PR#106: Add steps to dnsmasq setup guide to avoid conflicts with systemd-resolved - fedora-server

fedora-server

#106 Add steps to dnsmasq setup guide to avoid conflicts with systemd-resolved

Opened 2 years ago by tsobczynski. Modified 5 months ago

tsobczynski/fedora-server dnsmasq-admin-docs into main

Fix typo in dnsmasq setup guide

Tom Sobczynski • 5 months ago

5906aaa

Update docs/modules/ROOT/pages/administration/dnsmasq.adoc

Tom Sobczynski • 5 months ago

c6b70a0

docs/modules/ROOT/pages/administration/dnsmasq.adoc

file modified

+20 -3

		`@@ -184,17 +184,34 @@`
		`[…]# firewall-cmd --list-all`
		`----`

		`- 6. Restart NetworkManager to start dnsmasq`
		`+ 6. Disabling the systemd-resolved stub resolver`
		`+ +`
		`+ Inhibit the stub resolver and remove the symlink /etc/resolv.conf so that Network Manager will generate a new resolv.conf directing queries to dnsmasq. For more info, see the man page for "systemd-resolved" under the heading "/ETC/RESOLV.CONF".`
		`+ +`
		`+ [source,]`
		`+ ----`
		`+ […]# find /etc/resolv.conf -printf '%p -> %l\n'`
		`+ /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf`
		`+ […]# rm -f /etc/resolv.conf`
		`+ […]# mkdir -p /etc/systemd/resolved.conf.d`
		`+ […]# echo -e "[Resolve]\nDNSStubListener=no" > /etc/systemd/resolved.conf.d/no-stub-listener.conf`
		`+ ----`
		`+`
		`+ 7. Restart systemd-resolved and restart NetworkManager to start dnsmasq`
		`+ +`
		`+ The first time we restart systemd-resolved, it will no longer be running the stub resolver. The second time, we are reloading the configuration to prompt systemd-resolved to re-assess the /etc/resolv.conf generated by NetworkManager, but systemd-resolved does not support the "reload" unit command.`
		`+`
		`[source,]`
		`----`
		`+ […]# systemctl restart systemd-resolved`
		`[…]# systemctl restart NetworkManager`
		`+ […]# systemctl restart systemd-resolved`
		`----`
		`+`
		`NetworkManager adjusts now the nameserver entries in /etc/resolv. They are replaced by 127.0.0.1 and processed via dnsmasq.`

		`- 7. Test the installation`
		`- a. The dnsmasp internal self test`
		`+ 8. Test the installation`
		`+ a. The dnsmasq internal self test`
		`+`
		`[source,]`
		`----`

tsobczynski commented 2 years ago

I added steps to disable the systemd-resolved stub resolver and trigger Network Manager to produce a suitable /etc/resolv.conf to make use of dnsmasq. Without these additional steps, I found that name resolution was broken at the end of dnsmasq setup on Fedora Server 37. Note that there is a related issue with a patch in Network Manager to fix a problem generating the search domain in resolv.conf: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1281

pboy commented a year ago

Thanks for the contribution and sorry for the long delay. Unfortunately, I couldn't manage to make it in time. I'll check your proposal with 39 now.

tsobczynski commented a year ago

Understood. Thank you for the update! =E2=80=94Tom

On Wed, Jan 10, 2024 at 6:29=E2=80=AFAM Peter Boy pagure@pagure.io wrote:

pboy commented on the pull-request: Add steps to dnsmasq setup guide to avoid conflicts with systemd-resolved that you are following:
Thanks for the contribution and sorry for the long delay. Unfortunately, = I couldn't manage to make it in time. I'll check your proposal with 39 now.

To reply, visit the link below or just reply to this email
https://pagure.io/fedora-server/pull-request/106