3 hours ago
add a comment |
This problem got resolved in an update of the VPN client. It was the OpenFortiGui client for my work Fortinet VPN. So you are absolutely right, the client has now learned systemd! :)
– Christian
3 hours ago
This problem got resolved in an update of the VPN client. It was the OpenFortiGui client for my work Fortinet VPN. So you are absolutely right, the client has now learned systemd! :)
– Christian
3 hours ago
This problem got resolved in an update of the VPN client. It was the OpenFortiGui client for my work Fortinet VPN. So you are absolutely right, the client has now learned systemd! :)
– Christian
3 hours ago
add a comment |
An update to the VPN client I used resolved (pun intended) the problem. It was the OpenFortiGui client for Fortinet VPN.
add a comment |
An update to the VPN client I used resolved (pun intended) the problem. It was the OpenFortiGui client for Fortinet VPN.
add a comment |
An update to the VPN client I used resolved (pun intended) the problem. It was the OpenFortiGui client for Fortinet VPN.
An update to the VPN client I used resolved (pun intended) the problem. It was the OpenFortiGui client for Fortinet VPN.
answered 3 hours ago
ChristianChristian
4311519
4311519
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f873060%2fsystemd-resolved-resolvconf-service-resolvconf-and-openresolv-why-which-and%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
FWIW resolvconf.service is just how systemd operates resolvconf. Which VPN client are you using? If you used systemd-resolved it makes resolv.conf a symlink to it's private
/run/systemd/resolve/resolv.conf
file. You might want to try having systemd-networkd manage your connections.– pbhj
Jun 10 '17 at 15:41