also note that the iptable rules that walinuxagent adds does allow TCP traffic to the nameserver if the process is running as root, e.g.:
ddstreet@lp1886128:~$ dig +retries=0 +timeout=1 +short +tcp @168.63.129.16 toomany100.ddstreet.org ;; connection timed out; no servers could be reached ;; Connection to 168.63.129.16#53(168.63.129.16) for toomany100.ddstreet.org failed: timed out. ddstreet@lp1886128:~$ sudo dig +retries=0 +timeout=1 +short +tcp @168.63.129.16 toomany100.ddstreet.org | head -5 10.254.201.0 10.254.201.1 10.254.201.18 10.254.201.19 10.254.201.2 however systemd-resolved doesn't run as root, it runs as the 'systemd-resolve' user. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1886128 Title: walinuxagent blocks DNS fallback to TCP To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1886128/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
