Description of problem: systemd-resolved has a limit of 8 CNAME redirects in F33. This breaks DNS resolution for records that have more than 8, specifically breaks microsoft teams at the time of reporting. Examples of affected DNS records are available in https://github.com/systemd/systemd/issues/9690 Fix is included to v248: https://github.com/systemd/systemd/commit/e0ae456a554d0fce250f9a009c561b97f20c41f8 in Fedora 33. Version-Release number of selected component (if applicable): systemd-246.13-1.fc33.x86_64 How reproducible: Always, at the time of reporting: $ resolvectl query endpoint1-s03prdwuscompsvc.prd.bmc.cdn.office.net endpoint1-s03prdwuscompsvc.prd.bmc.cdn.office.net: resolve call failed: CNAME loop detected, or CNAME resolving disabled on 'edge-prod-wstr3.ctrl.t-0001.trafficmanager.net' $ dig endpoint1-s03prdwuscompsvc.prd.bmc.cdn.office.net @127.0.0.53 ; <<>> DiG 9.11.28-RedHat-9.11.28-1.fc33 <<>> endpoint1-s03prdwuscompsvc.prd.bmc.cdn.office.net @127.0.0.53 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 32372 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;endpoint1-s03prdwuscompsvc.prd.bmc.cdn.office.net. IN A ;; Query time: 130 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Thu Apr 15 15:56:18 PDT 2021 ;; MSG SIZE rcvd: 78 $ dig endpoint1-s03prdwuscompsvc.prd.bmc.cdn.office.net @8.8.8.8 ; <<>> DiG 9.11.28-RedHat-9.11.28-1.fc33 <<>> endpoint1-s03prdwuscompsvc.prd.bmc.cdn.office.net @8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35404 ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;endpoint1-s03prdwuscompsvc.prd.bmc.cdn.office.net. IN A ;; ANSWER SECTION: endpoint1-s03prdwuscompsvc.prd.bmc.cdn.office.net. 299 IN CNAME ep1-s03-prd-wus-cdn-office-bmc.trafficmanager.net. ep1-s03-prd-wus-cdn-office-bmc.trafficmanager.net. 29 IN CNAME endpoint1-s03prdwuscompsvc-nativecdn.azureedge.net. endpoint1-s03prdwuscompsvc-nativecdn.azureedge.net. 310 IN CNAME endpoint1-s03prdwuscompsvc-nativecdn.afd.azureedge.net. endpoint1-s03prdwuscompsvc-nativecdn.afd.azureedge.net. 29 IN CNAME star-azureedge-prod.trafficmanager.net. star-azureedge-prod.trafficmanager.net. 4 IN CNAME dual.t-0009.t-msedge.net. dual.t-0009.t-msedge.net. 227 IN CNAME t-0009.t-msedge.net. t-0009.t-msedge.net. 59 IN CNAME Edge-Prod-WSTr3.ctrl.t-0009.t-msedge.net. Edge-Prod-WSTr3.ctrl.t-0009.t-msedge.net. 239 IN CNAME edge-prod-wstr3.ctrl.t-0001.trafficmanager.net. edge-prod-wstr3.ctrl.t-0001.trafficmanager.net. 0 IN CNAME standard.t-0009.t-msedge.net. standard.t-0009.t-msedge.net. 24 IN A 13.107.246.19 standard.t-0009.t-msedge.net. 24 IN A 13.107.213.19 ;; Query time: 113 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Thu Apr 15 15:56:24 PDT 2021 ;; MSG SIZE rcvd: 469 Steps to Reproduce: 1. resolve via systemd-resoved resolver and fail 2. resolve via a public resolver and succeed
the workaround to get msteams to work is to use public nameserver in /etc/resolv.conf (which should be a link to /run/systemd/resolve/stub-resolv.conf). replace "nameserver 127.0.0.53" with any public DNS, ie "nameserver 8.8.8.8"
*** This bug has been marked as a duplicate of bug 1949670 ***