We can see in your logs (thanks for all your effort BTW) that the failing cases are exactly those which have: ... Server: 127.0.0.53 Address: 127.0.0.53#53 ...
That represents the switch to systemd-resolved. It might be worth to check (and if you want report) your output of: $ systemd-resolve --status I guess we can already switch this bug from bind9 to systemd, or at least add it. Now one weakness of systemd-resolved that I've seen in several other bug reports is that - IIRC- if you have multiple DNS servers it does "the first wins". So if you happen to have multiple DNS servers pushed via dhcp or other places what could happen is that one answers "SERVFAIL" before the other one could reply with a valid answer. Is your setup using such a multi-dns scenario? Info: - There were some fixes in NM for that (bug 1624317) but I'm not sure if there aren't ways to still hit this. - There are many, but one related upstream issue (for some context) is https://github.com/systemd/systemd/issues/6076 ** Also affects: systemd (Ubuntu) Importance: Undecided Status: New ** Bug watch added: github.com/systemd/systemd/issues #6076 https://github.com/systemd/systemd/issues/6076 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1862437 Title: Ubuntu 16.10 & later, & derivatives do not query the assigned DNS server To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1862437/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
