Dns/dhcp weirdness on new 16.04.1 install

Support & Help Requests
#1

I’ve been thrilled since I discovered that my ASUS router resolved DNS queries for local hosts. No more schlepping around hosts files! I expected and found the same behavior in pfSense when I set that up as a firewall about a week ago. Yesterday I installed Ubuntu-Mate 16.04.1 on my desktop and that behavior is inexplicably missing. For some reason, this host (which gets it’s IP via DHCP) is pointing to external DNS servers which do not resolve hosts on my LAN. Before this install I was running 16.10 and had the same difficulty which was fixed by modifying /etc/nsswitch.conf as directed in this post: http://askubuntu.com/questions/837982/how-to-configure-local-dns-lookup-in-ubuntu-16-10/838395#838395. That seems not to work for this issue in 16.04.

I did try purge/reinstall libnss-resolve later in the thread. It worked once. Following reboot the problem was back and was no longer fixed by this purge/reinstall.

Here’s what I see:

hbarta@olive:~$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 8.8.4.4
nameserver 2001:4860:4860::8888
nameserver 2001:4860:4860::8844
search localdomain
hbarta@olive:~$ 

hbarta@olive:~$ cat /etc/nsswitch.conf 
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd:         compat
group:          compat
shadow:         compat
gshadow:        files

hosts:          files mdns4_minimal [NOTFOUND=return] resolve dns
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis
hbarta@olive:~$

Another host which does not have this problem looks like:

hbarta@yggdrasil:~$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.1.1
search localdomain
hbarta@yggdrasil:~$ cat /etc/nsswitch.conf 
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd:         compat
group:          compat
shadow:         compat
gshadow:        files

hosts:          files mdns4_minimal [NOTFOUND=return] resolve dns
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis
hbarta@yggdrasil:~$

Both are running 16.04 and the Mate desktop though I think the other one was Xubuntu to which I added Mate. Both have the same dns and dhcp related packages installed:

hbarta@yggdrasil:~$ dpkg -l|egrep "dns|dhcp"
ii  avahi-dnsconfd                        0.6.32~rc+dfsg-1ubuntu2                    amd64        Avahi DNS configuration tool
ii  dnsmasq-base                          2.75-1ubuntu0.16.04.1                      amd64        Small caching DNS proxy and DHCP/TFTP server
ii  dnsutils                              1:9.10.3.dfsg.P4-8ubuntu1.3                amd64        Clients provided with BIND
ii  isc-dhcp-client                       4.3.3-5ubuntu12.6                          amd64        DHCP client for automatically obtaining an IP address
ii  isc-dhcp-common                       4.3.3-5ubuntu12.6                          amd64        common files used by all of the isc-dhcp packages
ii  libavahi-compat-libdnssd1:amd64       0.6.32~rc+dfsg-1ubuntu2                    amd64        Avahi Apple Bonjour compatibility library
ii  libdns-export162                      1:9.10.3.dfsg.P4-8ubuntu1.3                amd64        Exported DNS Shared Library
ii  libdns162:amd64                       1:9.10.3.dfsg.P4-8ubuntu1.3                amd64        DNS Shared Library used by BIND
ii  libnss-mdns:amd64                     0.10-7                                     amd64        NSS module for Multicast DNS name resolution
hbarta@yggdrasil:~$

The DNS servers are the ones configured in pfSense and I am at a loss why one host winds up with local DNS while the other uses the ones that pfSense should be using.

Help resolving (groan :wink: ) this is most welcome.

Thanks!

#2

Hi @HankB,

have you looked at the firewall configuration as that may have done some damage? (just guessing!). :smiley:

Firewall (as superuser)_025.jpg386×559 126 KB

#3

Hi wolfman,
Firewall is off.

thanks,
hank

1 Like
#4

I did a little more digging. I put Wireshark on the line and captured traffic as I Disconnected and Reconnected (via the Network Manager applet) Ethernet. Here’s what I saw :

  1. “DHCP Request” (from my host, broadcast.) Options include requested IP address, Parameter request list including Domain Name Server.
  2. “DHCP ACK” (from pfSense router to my host) including “Domain Name Server” listing the IP address of of the pfSenser firewall. (and a few other fields.)
  3. DNS Query from my host to 8.8.8.8 for daisy.ubuntru.com
  4. Another DNS query freom my host to 8.8.8.8 for daisy.ubuntru.com
  5. DNS query from my host to 8.8.8.8 for ssl.gstatic.com
    (followed by three replies for these queries.)

It seems like something is cacheing DNS servers on this host. This started on a clean install. I wonder where else I could ask about this. Is it an Ubuntu issue? Debian? systemd?

I’d like to get this resolved.

I’m getting Whoopsies again. Between that and this issue, Ubuntu’s days may be numbered on this PC.

thanks,
hank

Edit.2 - more digging and a semi-helpful post. http://askubuntu.com/questions/157154/how-do-i-include-lines-in-resolv-conf-that-wont-get-lost-on-reboot

I added the nameserver lookup to /etc/resolvconf/resolv.conf.d/head. That gets it stuffed into /etc/resolv.conf (actually the file it links to…) and hosts on my LAN are now resolved. It’s a kludge and I’m not happy about that but it works.

Along the way I learned that neither ‘systemctl stop networking’ or ‘/etc/init.d/networking stop’ will shut down the Ethernet connection. IO’m even less happy about that. :angry: