Only one Manjaro client on local net can't resolve using hostnames

I have a bunch of Manjaro clients on my local network. All the clients can ping/ssh/etc using the host names that are set by the client (presumably provided by my router DNS service).

For example, client “rene” is able to be connected to just using “rene” from the other clients. e.g. “ssh rene” just works.

However, my main computer does not want to see the hostnames. I can’t ping them by their hostnames (unless I put an entry into my hosts file - which, while it works, is really not what I’d like to have to do with all the clients I need to connect to).

I originally assumed it was caused by Avahi, but that’s running on at least one other client and doesn’t seem to cause any problem for it. I’ve disabled the avahi service, since I don’t actually use it for anything, and that didn’t fix anything.

When I run nmap for the network, here’s an example from one of the working clients:

    Nmap scan report for rene (192.168.1.129)

    Host is up (0.00026s latency).

    Not shown: 999 closed tcp ports (conn-refused)

    PORT STATE SERVICE

    22/tcp open ssh

But from my non-working computer:

    Nmap scan report for 192.168.1.129

    Host is up (0.00049s latency).

    Not shown: 999 closed tcp ports (conn-refused)

    PORT   STATE SERVICE

    22/tcp open  ssh

Surely I changed some config to make this happen along the way, but I have no idea what. As far as I know, it’s always been this way since installing about a year or so ago on this computer.

Thoughts on how to troubleshoot this? I know just some basics of networking, not enough to really get anywhere. I’ve scoured Google and this forum, tried all kinds of things to no avail.

Thanks!

check if the avahi-daemon has been enabled

systemctl status avahi-daemon.service avahi-daemon.socket

enable and start

systemctl enable avahi-daemon.service avahi-daemon.socket --now

Thank you for the reply!

As I mentioned, Avahi was enabled before, and I disabled it.

Avahi did work for using hostname.local, but all the other Manjaro clients allow using just hostname (without .local). I’d like to do that - it’s a lot more efficient to type :slight_smile: And I don’t have to try to remember which computer I’m on that works in what way, which can get confusing.

Is there a way to enable just plain hostname addressing from DNS just like on all the other clients? Surely there is, because my other Manjaro clients are doing it (by default?)

(By the way, I had Avahi enabled on one of the other clients, and it still just used the hostname without .local…so there’s something else at play regardless.)

Again, thank you!

1 Like

Why would you disable it if you need lookup via hostname?

A common database for hosts lookup is /etc/hosts

hostname resolution is provided by means of multicast dns - aka mDNS - avahi is the common mdns resolver.

The response order is defined in /etc/nsswitch.conf

When you try to resolve using a hostname - a network broadcast message is sent to the the broadcast address for the subnet ip.x.y.255

The question is Who has name <hostname> - the relevant system - if configured to listen to broadcasts - will respond with ip.x.y.z has <hostname>.

I explained that I disabled it before; but to add to that:

  1. It works perfectly without Avahi on all the other clients…
  2. It’s easier to type without .local
  3. I’d like to not have to remember which computer I’m on that needs the .local or not
  4. I don’t have a reason for Avahi other than this; and if it can work (better, according to my needs) without it, why use it?
  5. I’d like to understand better how the other clients work vs how this one works so that I can understand the way Manjaro DNS works better.
  6. I’d really love if someone can help point me in the right direction for figuring out how this works and what’s different, if for no other reason than I’d like to solve this puzzle (though I also have the reasons given in 1-5).

Also, as I stated, I know that I can use /etc/hosts - but it’s a pain to put all of them in and keep the up-to-date.

Start with checking /etc/resolv.conf . It often indicate which software created the file in the first place. Compare the file on your different systems.

1 Like

I have compared (before my first post) /etc/resolv.conf on this client and the working ones, and they are all the same:

# Generated by NetworkManager
nameserver 192.168.1.1

Same with /etc/nsswitch.conf:

# Name Service Switch configuration file.
# See nsswitch.conf(5) for details.

passwd: files systemd
group: files [SUCCESS=merge] systemd
shadow: files systemd
gshadow: files systemd

publickey: files

hosts: mymachines mdns_minimal [NOTFOUND=return] resolve [!UNAVAIL=return] files myhostname dns
networks: files

protocols: files
services: files
ethers: files
rpc: files

netgroup: files

This can indicate that no systemd-resolved is running. However, did you checked if systemd-resolved.service is running?

1 Like

Yes, it’s loaded but inactive on all clients - the working clients as well.

