> One thing that would help with these confusing NXDOMAIN errors in general
the vast, VAST majority of the time you see this message it is actually not a NXDOMAIN error. This is due to a Ubuntu-only patch to systemd to work around some select captive portals that are slightly broken, so in any environment outside the broken captive portals (e.g. public wifi that you have to 'click here to accept terms' before getting internet access - and note that not all captive portals are broken) if you see this NXDOMAIN "error" it is almost always just a normal lookup of a domain that doesn't exist, and the error message is simply wrong (this also slows down dns due to forcing fallback to a lower dns protocol level and retry of the already-failed lookup). To clarify specifically for this bug, the lookup of "connectivity- check.ubuntu.com.your_domain" clearly has nothing to do with any "DNS violation", and the NXDOMAIN returned by the upstream nameserver is the *correct* response - that hostname really, actually doesn't exist. network-manager could work around this problematic Ubuntu-only systemd patch, but the real problem is unquestionably that systemd should not have the Ubuntu-only patch that's causing these messages. Fixing this appropriately (i.e. so that systemd still works with the broken captive portal issue) requires access to one of the broken captive portals, so I haven't been able to work on correctly fixing this lately, but it is something I want to do, so we can get rid of the very unfortunate false NXDOMAIN "error" messages. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1880258 Title: Add trailing dot to make connectivity-check.ubuntu.com. absolute and reduce NXDOMAIN warning noise Status in network-manager package in Ubuntu: Fix Released Status in systemd package in Ubuntu: Triaged Status in network-manager source package in Focal: Confirmed Bug description: I normally don't like this, but it's a one-character change so it's easier to start with the solution: diff -u -r1.1 /usr/lib/NetworkManager/conf.d/20-connectivity-ubuntu.conf --- /usr/lib/NetworkManager/conf.d/20-connectivity-ubuntu.conf +++ /usr/lib/NetworkManager/conf.d/20-connectivity-ubuntu.conf @@ -1,2 +1,2 @@ [connectivity] -uri=http://connectivity-check.ubuntu.com/ +uri=http://connectivity-check.ubuntu.com./ Making this name absolute instead of relative avoids spurious resolutions of "connectivity-check.ubuntu.com.your_domain." This removes a fair amount of NXDOMAIN error noise in journalctl. Observing the issue and the fix requires 3 terminals: 1. tcpdump -i any 'port domain' 2. journalctl --boot -u systemd-resolved -f 3. nmcli c down "Wired connection 1"; nmcli c up "Wired connection 1" => observe the NXDOMAIN noise over a couple few minutes Now make the hostname absolute with the trailing dot above and run: systemctl reload NetworkManager Wait 1 min for things to stabilize. Test again: nmcli c down "Wired connection 1"; nmcli c up "Wired connection 1" => observe non-zero but significantly reduced NXDOMAIN noise over a couple few minutes Originally reported at https://askubuntu.com/a/1242611/117217 Plenty of people annoyed by NXDOMAIN warnings, just Google it. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1880258/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
