Pemanent integration of Incus DNS server with systemd-resolved

I followed these docs to make systemd-resolved aware of Incus builtin DNS server.

While it works great (I can ping instances with ping [instance].incus, I noticed that the configuration is not persistent and I always have to re-run systemctl restart incus-dns-incusbr0 when there are changes to the network, such as when my laptop comes back from sleep and wifi is re-estabilished.

I know this is probably not an Incus-specific question, but I’m unsure what to look for. Does anyone have a solution for making the Incus DNS configuration persistent on laptops running systemd?

I think you can edit the unit file from the docs to to trigger when your laptop wakes up.

Take a look at this post.

If you find a complete solution, could you please add it to the thread?

Is there a way to re-run the unit whenever there’s a network change?

While the problem commonly appears when the laptop sleeps, network changes such as the wifi being disconnected or reconnected are the true cause.

For example, right now I’m connected to wifi after the laptop resumed from suspend. If I run resolvectl status incusbr0, this is the output:

$ resolvectl status incusbr0 
Link 6 (incusbr0)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

And pinging an instance by incus DNS will result in Name or service not known. After running systemctl restart incus-dns-incusbr0.service, the problem is fixed:

$ resolvectl status incusbr0 
Link 6 (incusbr0)
    Current Scopes: DNS
         Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 10.79.179.1
       DNS Servers: 10.79.179.1
        DNS Domain: ~incus

But if I manually disconnect from wifi, the problem comes back.

Are you using systemd-networkd or something else? Maybe NetworkManager.

PopOS with default settings. I suspect it uses NetworkManager

I did a bit of research since I had some interest. It looks like you might be able to use the NetworkManger-dispatcher functionality.

The basic idea is to run a script when your WiFi connection reconnects. You might need to enable the systemd service for Networkmanger-dispatcher if it is not already enabled.

https://networkmanager.dev/docs/api/latest/NetworkManager-dispatcher.html

There might be another way by adding a few lines to the systemd service you already have. I am was not able to figure it out in the amount of time I spent on the task.

Good luck, and please update us with any progress.

I gave up doing this in the “systemd elegant way” and just wrote a shell script that runs every minute with crontab. Here’s the script:

#!/bin/sh -e

bridge="$1"

if [ -z "$bridge" ]; then
	echo "Must specify bridge as argument" >&2
	exit 1
fi


incus ls -f json | \
	jq -r 'first(.[] | select(.state.status == "Running")) | .name' | \
	while read instance; do
	       	if ! resolvectl query $instance.incus > /dev/null; then
			address=$(incus network list -fjson | jq -r "first(.[] | select(.name == \"$bridge\") | .config[\"ipv4.address\"])")
			address=${address%/*}
			echo "Reconfiguring incus DNS for $bridge/$address"
            resolvectl revert $bridge
		    resolvectl dns $bridge $address
		    resolvectl domain $bridge ~incus
			resolvectl dnssec $bridge off
			resolvectl dnsovertls $bridge off
		fi
	done

Explanation:

• Script uses incus ls JSON output to query (with jq) the first Running instance
• If it is found, then it will use resolvectl to query the instance DNS
• If it is not resolved, it will query the bridge IP (bridge is the script first argument) and then run the resolvectl commands to set things up.

Here’s how set up crontab: * * * * * /usr/local/bin/incus-reconfigure-dns.sh incusbr0

Not super elegant, but works well enough for me.

@jarrodu BTW thanks for researching the network manager solution, but it ended up not working for me. It turns out that the issue was not Wifi shutdown, but some other event which I couldn’t identify and that caused the incus DNS to lose its configuration