Hi All,
I am using Arch on a raspberry pi 3 which has its network setup via DHCP on ethernet.
The router in question is not connected to the internet and I'm essentially just using it as a hub at present.
Occasionally, I would like to connect the pi to the internet.
To accomplish this, I use my arch based laptop temporarily as a gateway (using iptables). This laptop is also connected to the aforementioned router but it is also connected to the internet via a different NIC.
Due to the DHCP configuration, the PI would have it's gateway set to the router's IP: 192.168.0.1.
I deleted this route and added a new default gateway to be the laptop I have setup as a gateway.
Now, I thought that all that remained to be done would be to edit /etc/resolv.conf to appropriately update the nameserver.
I did that and set it to 8.8.8.8 (google's primary DNS server). I can then ping this server and other sites on the web but dns name resolution doesn't work.
After a while of scratching my head, I resorted to wireshark and could see that dns lookups were still being addressed to the router.
I then tried an additional iptables rule on the pi: 'iptables -t nat -A OUTPUT -p udp -m udp --dport 53 -j DNAT --to-destination 8.8.8.8:53'.
This works and I can access the internet on the pi.
Now, with that preamble out of the way, the question I have is why do I need that last iptables rule? Why is the pi still forwarding dns requests to the router even though I had updated my /etc/resolv.conf?
The failing scenario:
Routing info:
default via 192.168.0.198 dev eth0
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.197
resolv.conf:
nameserver 8.8.8.8
Relevant services that are running:
systemd-resolved
systemd-networkd
resolved's man page has this to say:
The DNS servers contacted are determined from the global settings in
/etc/systemd/resolved.conf, the per-link static settings in /etc/systemd/network/*.network
files, the per-link dynamic settings received over DHCP and any DNS server information made
available by other system services. See resolved.conf(5) and systemd.network(5) for details
about systemd's own configuration files for DNS servers. To improve compatibility,
/etc/resolv.conf is read in order to discover configured system DNS servers, but only if it
is not a symlink to /run/systemd/resolve/resolv.conf (see below).
I checked /etc/systemd/resolved.conf and /etc/systemd/network/eth0.network.
resolved.conf:
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See resolved.conf(5) for details
[Resolve]
#DNS=
#FallbackDNS=8.8.8.8 8.8.4.4 2001:4860:4860::8888 2001:4860:4860::8844
#Domains=
#LLMNR=yes
#DNSSEC=no
#Cache=yes
#DNSStubListener=udp
eth0.network:
[Match]
Name=eth0
[Network]
DHCP=yes
uname -r:
4.4.39-1-ARCH