You are not logged in.
Split from https://bbs.archlinux.org/viewtopic.php?id=311548
I created a tun profile, but DNS config in the profile is not showing up in systemd-resolved. Any idea why...? (Nothing in systemd-resolved or Networkmanager's log)
> nmcli con show ss-tun
ipv4.method: manual
ipv4.dns: 1.1.1.1#one.one.one.one,9.9.9.9#dns.quad9.net
> resolvectl status
Global
Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=yes/supported
resolv.conf mode: stub
Fallback DNS Servers: 9.9.9.9#dns.quad9.net 2620:fe::9#dns.quad9.net 1.1.1.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 8.8.8.8#dns.google 2001:4860:4860::8888#dns.google
Link 2 (wlp1s0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4 mDNS/IPv6
Protocols: +DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=yes/supported
Current DNS Server: 9.9.9.9
DNS Servers: 9.9.9.9
Default Route: yes
Link 18 (ss-tun)
Current Scopes: LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4 mDNS/IPv6
Protocols: -DefaultRoute +LLMNR +mDNS +DNSOverTLS DNSSEC=yes/supported
Default Route: noOffline
The reason for the empty DNS is that, NM's dns-systemd-resolved plugin seems to have the behavior of only setting the default route's DNS.
archlinux systemd-resolved[625]: ss-tun: Bus client set default route setting: yes
archlinux systemd-resolved[625]: ss-tun: Bus client set DNS server list to: 1.1.1.1#one.one.one.one, 9.9.9.9#dns.quad9.net
archlinux systemd-resolved[625]: wlp1s0: Bus client reset search domain list.
archlinux systemd-resolved[625]: wlp1s0: Bus client set default route setting: no
archlinux systemd-resolved[625]: wlp1s0: Bus client reset DNS server list.
archlinux systemd-resolved[625]: Switching to fallback DNS server 9.9.9.9#dns.quad9.net.
archlinux systemd-resolved[625]: wlp1s0: Bus client set search domain list to: DHCP, HOST
archlinux systemd-resolved[625]: wlp1s0: Bus client set default route setting: yes
archlinux systemd-resolved[625]: wlp1s0: Bus client set DNS server list to: 192.168.1.1, 192.168.0.1
archlinux systemd-resolved[625]: ss-tun: Bus client set default route setting: no
archlinux systemd-resolved[625]: ss-tun: Bus client reset DNS server list.NetworkManager[789]: <debug> [1768008934.6256] dns-mgr: (device_l3cd_changed): DNS configuration changed
NetworkManager[789]: <debug> [1768008934.6256] dns-mgr: (device_l3cd_changed): committing DNS changes (0)
NetworkManager[789]: <debug> [1768008934.6256] dns-mgr: update-dns: updating resolv.conf
NetworkManager[789]: <trace> [1768008934.6256] dns-mgr: config: -50 default v4 3 : 1.1.1.1#one.one.one.one 9.9.9.9#dns.quad9.net
NetworkManager[789]: <trace> [1768008934.6256] dns-mgr: config: 100 best v4 2 <SKIP>: 192.168.1.1 192.168.0.1
NetworkManager[789]: <trace> [1768008934.6256] dns-mgr: config: 100 default v6 2 <SKIP>:
NetworkManager[789]: <trace> [1768008934.6256] dns-mgr: config: 100 default v6 3 <SKIP>:
NetworkManager[789]: <trace> [1768008934.6256] dns-mgr: plugin: settings: ifindex=3, priority=-50, default-route=0, search=, reverse=0.1.10.in-addr.arpa
NetworkManager[789]: <trace> [1768008934.6256] dns-mgr: plugin: add domain 'DHCP' (i=2, p=100)
NetworkManager[789]: <trace> [1768008934.6256] dns-mgr: plugin: add domain 'HOST' (i=2, p=100)
NetworkManager[789]: <trace> [1768008934.6257] dns-mgr: plugin: add domain <auto-default> (i=2, p=100)
NetworkManager[789]: <trace> [1768008934.6257] dns-mgr: plugin: settings: ifindex=2, priority=100, default-route=1, search=DHCP,HOST, reverse=0.168.192.in-addr.arpa
NetworkManager[789]: <debug> [1768008934.6257] dns-mgr: update-dns: updating plugin systemd-resolved
NetworkManager[789]: <trace> [1768008934.6257] dns-sd-resolved[88bb1d217fa1c2ba]: send-updates: start 12 requests
NetworkManager[789]: <trace> [1768008934.6257] dns-sd-resolved[88bb1d217fa1c2ba]: send-updates: SetLinkDomains ( (2, [('DHCP', false), ('HOST', false)]) )
NetworkManager[789]: <trace> [1768008934.6258] dns-sd-resolved[88bb1d217fa1c2ba]: send-updates: SetLinkDefaultRoute ( (2, true) )
NetworkManager[789]: <trace> [1768008934.6258] dns-sd-resolved[88bb1d217fa1c2ba]: send-updates: SetLinkMulticastDNS ( (2, '') )
NetworkManager[789]: <trace> [1768008934.6258] dns-sd-resolved[88bb1d217fa1c2ba]: send-updates: SetLinkLLMNR ( (2, '') )
NetworkManager[789]: <trace> [1768008934.6259] dns-sd-resolved[88bb1d217fa1c2ba]: send-updates: SetLinkDNS ( (2, [(2, [0xc0, 0xa8, 0x01, 0x01]), (2, [0xc0, 0xa8, 0x00, 0x01])]) )
NetworkManager[789]: <trace> [1768008934.6259] dns-sd-resolved[88bb1d217fa1c2ba]: send-updates: SetLinkDNSOverTLS ( (2, '') )
NetworkManager[789]: <trace> [1768008934.6259] dns-sd-resolved[88bb1d217fa1c2ba]: send-updates: SetLinkDomains ( (3, []) )
NetworkManager[789]: <trace> [1768008934.6259] dns-sd-resolved[88bb1d217fa1c2ba]: send-updates: SetLinkDefaultRoute ( (3, false) )
NetworkManager[789]: <trace> [1768008934.6259] dns-sd-resolved[88bb1d217fa1c2ba]: send-updates: SetLinkMulticastDNS ( (3, '') )
NetworkManager[789]: <trace> [1768008934.6260] dns-sd-resolved[88bb1d217fa1c2ba]: send-updates: SetLinkLLMNR ( (3, '') )
NetworkManager[789]: <trace> [1768008934.6260] dns-sd-resolved[88bb1d217fa1c2ba]: send-updates: SetLinkDNS ( (3, []) )
NetworkManager[789]: <trace> [1768008934.6260] dns-sd-resolved[88bb1d217fa1c2ba]: send-updates: SetLinkDNSOverTLS ( (3, 'yes') )Last edited by Beemo (2026-01-10 01:39:36)
Offline
And the reason for that seems to be (the code looks alien to me so it might not be): https://gitlab.freedesktop.org/NetworkM … ved.c#L392
I.E. Need to configure either "Default Route" (not sure if you can) or dns-search in NetworkManager, otherwise the DNS setting is not passed to sd-resolved.
Tested with nmcli con mod ss-tun ipv4.dns-search '~.' and indeed it works.
Further reading:
ipv4.dns-search: https://networkmanager.dev/docs/api/lat … nmcli.html
'~.' instead of default route for VPN: https://systemd.io/RESOLVED-VPNS/
Last edited by Beemo (2026-01-10 01:30:38)
Offline