Fedora 40 Ignoring local DNS server

Hello,

I’m having some issues in my Fedora 41 Workstation installation trying to resolve some local DNS records in my local DNS server.

I have two local DNS servers, both getting handed out by DHCP and apparently getting correctly picked up by resolved. However, anytime I try to resolve any internal record I get no reply. It seems like resolved is ignoring the local DNS server, since it returns no replies and these records are not in any public DNS server.

The behaviour seems very similar to this other thread, with the difference I have no external records: Fedora 40 - Split DNS Resolution(Internal/External) Issue - Favortizing External Resolution

Below are resolvectl status output, and a few dig commands highlighting the issue. I redacted the domain and tld.

❯ lsb_release -a                                      
LSB Version:	n/a
Distributor ID:	Fedora
Description:	Fedora Linux 41 (Sway)
Release:	41
Codename:	n/a

~
❯ resolvectl status                                   
Global
         Protocols: LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
  resolv.conf mode: stub

Link 2 (enp34s0)
    Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
         Protocols: +DefaultRoute LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: fe80::861e:a3ff:feb1:f8e7
       DNS Servers: 192.168.1.12 192.168.1.13 fe80::861e:a3ff:feb1:f8e7
        DNS Domain: lan

Link 3 (docker0)
    Current Scopes: none
         Protocols: -DefaultRoute LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported

~
❯ dig @192.168.1.12 arsenal.pve.<redacted>.<tld>

; <<>> DiG 9.18.33 <<>> @192.168.1.12 arsenal.pve.<redacted>.<tld>
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40469
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;arsenal.pve.<redacted>.<tld>.		IN	A

;; ANSWER SECTION:
arsenal.pve.<redacted>.<tld>.	10	IN	A	192.168.1.25

;; Query time: 2 msec
;; SERVER: 192.168.1.12#53(192.168.1.12) (UDP)
;; WHEN: Sun Apr 13 10:22:46 WEST 2025
;; MSG SIZE  rcvd: 55


~
❯ dig arsenal.pve.<redacted>.<tld>              

; <<>> DiG 9.18.33 <<>> arsenal.pve.<redacted>.<tld>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9191
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;arsenal.pve.<redacted>.<tld>.		IN	A

;; AUTHORITY SECTION:
<redacted>.<tld>.		1321	IN	SOA	ajay.ns.cloudflare.com. dns.cloudflare.com. 2369959234 10000 2400 604800 1800

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Sun Apr 13 10:22:48 WEST 2025
;; MSG SIZE  rcvd: 112


~
❯ resolvectl query arsenal.pve.<redacted>.<tld> --cache=false
arsenal.pve.<redacted>.<tld>: Name 'arsenal.pve.<redacted>.<tld>' not found

Thanks in advance for any help!

Great info!

I notice that you have a IPv6 link local address in the resolver, but you did not test that it works and it’s the current DNS server.

I’ve just got into running a full IPv4/Ipv6 home network and some apps did not work correctly until I debugged by IPv6 configuration. Are you sure you have a working IPv6 network?

Thanks for the reply Barry.

I noticed that as well when reviewing the info when posting.
To be honest, I’m not sure. I know the ISP Router has IPv6 enabled and I’m pretty sure my local computers have both a link local IPv6 and an addressable IPv6. I haven’t really touched the IPv6 settings in the router, I’ll have to dig a little further and report back

The way I setup my IPv6 was to use “prefix deligation” from the router to give each of my systems it’s own /64. Your ISP should have provisioned a /48 or /56 so you can do this.