I’m on Atomic F42 Silverblue.
After configuring systemd-resolved to use DoT(DNS over TLS), I can’t access avahi-daemon provided .local FQDNs from the local network even though direct ip connections still work/
Things like wsdd work to show servers in GNOME FIles Network page but clicking on them wont show any shares.
Anyone know how to fix?
To get where my settings are now, I ran the following
Global
Protocols: LLMNR=resolve -mDNS +DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Current DNS Server: 9.9.9.9#dns.quad9.net
DNS Servers: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net
DNS Domain: ~.
Link 2 (enp0s31f6)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
Protocols: +DefaultRoute LLMNR=resolve -mDNS +DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.86.1
DNS Servers: 192.168.86.1
DNS Domain: lan
Default Route: yes
in settings > network click on your connection then the ‘cog’ to open the network settings.
change the IPv4 DNS address to 127.0.0.1
then the IPv6 address to ::1
save the settings then in a terminal run one after each other.
sudo systemctl daemon-reload
sudo systemctl restart systemd-networkd
sudo systemctl restart systemd-resolved
also it may help to append at the end of your DNS configuration /dns-query
so the address entry within resolve.conf looks like ..
DNS=9.9.9.9#dns.quad9.net/dns-query
and then the same for each of the other DNS address within resolve.conf
but im not sure if that change would help but its the way i have mine set up.
That is strange as normally you would query avahi names before systemd-resolved is queried. You can run grep hosts /etc/nsswitch.conf to check if this is the case.
hosts: files myhostname mdns_minimal [NOTFOUND=return] resolve [!UNAVAIL=return] dns
In this case the sequence is
query /etc/hosts
check the local hostnames
query avahi in ipv4 and ipv6 mode for names ending in “.local”.
If not found query resolve using the resolve protocol
If resolve is not available query dnf using /etc/hosts configuration
have you symlinked etc/resolv.conf
this is from a howto that i have used for DNS resolving/caching.
It’s good practice for us to configure systemd-resolved to manage the “/etc/resolv.conf” file by creating a symlink to “/run/systemd/resolve/stub-resolv.conf”. To achieve this, we need to delete or rename the current “/etc/resolv.conf” file, create a symlink, then restart the systemd-resolved service:
If you have disabled mDNS feature in systemd-resolved, which it seems you have, resolution of .local names should be handled by avahi-daemon only.
What is in /etc/resolv.conf should not matter, because that is ready only by dns plugin. Esure you have installed nss-mdns package and some variant of mdns*_minimal is in /etc/nsswitch.conf hosts: section.
First ensure avahi is able to resolve own hostname: avahi-resolve -n $(hostname | cut -d. -f1).local.
That should print your IP address. Try any other host, which should be present. If this command cannot get address, avahi-daemon has problem with resolving it. The problem is not in configuration of the plugin.
If it worked, try: getent ahosts -s mdns_minimal $(hostname | cut -d. -f1).local command. That should print both ipv4 and ipv6 address, even if nsswitch does not enable the plugin properly. You can try other variants with -s: mdns4_minimal, mdns6_minimal, mdns.
If this got the address too, remove -s and try the default variant: getent ahosts $(hostname | cut -d. -f1).local. If this does not return address anymore, you may miss correct configuration in /etc/nsswitch.conf. authselect current tool should show features enabled. But from what you shared, this should not be your issue.
I have had problems with .local names resolution on some Mikrotik WIFI networks. It did not work correctly over wifi, but did over ethernet. If you can resolve your own name, then start with trying remote names too. Firewalls or other types of network filtering might cause remote names not work properly, even if otherwise your configuration is correct.