Remove or modify `search` entry from `/etc/resolv.conf`

minkiu · October 5, 2023, 9:03am

Hey there!

This has been bugging me for a while, my /etc/resolv.conf looks like so:

nameserver 127.0.0.53
options edns0 trust-ad
search --

Output of resolvectl status:

Global
         Protocols: LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
  resolv.conf mode: stub

Link 2 (enp3s0)
    Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
         Protocols: +DefaultRoute LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
       DNS Servers: 192.168.1.253 fe80::1
        DNS Domain: --

The thing that I want to know how to fix or figure out where it’s coming from is the search -- or DNS Domain: -- which I belive them to be linked.

I tried:

$ resolvectl domain enp3s0 
Link 2 (enp3s0): --

$ resolvectl domain enp3s0 ""

$ resolvectl domain enp3s0 
Link 2 (enp3s0):

$ sudo systemctl restart systemd-resolved.service

But after restarting systemd-resolved the -- re-appear, and are always prepended to any domain I specify.

I would appreciate if anyone can point me in the right direction,

Cheers!

vgaetera · October 5, 2023, 9:22am

# Check connection settings
nmcli connection show
nmcli connection show CON_NAME | grep -i -e dns

# Reset DNS search to defaults
sudo nmcli connection modify CON_NAME \
    ipv4.dns-search "" \
    ipv6.dns-search ""
sudo nmcli connection up CON_NAME

# Check DHCP options pushed by server
sudo tcpdump -evnni any udp port 67

minkiu · October 5, 2023, 9:34am

Hi @vgaetera ! Thanks for the quick reply, I tried the above, and now the resolve.conf shows as follow:

nameserver 127.0.0.53
options edns0 trust-ad
search .

Which fixes the issue I was having! I assume there’s no real way to “remove” the search line?

The tcpdump command output:

$ sudo tcpdump -evnni any udp port 67
tcpdump: data link type LINUX_SLL2
dropped privs to tcpdump
tcpdump: listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes
10:34:39.899559 enp3s0 B   ifindex 2 dc:d9:ae:ec:9a:80 ethertype IPv4 (0x0800), length 338: (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 318)
    192.168.1.1.67 > 255.255.255.255.68: BOOTP/DHCP, Reply, length 290, xid 0x479cefbe, Flags [Broadcast]
	  Client-IP 192.168.1.102
	  Your-IP 192.168.1.102
	  Client-Ethernet-Address 34:60:f9:6a:75:2f
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: ACK
	    Server-ID (54), length 4: 192.168.1.1
	    Lease-Time (51), length 4: 86400
	    Subnet-Mask (1), length 4: 255.255.255.0
	    Default-Gateway (3), length 4: 192.168.1.1
	    Domain-Name-Server (6), length 8: 192.168.1.253,192.168.1.253
	    RN (58), length 4: 43200
	    RB (59), length 4: 75600

Thanks!