That's like swimming across the English Channel until you can see the
coast of France, then turning around and swimming back because you're
tired...
On Thu, 9 Jan 2025, S L, Meghana wrote:
I tried disabling and stopped systemd resolved.
Ok, progress! That means that resolved is / was running. What reason would
you have for running multiple recursing resolvers? (There may be reasons,
but that's very advanced usage.)
Leave it turned off. In fact, disable it so that it doesn't restart at
boot (systemctl disable ...).
How many copies of resolv.conf are there on the system? Where are they?
Are any of them symlinks? Which is the one which is in use? What's in that
one? With specificity what are the nameserver lines?
Now bring up whatever tool / config file you use for network configuration
(unless you're editing that resolv.conf manually). What DNS nameservers
are configured? Does that match what's in resolv.conf?
Does your configuration reference only your copy (or copies) of BIND which
have Dnstap enabled? (It sounds like you have just one copy of BIND and
it's listening on 127.0.0.1.)
It didn't fix the issue.
"the issue". Ok we're trying to figure out what the issue is, so put that
aside. What, with specificity, are you doing to test? Are you running a
web browser? A bespoke python script? Are you just running dig? Even if
your configuration is correct, some long-running processes may need to be
restarted to pick up the changed configuration. Also remember that DNS
records have a time to live (TTL) and repeated queries may be served from
a local cache and not make it to your nameserver.
Now we're going to switch gears and make sure there's not a different
misunderstanding.
What does "ifconfig" or "ip address show" have for configured addresses?
Is 127.0.0.53 bound to the loopback interface? Is it in there at all? If
it's not, then BIND isn't going to be able to listen on it. It shouldn't
need to. Have you hard-coded 127.0.0.53 somewhere? Don't do that.
Applications should pick up the DNS configuration from your
*configuration*, and that should be referencing 127.0.0.1. If some
application is refusing to do so, what application is it?
Binding additional addresses to interfaces is out of scope. If you need to
do that you'll need to get help elsewhere.
I checked in nsswitch, and could see the entries for file, group, user
with systemd.
Cool. Well the entry we're specifically interested in is the "hosts:"
line. Is there anything else on it besides "files dns"? Please provide
that line verbatim.
Happy hunting...
--
Fred Morris
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