Nonworking client:

me @ solanus  ~ $ sudo systemctl status systemd-resolved.service
○ systemd-resolved.service - Network Name Resolution
     Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service; disabled; preset: enabled)
     Active: inactive (dead)
       Docs: man:systemd-resolved.service(8)
             man:org.freedesktop.resolve1(5)
             https://systemd.io/WRITING_NETWORK_CONFIGURATION_MANAGERS
             https://systemd.io/WRITING_RESOLVER_CLIENTS

Working client:

me @ stella ~ $ sudo systemctl status systemd-resolved.service
○ systemd-resolved.service - Network Name Resolution
     Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service; disabled; preset: enabled)
     Active: inactive (dead)
       Docs: man:systemd-resolved.service(8)
             man:org.freedesktop.resolve1(5)
             https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
             https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients

I tried a few others, same result.

I don’t have systemd-resolved running on any of my Manjaro instances.

When ever I run into a network issue, I use NetworkManager to fix it. Or if I even try to set up something not even advanced, I have to use nmcli or the play in the /etc/NetworkManager/system-connections area.

Is the problem still that one instance doesn’t append domains to your host lookups?

We used to have to hardcode search example.com into resolv.conf back in the day, but even today, it’s still generated.

Even on mine:

cat /etc/resolv.conf
# Generated by NetworkManager
search hosenet.local
nameserver 10.2.4.1

But mine is set via my DHCP server (and router). I can see it set, when I: nmcli conn show "Connection Name"
(Which just lists all the properties.)

I would of guessed it would be in: ipv4.dns-search – But mine is empty.

I do have: IP4.DOMAIN[1] set with my domain though. (And mine does work.)

See what you have, and you could set it through: nmcli conn modify ConnName prop value

Ensure you have avahi-daemon.service and possibly avahi-dnsconfd.service running on all systems - the latter avahi-dnsconfd.service does not exist on all Linux breeds - it does on Manjaro Linux.

DNS is a complex subject and long time ago - approx 10y - I banged my head at a similar issue.

I was running Arch Linux at the time because I wanted to learn how to setup Linux - in detail :slight_smile:

The way I did it - after many blind roads - was the bind road :grin:

I knew the .local was not the way - bad experience with being system admin for MS SBS networks - which forced the use of .local - with various certificate issues as a consequence.

The problem with selfmade local domains - e.g. .lan or .whatever - is the forwarding to upstream dns.

I was selfhosting everything - except dns - at the time I used a danish dns provider - which allowed me to create thirdlevel dns from my domain name.

So I created a SOA for my thirdlevel domain pointing to a local bind DNS service. The service is authoritative only and responds to queries for my local network.

My bind instance has zone file for my network and zone file for reverse lookup - and I have hostname lookup and fully qualified lookup for devices in my network.

I initially started my journey with my bind service providing all dns requests by doing recursive lookups using root servers.

This lead to the need of blocking ad and malware using bind response policy zone (RPZ)

Recently I changed that and deployed a pi-hole dns cache service and made my bind service responsible for my local network only.

I use raspberry pi SBC’s to run those services - the cost in power is neglible.

That is expected when you are using network manager.

Since you are using Network Manager - did you set the search domains on the IPv4 properties tab?

So…I’m confused that on a brand new Manjaro client everything works as expected (by me in this case), without those services, and when I start those services on this client, it doesn’t work as expected still…but you’re telling me that will solve the problem?

It won’t solve the problem regardless - as mentioned, I have tried this already, and it still behaves differently than the one client that DOES have Avahi service active (which returns the expected hostnames without .local appended.) So, even if I wanted to set up Avahi on all clients, and it did work making them all append .local so it was the same everywhere, it still wouldn’t work for that other client (at least), and I’d have a lot more overhead to deal with when trying to resolve other network problems.

I don’t understand why all the settings that I can find for all network configs are the same on all machines (while, obviously, knowing that I likely haven’t covered all configs, which is exactly the issue I’m trying to resolve here), but I have different behaviors.

I’d really like to know why that is — so I can have some actual control and understanding of my networking.

I’d love to just get help finding out where to look to see what is causing the different between clients which can (by default on a clean install) get the host names of all other clients on the network automatically, and the one computer which can’t.

Is there anyone who can help with that?

No - the problem is that, by default (on a clean Manjaro client install) I can see/use the hostnames for all clients on the local network, which are provided by my router’s DNS without any domain; and this one client doesn’t do that, so I am trying to figure out why, so that I can make it work the same.

