Ubuntu lts 22.04.01 does not resolve for lan devices

anonymous-linux · 11-28-2022, 06:09 AM

I'm testing a new server for my organization that has NAT and pppoe conection from my provider. The problem is that I can ping from server to any domains but I cannot ping from lan devices to any domains, but I can ping to ip like 8.8.8.8 from lan devices.

So here some output syslog

Code:

Nov  9 09:51:59 ubuntu pppd[4187]: Plugin rp-pppoe.so loaded.
Nov  9 09:51:59 ubuntu pppd[4188]: pppd 2.4.9 started by admin1, uid 0
Nov  9 09:52:00 ubuntu pppd[4188]: PPP session is 3391
Nov  9 09:52:00 ubuntu pppd[4188]: Connected to ac:1f:6b:9e:af:08 via interface eth1
Nov  9 09:52:00 ubuntu pppd[4188]: Using interface ppp0
Nov  9 09:52:00 ubuntu pppd[4188]: Connect: ppp0 <--> eth1
Nov  9 09:52:00 ubuntu systemd-udevd[4189]: Using default interface naming scheme 'v249'.
Nov  9 09:52:02 ubuntu dhclient[1070]: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 9 (xid=0x965fad40)
Nov  9 09:52:03 ubuntu pppd[4188]: PAP authentication succeeded
Nov  9 09:52:03 ubuntu pppd[4188]: peer from calling number AC:1F:6B:9E:AF:08 authorized
Nov  9 09:52:03 ubuntu pppd[4188]: local  IP address xxx.yyy.www.zzz(my public ip)
Nov  9 09:52:03 ubuntu pppd[4188]: remote IP address 10.0.0.1
Nov  9 09:52:03 ubuntu pppd[4188]: primary   DNS address 193.231.252.1
Nov  9 09:52:03 ubuntu pppd[4188]: secondary DNS address 213.154.124.1
Nov  9 09:52:03 ubuntu pppd[4188]: local  LL address xxxx::yyyy:kkkk:wwww:zzzz(ipv6 public ip)
Nov  9 09:52:03 ubuntu pppd[4188]: remote LL address fe80::0000:0000:0000:0001

Then I made an experiment, I used one of the lan machines as pppoe server, so you see can bellow that pppoe server has 172.16.0.1, and new server(the one that does not resolve) has 172.16.0.2.

Code:

Nov  9 12:35:56 ubuntu pppd[6213]: Plugin rp-pppoe.so loaded.
Nov  9 12:35:56 ubuntu pppd[6214]: pppd 2.4.9 started by admin1, uid 0
Nov  9 12:35:56 ubuntu pppd[6214]: PPP session is 2
Nov  9 12:35:56 ubuntu pppd[6214]: Connected to 00:8c:fa:ad:b7:b1 via interface eth0
Nov  9 12:35:56 ubuntu pppd[6214]: Using interface ppp1
Nov  9 12:35:56 ubuntu pppd[6214]: Connect: ppp1 <--> eth0
Nov  9 12:35:56 ubuntu pppd[6214]: CHAP authentication succeeded: Access granted
Nov  9 12:35:56 ubuntu pppd[6214]: CHAP authentication succeeded
Nov  9 12:35:56 ubuntu pppd[6214]: peer from calling number 00:8C:FA:AD:B7:B1 authorized
Nov  9 12:35:56 ubuntu systemd-udevd[6218]: Using default interface naming scheme 'v249'.
Nov  9 12:35:56 ubuntu pppd[6214]: replacing old default route to ppp0 [0.0.0.0]
Nov  9 12:35:56 ubuntu pppd[6214]: local  IP address 172.16.0.2
Nov  9 12:35:56 ubuntu pppd[6214]: remote IP address 172.16.0.1
Nov  9 12:35:56 ubuntu pppd[6214]: primary   DNS address 4.2.2.1
Nov  9 12:35:56 ubuntu pppd[6214]: secondary DNS address 4.2.2.3

And I noticed that from my provider there is that ipv6

Code:

