Bug 1955888

Summary: systemd-resolved takes over port 53 preventing dnsmasq to start
Product: [Fedora] Fedora Reporter: Adam Pribyl <covex>
Component: systemdAssignee: systemd-maint
Status: CLOSED CANTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 33CC: fedoraproject, filbranden, flepied, kasong, lnykryn, msekleta, ssahani, s, systemd-maint, yuwatana, zbyszek
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-05-15 10:33:32 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Adam Pribyl 2021-05-01 09:53:53 UTC
Description of problem:
After upgrade of server from F32 to F33 my network remained dead, because systemd-resolved took over the port 53 - this prevented the dnsmasq to start and serve the DHCP requests from all over the network.

Version-Release number of selected component (if applicable):
systemd-246.13-1.fc33.x86_64

How reproducible:
On upgrade thru dnf system-upgrade

Actual results:
May 01 11:39:57 server systemd-resolved[1071]: Failed to emit notification about changed property CurrentDNSServer: Transport endpoint is not connected
May 01 11:39:05 server systemd[1]: Failed to start DNS caching server..
May 01 11:39:05 server systemd[1]: dnsmasq.service: Failed with result 'exit-code'.
May 01 11:39:05 server dnsmasq[2841]: FAILED to start up
May 01 11:39:05 server dnsmasq[2841]: dnsmasq: failed to create listening socket for port 53: Address already in use
May 01 11:39:05 server systemd[1]: dnsmasq.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
May 01 11:39:05 server dnsmasq[2841]: failed to create listening socket for port 53: Address already in use

Comment 1 Zbigniew Jędrzejewski-Szmek 2021-05-15 10:33:32 UTC
You'll need to disable the stub listener. Please create
/etc/systemd/resolved.conf.d/stub-listener.conf:
   [Resolve]
   DNSStubListener=no

I'll close the bug though: it's just something that will need to be handled through an explicit
configuration from the admin.

Comment 2 Adam Pribyl 2021-05-15 16:32:38 UTC
This is however a problem if you update a remote system, and whole network remains without DHCP due to that. I'd propose that this should be handled by package maintainer at last.
Either the systemd-resolved should be started after a dnsmasq or similar services, or it should not be configured for start if there is another resolver already configured.

Comment 3 Zbigniew Jędrzejewski-Szmek 2021-05-15 16:50:20 UTC
There is an unlimited number of other resolvers that may be running. There is no mechanism to ask
"will there be some precess listening on port 53?".

I added a section in the Change page to mention this more:
https://fedoraproject.org/wiki/Changes/systemd-resolved#Local_stub_resolver_on_port_53