「Linux」- 禁止 NetworkManager 设置 /etc/resolv.conf 使用 127.0.0.53 地址

  CREATED BY JENKINSBOT

问题描述

在 Ubuntu 20.04 LTS 中,当使用 NetworkManager 正确配置并启用(nmcli connection up)网卡之后,DNS 配置没有生效,/etc/resolv.conf 坚持使用 127.0.0.53 地址的 DNS 服务。即便没有该服务(127.0.0.53:53),NetworkManager 也坚持使用该地址。并且 /etc/resolv.conf 包含 # Generated by NetworkManager 文本,就表明这是 NetworkManager 生成的。

该问题可能并不常见,只会在某些 Linux 发行版中出现,我们是在 Ubuntu 20.04 LTS 中遇到该问题。

问题原因

该问题的原因非常多,我们无法一一列举,只能描述我们的场景。

经过一番 Google 之后,各种解决方案并不适用于我们的场景,我们只能求助于官方 NetworkManager.conf(1.22) 文档对 dns 处理模式的设置:

Set the DNS processing mode.

If the key is unspecified, default is used, unless /etc/resolv.conf is a symlink to /run/systemd/resolve/stub-resolv.conf, /run/systemd/resolve/resolv.conf, /lib/systemd/resolv.conf or /usr/lib/systemd/resolv.conf. In that case, systemd-resolved is chosen automatically.

default: NetworkManager will update /etc/resolv.conf to reflect the nameservers provided by currently active connections.

dnsmasq: NetworkManager will run dnsmasq as a local caching nameserver, using “Conditional Forwarding” if you are connected to a VPN, and then update resolv.conf to point to the local nameserver. It is possible to pass custom options to the dnsmasq instance by adding them to files in the “/etc/NetworkManager/dnsmasq.d/” directory. Note that when multiple upstream servers are available, dnsmasq will initially contact them in parallel and then use the fastest to respond, probing again other servers after some time. This behavior can be modified passing the ‘all-servers’ or ‘strict-order’ options to dnsmasq (see the manual page for more details).

systemd-resolved: NetworkManager will push the DNS configuration to systemd-resolved

unbound: NetworkManager will talk to unbound and dnssec-triggerd, using “Conditional Forwarding” with DNSSEC support. /etc/resolv.conf will be managed by dnssec-trigger daemon.

none: NetworkManager will not modify resolv.conf. This implies rc-manager unmanaged

Note that the plugins dnsmasq, systemd-resolved and unbound are caching local nameservers. Hence, when NetworkManager writes /run/NetworkManager/resolv.conf and /etc/resolv.conf (according to rc-manager setting below), the name server there will be localhost only. NetworkManager also writes a file /run/NetworkManager/no-stub-resolv.conf that contains the original name servers pushed to the DNS plugin.

When using dnsmasq and systemd-resolved per-connection added dns servers will always be queried using the device the connection has been activated on.

我们没有配置 systemd-resolved 选项(包括软链接),我们没有设置 none 选项,(希望各位读者检查一下是否存在这些配置,尤其是 systemd-resolved 软链接问题),但是依旧不生效。

解决方法

遇到问题就要大胆猜想:软件是有 BUG 的,默认应该是 default 选项,但是我们认为没有启用 default 选项。

我们尝试在 /etc/NetworkManager/NetworkManager.conf 的 [main] 部分添加 dns=default 选项,并重启 NetworkManager 服务,居然解决问题了……

当我们移除 dns=default 选项,并重启 NetworkManager 服务(systemctl restart network-manger),/etc/resolv.conf 再次使用 127.0.0.53 地址

参考文献

NetworkManager.conf: NetworkManager Reference Manual
DNS set to systemd’s 127.0.0.53 – how to change permanently? – Ask Ubuntu
redhat – How do I force NetworkManager to update /etc/resolv.conf? – Server Fault
ubuntu – Using dnsmasq with NetworkManager – Super User