Bug 30694

Summary: my dns change by themselves
Product: Mageia Reporter: marc fanjoux <marcounet>
Component: RPM PackagesAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED INVALID QA Contact:
Severity: normal    
Priority: Normal CC: davidwhodgins, ftg
Version: 8   
Target Milestone: ---   
Hardware: x86_64   
OS: Linux   
URL: https://www.mageialinux-online.org/forum/topic-29959+mes-dns-changent.php
Whiteboard:
Source RPM: CVE:
Status comment:

Description marc fanjoux 2022-08-02 20:17:09 CEST 
Description of problem:
my dns change 

mageia 8 / plasma / netapplet 

How reproducible:
hello !
i change my dns : 192.168.1.1 to 1.1.1.1 & 1.0.0.1
marco@localhost ~]$ nslookup google.com
Server:         1.1.1.1
Address:        1.1.1.1#53

it is ok 

but one or two hours after my dns are changing:
[marco@localhost ~]$ nslookup google.com
Server:         192.168.1.1
Address:        192.168.1.1#53
 
Steps to Reproduce:
1. change your dns to 1.1.1.1
and nslookup google.com
2. wait one or two hours
3.nslookup google.com
Server:         192.168.1.1
Comment 1 Dave Hodgins 2022-08-02 21:18:07 CEST 
How are you changing the dns? Editing a file, using drakxnet, or networkmanager?

As 192.168.1.1 is an RFC1918 address that doesn't go out of your local area
network, is that the address of the host where you're running the command,
or the router?

google.com name server entries have a time to live value of 300 (5 minutes).
The second nslookup command shows that a lookup of google.com had been run
(for example, loading a website that uses google analytics in a browser)
within the previous 5 minutes.

CC: (none) => davidwhodgins

Comment 2 Frank Griffin 2022-08-02 21:31:18 CEST 
Are you assigning the IP address via DHCP ?  If so, the DHCP server may be resetting the DNS server IP when the lease expires.  Check the DHCP configuration to see if it is set to pass a DNS IP of 192.168.1.1 to its clients.  192.168.1.1 is the default DNS server IP for many if not most commercial home access points (routers).

CC: (none) => ftg

Comment 3 marc fanjoux 2022-08-02 21:46:06 CEST 
thank you for your answers!
i manage my ip by dhcp on netapplet not with networkmanager
I test on google.com
I will see to change that with qwant.com ?
Comment 4 Dave Hodgins 2022-08-02 21:58:41 CEST 
Note that the nslookup is telling you what server returned the answer. It is
not saying that the dns has been changed, as it will use a cached result if
it's been less then 5 minutes since the last lookup of google.com

The time limit of 5 minutes (300 seconds) is set in the dns A record for
google.com.
Comment 5 Dave Hodgins 2022-08-02 22:08:45 CEST 
If you do want to know what name servers the system is currently set to use,
look at the contents of /etc/resolv.conf, not the server returned from nslookup.
Comment 6 Frank Griffin 2022-08-02 22:19:57 CEST 
I think the definitive test, if you're using netapplet, is to turn off DHCP and use a static IP address with a static DNS address of 1.1.1.1.  This takes your router out of the picture for DNS.

If your DNS *doesn't* get reset after a few hours, then it's what I said in comment#2.

The next step is to go into your router's configuration (usually http://192.168.1.1 from a browser also connected to the router), reset the DNS it supplies to 1.1.1.1 (and 1.0.0.1 if it lets you set multiple servers), switch netapplet back to DHCP with the DHCP server supplying the DNS IP, and see if the resetting stops.  If so, you're home free.
Comment 7 Dave Hodgins 2022-08-02 22:38:06 CEST 
Instead of changing the setup, let's look at what you currently have first.

What's the content of
/etc/sysconfig/network-scripts/ifcfg-e*
(or /etc/sysconfig/network-scripts/ifcfg-w*, if using wireless).
Comment 8 David Walser 2022-08-02 23:27:14 CEST 
Does dnsmasq do this?