I’ve compared all the network related configs that I can find (based on google/forum searches) between the working and nonworking clients, and they all are the same. So I’m asking here so I can get suggestions as to where to look to troubleshoot this difference.

Since there are no obvious reasons for the different behavior, you need to dig a little deeper.
One possibility is to monitor network packages, so you see which technique is used. Or if you don’t see nothing at all. Wireshark can be used for this.

Also nmap is not a good tool to for debugging DNS. For example use nslookup form the bind package to check if any search domain is applied and if you see this different behavior. nslookup can only be used for DNS and not mDNS.

You can also compare running services on both machines and differences in installed packages.

Unfortunately, this is all not straight forward and may require a lot of work. I would start with Wireshark to check which network packages are send so you know exactly which technique is used. But if you never used Wireshark, it might not the easiest tool to learn.

1 Like

I thought I said that. Still unsure if we are talking about the same thing.

This doesn’t resolve the FQDN on the DNS server. You tack on the domain locally.

Mine, and both yours set this on the dhcpd server (router), but it uses that to configure NetworkManager. At least it does by default for me.

Did you even look for the properties? (nmcli conn show "Connection 1") That’s where mine got set.

My FreeBSD router (and dhcpd server), I configured it to send out the search domains there. But the same NetworkManager property gets set. (Which in turn you see generated and showing on /etc/resolv.conf)

Ok, so I don’t know exactly what I’m looking for, here is the output. Doesn’t look like a different DNS server is being set here (is that what I’m looking for?):

nmcli conn show "Wired connection 1"
connection.id:                          Wired connection 1
connection.id:                          Wired connection 1
connection.uuid:                        9d651378-0751-371d-9a80-10ffb96358d5
connection.stable-id:                   --
connection.type:                        802-3-ethernet
connection.interface-name:              --
connection.autoconnect:                 yes
connection.autoconnect-priority:        -100
connection.autoconnect-retries:         -1 (default)
connection.multi-connect:               0 (default)
connection.auth-retries:                -1
connection.timestamp:                   1730900137
connection.permissions:                 --
connection.zone:                        --
connection.controller:                  --
connection.master:                      --
connection.slave-type:                  --
connection.port-type:                   --
connection.autoconnect-slaves:          -1 (default)
connection.autoconnect-ports:           -1 (default)
connection.down-on-poweroff:            -1 (default)
connection.secondaries:                 --
connection.gateway-ping-timeout:        0
connection.metered:                     unknown
connection.lldp:                        default
connection.mdns:                        -1 (default)
connection.llmnr:                       -1 (default)
connection.dns-over-tls:                -1 (default)
connection.mptcp-flags:                 0x0 (default)
connection.wait-device-timeout:         -1
connection.wait-activation-delay:       -1
802-3-ethernet.port:                    --
802-3-ethernet.speed:                   0
802-3-ethernet.duplex:                  --
802-3-ethernet.auto-negotiate:          no
802-3-ethernet.mac-address:             --
802-3-ethernet.cloned-mac-address:      --
802-3-ethernet.generate-mac-address-mask:--
802-3-ethernet.mac-address-denylist:    --
802-3-ethernet.mtu:                     auto
802-3-ethernet.s390-subchannels:        --
802-3-ethernet.s390-nettype:            --
802-3-ethernet.s390-options:            --
802-3-ethernet.wake-on-lan:             default
802-3-ethernet.wake-on-lan-password:    --
802-3-ethernet.accept-all-mac-addresses:-1 (default)
ipv4.method:                            auto
ipv4.dns:                               --
ipv4.dns-search:                        --
ipv4.dns-options:                       --
ipv4.dns-priority:                      0
ipv4.addresses:                         --
ipv4.gateway:                           --
ipv4.routes:                            --
ipv4.route-metric:                      -1
ipv4.route-table:                       0 (unspec)
ipv4.routing-rules:                     --
ipv4.replace-local-rule:                -1 (default)
ipv4.dhcp-send-release:                 -1 (default)
ipv4.ignore-auto-routes:                no
ipv4.ignore-auto-dns:                   no
ipv4.dhcp-client-id:                    --
ipv4.dhcp-iaid:                         --
ipv4.dhcp-dscp:                         --
ipv4.dhcp-timeout:                      0 (default)
ipv4.dhcp-send-hostname:                yes
ipv4.dhcp-hostname:                     --
ipv4.dhcp-fqdn:                         --
ipv4.dhcp-hostname-flags:               0x0 (none)
ipv4.never-default:                     no
ipv4.may-fail:                          yes
ipv4.required-timeout:                  -1 (default)
ipv4.dad-timeout:                       -1 (default)

The output is in a pager like less. Looks like you just copied the beginning. You can do something like

nmcli -p conn show "Connection 1" | cat

if you want to see all at once.