Nov  9 09:52:03 ubuntu pppd[4188]: local  LL address xxxx::yyyy:kkkk:wwww:zzzz(ipv6 public ip)
Nov  9 09:52:03 ubuntu pppd[4188]: remote LL address fe80::0000:0000:0000:0001

So I disabled from sysctl with

Code:

net.ipv6.conf.ppp0.disable_ipv6 = 1

And still it did not worked, I only got this log

Code:

Nov 10 08:19:01 ubuntu pppd[3442]: sif6addr: ioctl(SIOCSIFADDR): Permission denied (line 2986)
Nov 10 08:19:01 ubuntu pppd[3442]: cif6addr: ioctl(SIOCDIFADDR): No such address

Now here is my all network configuration:

I switched to ifupdown and disabled some services and netplan with:

Code:

apt update
apt install ifupdown

systemctl stop systemd-networkd.socket systemd-networkd networkd-dispatcher systemd-networkd-wait-online

systemctl disable systemd-networkd.socket systemd-networkd networkd-dispatcher systemd-networkd-wait-online

systemctl mask systemd-networkd.socket systemd-networkd networkd-dispatcher systemd-networkd-wait-online

apt-get --assume-yes purge nplan netplan.io

/etc/network/interfaces

Code:

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback


auto dsl-provider
iface dsl-provider inet ppp
pre-up /bin/ip link set eth0 up # line maintained by pppoeconf
provider dsl-provider

auto eth0
iface eth0 inet manual

auto eth1
iface eth1 inet static
address 192.168.2.1
netmask 255.255.255.0
broadcast 192.168.2.255

ip addr output

Code:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 3c:ec:ef:70:3d:00 brd ff:ff:ff:ff:ff:ff
    altname enp4s0
    altname eno1
    inet6 fe80::3eec:efff:fe70:3d00/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 3c:ec:ef:70:3d:01 brd ff:ff:ff:ff:ff:ff
    altname enp5s0
    altname eno2
    inet 192.168.2.1/24 brd 192.168.2.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::3eec:efff:fe70:3d01/64 scope link 
       valid_lft forever preferred_lft forever
77: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1480 qdisc fq_codel state UNKNOWN group default qlen 3
    link/ppp 
    inet xxx.yyy.www.zzz(public ip) peer 10.0.0.1/32 scope global ppp0
       valid_lft forever preferred_lft forever
    inet6 fe80::524c:dc6 peer fe80::1/128 scope link 
       valid_lft forever preferred_lft forever

/etc/dhcp/dhcpd.conf

Code:

ddns-update-style none; 
authoritative; 
log-facility local7; 

subnet 192.168.2.0 netmask 255.255.255.0 {
   range 192.168.2.110 192.168.2.254;
   option routers 192.168.2.1;
   option subnet-mask 255.255.255.0;
  
   option domain-name-servers 192.168.2.1;

   option broadcast-address 192.168.2.255;
   default-lease-time 3600;
   max-lease-time 86400;
}

After I tried only with systemd-resolved I used resolvconf /etc/resolv.conf (/run/resolvconf/resolv.conf)

Code:

nameserver 193.231.252.1
nameserver 213.154.124.1
nameserver 127.0.0.53

I even tested with a static network configuration on a lan machine, it does not work.

If I manually add dns from my provider or even 8.8.8.8 to those lan machines it works, It's like the server does not add dns to lan machines.

And then I did some other experimentations, I replaced my dns server 192.168.2.1 with the isp nameservers to dhcp eg: option domain-name-servers 193.231.252.1, 213.154.124.1;

It works but! But... I want this process to be automated in case the isp changes nameservers.

michaelk · 11-29-2022, 03:46 PM

Ubuntu runs a stub resolver (systemd-resolved, nameserver 127.0.0.53) which basically is just local DNS caching for the server itself. The server does not provide any DNS forwarding for your LAN machines which is why using option domain-name-servers 192.168.2.1; does not work.

You don't have to use your ISPs DNS servers, there are many like Google or opendns that are free to use but you need to specify them in the DHCP server's option domain-name-servers.