Component: Security => RPM Packages
QA Contact: security => (none)

Comment 9 Dave Hodgins 2022-08-02 23:31:02 CEST 
If /etc/sysconfig/network-scripts/ifcfg-e has PEERDNS=yes
("Get DNS servers from DHCP" is checked in the gui), the manually
configured dns servers will be overwritten when dhcp renews the lease.
Comment 10 marc fanjoux 2022-08-03 07:31:42 CEST 
(In reply to Dave Hodgins from comment #4)
> Note that the nslookup is telling you what server returned the answer. It is
> not saying that the dns has been changed, as it will use a cached result if
> it's been less then 5 minutes since the last lookup of google.com
> 
> The time limit of 5 minutes (300 seconds) is set in the dns A record for
> google.com.

ok thank you
Comment 11 marc fanjoux 2022-08-03 07:34:13 CEST 
(In reply to Dave Hodgins from comment #5)
> If you do want to know what name servers the system is currently set to use,
> look at the contents of /etc/resolv.conf, not the server returned from
> nslookup.

hello
resolv.conf when dns changed
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.1.1

resolv.conf with my dns
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 1.1.1.1
nameserver 1.0.0.1
Comment 12 marc fanjoux 2022-08-03 07:37:04 CEST 
(In reply to Frank Griffin from comment #6)
> I think the definitive test, if you're using netapplet, is to turn off DHCP
> and use a static IP address with a static DNS address of 1.1.1.1.  This
> takes your router out of the picture for DNS.
> 
> If your DNS *doesn't* get reset after a few hours, then it's what I said in
> comment#2.
> 
> The next step is to go into your router's configuration (usually
> http://192.168.1.1 from a browser also connected to the router), reset the
> DNS it supplies to 1.1.1.1 (and 1.0.0.1 if it lets you set multiple
> servers), switch netapplet back to DHCP with the DHCP server supplying the
> DNS IP, and see if the resetting stops.  If so, you're home free.

on my computer i am a static IP address with a static DNS address of 1.1.1.1.
Comment 13 marc fanjoux 2022-08-03 08:28:20 CEST 
(In reply to Dave Hodgins from comment #7)
> Instead of changing the setup, let's look at what you currently have first.
> 
> What's the content of
> /etc/sysconfig/network-scripts/ifcfg-e*
> (or /etc/sysconfig/network-scripts/ifcfg-w*, if using wireless).

EVICE=wlp1s0
BOOTPROTO=dhcp
ONBOOT=yes
METRIC=35
MII_NOT_SUPPORTED=no
USERCTL=no
DNS1=1.1.1.1
DNS2=1.0.0.1
RESOLV_MODS=yes
WIRELESS_MODE=Managed
WIRELESS_ESSID=KNET_ddwrt_5Ghz
WIRELESS_ENC_KEY=s:01ta
WIRELESS_WPA_DRIVER=wext
WIRELESS_WPA_REASSOCIATE=no
KEY_MGMT=WPA-PSK
WPA_PSK=01ta
IPV6INIT=yes
IPV6TO4INIT=no
ACCOUNTING=yes
DHCP_CLIENT=dhclient
NEEDHOSTNAME=no
PEERDNS=no
PEERYP=yes
PEERNTPD=no
Comment 14 marc fanjoux 2022-08-03 08:56:03 CEST 
my wifi connection is in dhcp!!!!!!!
An inattention of my part

I just put it in fixed ip, I test and if resolved I note in resolved!
Comment 15 marc fanjoux 2022-08-03 17:08:36 CEST 
with a fixed ip all is ok since 8 am .
thank you for your answers that have helped me

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Comment 16 Dave Hodgins 2022-08-03 19:22:14 CEST 
Changing to invalid, as it was just a mis-understanding of the settings,
not something that was fixed by changes to Mageia.

Resolution: FIXED => INVALID

Comment 17 marc fanjoux 2022-08-03 21:04:46 CEST 
(In reply to Dave Hodgins from comment #16)
> Changing to invalid, as it was just a mis-understanding of the settings,
> not something that was fixed by changes to Mageia.

Oups !!! thank you  Dave !