grimnebluna's questions

I have an ubuntu 18.04 server running apache/mysql that can't seem to resolve DNS anymore.

I didn't do anything, but maybe I missed something when checking the server after the last update.

Here's the issue:

Everything runs fine, but I can't resolve DNS (on my website as well as via SSH). For example I can't run sudo apt-get update . I get the error Could not resolve 'archive.ubuntu.com'

Here's what I already tried:

symlink fix for /etc/resolv.conf:

sudo rm /etc/resolv.conf
sudo ln -s /var/run/systemd/resolve/resolv.conf /etc/resolv.conf

didn't work.

I realized that resolvconf wasn't installed, so I installed the .deb package manually (as I can't install via apt because of the DNS issue)

didn't work.

I tried messing with the nameservers in the /etc/resolv.conf and /var/run/systemd/resolve/resolv.conf, putting nameserver 8.8.8.8

didn't work.

when I ping 8.8.8.8 I don't get anything back (I can talk to 8.8.8.8, but get 100% packet loss). But this issue might also be a firewall issue. The server is behind a strict firewall to which I don't have access to. But HTTP, HTTPS, NTP, SMTP, DNS are all allowed.

//edit5: ping is blocked by the firewall. so no surprises there.

Currently, my resolv.conf looks like this:

nameserver 127.0.0.53
nameserver 8.8.8.8

any suggestions would be very much appreciated! thanks!!

here's the output of systemd-resolve --status

Global
          DNSSEC NTA: 10.in-addr.arpa
                      16.172.in-addr.arpa
                      168.192.in-addr.arpa
                      17.172.in-addr.arpa
                      18.172.in-addr.arpa
                      19.172.in-addr.arpa
                      20.172.in-addr.arpa
                      21.172.in-addr.arpa
                      22.172.in-addr.arpa
                      23.172.in-addr.arpa
                      24.172.in-addr.arpa
                      25.172.in-addr.arpa
                      26.172.in-addr.arpa
                      27.172.in-addr.arpa
                      28.172.in-addr.arpa
                      29.172.in-addr.arpa
                      30.172.in-addr.arpa
                      31.172.in-addr.arpa
                      corp
                      d.f.ip6.arpa
                      home
                      internal
                      intranet
                      lan
                      local
                      private
                      test

Link 2 (ens192)
      Current Scopes: DNS
       LLMNR setting: yes
MulticastDNS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
         DNS Servers: 8.8.8.8

//edit:

nslookup archive.ubuntu.com 8.8.8.8

throws

;; connection timed out; no servers could be reached

/etc/netplan/50-cloud-init.yaml contents:

network:
    ethernets:
        ens192:
            addresses:
            - 192.168.10.16/24
            gateway4: 192.168.10.1
            nameservers:
                addresses:
                - 8.8.8.8
    version: 2

//edit2:

then:

nc -v -C 8.8.8.8 53

gives me a timeout:

nc: connect to 8.8.8.8 port 53 (tcp) failed: Connection timed out

also

nc -v -C 192.168.10.1 53
nc -v -C 8.8.8.8 853

have timeouts

//edit3

netstat -nr

shows

Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         192.168.10.1    0.0.0.0         UG        0 0          0 ens192
192.168.10.0    0.0.0.0         255.255.255.0   U         0 0          0 ens192

//edit4

is it weird that netstat -a shows 127.0.0.53:domain ?

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 0.0.0.0:netbios-ssn     0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.53:domain       0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:ssh             0.0.0.0:*               LISTEN     
tcp        0      0 localhost.localdoma:ipp 0.0.0.0:*               LISTEN