問題描述
在 Ubuntu 20.04 LTS 中,當使用 NetworkManager 正確配置並啟用(nmcli connection up)網卡之后,DNS 配置沒有生效,/etc/resolv.conf 堅持使用 127.0.0.53 地址的 DNS 服務。即便沒有該服務(127.0.0.53:53),NetworkManager 也堅持使用該地址。並且 /etc/resolv.conf 包含 # Generated by NetworkManager 文本,就表明這是 NetworkManager 生成的。
該問題可能並不常見,只會在某些 Linux 發行版中出現,我們是在 Ubuntu 20.04 LTS 中遇到該問題。
問題原因
該問題的原因非常多,我們無法一一列舉,只能描述我們的場景。
經過一番 Google 之后,各種解決方案並不適用於我們的場景,我們只能求助於官方 NetworkManager.conf(1.22) 文檔對 dns 處理模式的設置:
Set the DNS processing mode.
If the key is unspecified, default is used, unless /etc/resolv.conf is a symlink to /run/systemd/resolve/stub-resolv.conf, /run/systemd/resolve/resolv.conf, /lib/systemd/resolv.conf or /usr/lib/systemd/resolv.conf. In that case, systemd-resolved is chosen automatically.
**default**: NetworkManager will update /etc/resolv.conf to reflect the nameservers provided by currently active connections.
**dnsmasq**: NetworkManager will run dnsmasq as a local caching nameserver, using "Conditional Forwarding" if you are connected to a VPN, and then update resolv.conf to point to the local nameserver. It is possible to pass custom options to the dnsmasq instance by adding them to files in the "/etc/NetworkManager/dnsmasq.d/" directory. Note that when multiple upstream servers are available, dnsmasq will initially contact them in parallel and then use the fastest to respond, probing again other servers after some time. This behavior can be modified passing the 'all-servers' or 'strict-order' options to dnsmasq (see the manual page for more details).
**systemd-resolved**: NetworkManager will push the DNS configuration to systemd-resolved
**unbound**: NetworkManager will talk to unbound and dnssec-triggerd, using "Conditional Forwarding" with DNSSEC support. /etc/resolv.conf will be managed by dnssec-trigger daemon.
**none**: NetworkManager will not modify resolv.conf. This implies rc-manager unmanaged
Note that the plugins dnsmasq, systemd-resolved and unbound are caching local nameservers. Hence, when NetworkManager writes /run/NetworkManager/resolv.conf and /etc/resolv.conf (according to rc-manager setting below), the name server there will be localhost only. NetworkManager also writes a file /run/NetworkManager/no-stub-resolv.conf that contains the original name servers pushed to the DNS plugin.
When using dnsmasq and systemd-resolved per-connection added dns servers will always be queried using the device the connection has been activated on.
我們沒有配置 systemd-resolved 選項(包括軟鏈接),我們沒有設置 none 選項,(希望各位讀者檢查一下是否存在這些配置,尤其是 systemd-resolved 軟鏈接問題),但是依舊不生效。
解決方法
遇到問題就要大膽猜想:軟件是有 BUG 的,默認應該是 default 選項,但是我們認為沒有啟用 default 選項。
我們嘗試在 /etc/NetworkManager/NetworkManager.conf 的 [main] 部分添加 dns=default 選項,並重啟 NetworkManager 服務,居然解決問題了……
當我們移除 dns=default 選項,並重啟 NetworkManager 服務(systemctl restart network-manger),/etc/resolv.conf 再次使用 127.0.0.53 地址
參考文獻
NetworkManager.conf: NetworkManager Reference Manual
DNS set to systemd's 127.0.0.53 - how to change permanently? - Ask Ubuntu
redhat - How do I force NetworkManager to update /etc/resolv.conf? - Server Fault
ubuntu - Using dnsmasq with NetworkManager - Super User