1 Like

Derp, I scrolled down and didn’t see more, but I apparently don’t have scroll fu as it looked like there wasn’t more than that. Thanks :slight_smile:

So here it is compared to a “working” client (JUST installed Manjaro on it, made no changes to anything yet, it pings hostnames just fine), the only difference that mattered (apart from device addresses and names specific to the host device) I could see was this line:

ipv6.addr-gen-mode: stable-privacy

On the working client, it’s set to “default”. A quick googling didn’t seem to indicate that should matter. But I’m looking at what that does and whether it may affect this behavior and how to change it.

connection.id:                          Wired connection 1
connection.uuid:                        9d651378-0751-371d-9a80-10ffb96358d5
connection.stable-id:                   --
connection.type:                        802-3-ethernet
connection.interface-name:              --
connection.autoconnect:                 yes
connection.autoconnect-priority:        -100
connection.autoconnect-retries:         -1 (default)
connection.multi-connect:               0 (default)
connection.auth-retries:                -1
connection.timestamp:                   1730900137
connection.permissions:                 --
connection.zone:                        --
connection.controller:                  --
connection.master:                      --
connection.slave-type:                  --
connection.port-type:                   --
connection.autoconnect-slaves:          -1 (default)
connection.autoconnect-ports:           -1 (default)
connection.down-on-poweroff:            -1 (default)
connection.secondaries:                 --
connection.gateway-ping-timeout:        0
connection.metered:                     unknown
connection.lldp:                        default
connection.mdns:                        -1 (default)
connection.llmnr:                       -1 (default)
connection.dns-over-tls:                -1 (default)
connection.mptcp-flags:                 0x0 (default)
connection.wait-device-timeout:         -1
connection.wait-activation-delay:       -1
802-3-ethernet.port:                    --
802-3-ethernet.speed:                   0
802-3-ethernet.duplex:                  --
802-3-ethernet.auto-negotiate:          no
802-3-ethernet.mac-address:             --
802-3-ethernet.cloned-mac-address:      --
802-3-ethernet.generate-mac-address-mask:--
802-3-ethernet.mac-address-denylist:    --
802-3-ethernet.mtu:                     auto
802-3-ethernet.s390-subchannels:        --
802-3-ethernet.s390-nettype:            --
802-3-ethernet.s390-options:            --
802-3-ethernet.wake-on-lan:             default
802-3-ethernet.wake-on-lan-password:    --
802-3-ethernet.accept-all-mac-addresses:-1 (default)
ipv4.method:                            auto
ipv4.dns:                               --
ipv4.dns-search:                        --
ipv4.dns-options:                       --
ipv4.dns-priority:                      0
ipv4.addresses:                         --
ipv4.gateway:                           --
ipv4.routes:                            --
ipv4.route-metric:                      -1
ipv4.route-table:                       0 (unspec)
ipv4.routing-rules:                     --
ipv4.replace-local-rule:                -1 (default)
ipv4.dhcp-send-release:                 -1 (default)
ipv4.ignore-auto-routes:                no
ipv4.ignore-auto-dns:                   no
ipv4.dhcp-client-id:                    --
ipv4.dhcp-iaid:                         --
ipv4.dhcp-dscp:                         --
ipv4.dhcp-timeout:                      0 (default)
ipv4.dhcp-send-hostname:                yes
ipv4.dhcp-hostname:                     --
ipv4.dhcp-fqdn:                         --
ipv4.dhcp-hostname-flags:               0x0 (none)
ipv4.never-default:                     no
ipv4.may-fail:                          yes
ipv4.required-timeout:                  -1 (default)
ipv4.dad-timeout:                       -1 (default)
ipv4.dhcp-vendor-class-identifier:      --
ipv4.link-local:                        0 (default)
ipv4.dhcp-reject-servers:               --
ipv4.auto-route-ext-gw:                 -1 (default)
ipv6.method:                            auto
ipv6.dns:                               --
ipv6.dns-search:                        --
ipv6.dns-options:                       --
ipv6.dns-priority:                      0
ipv6.addresses:                         --
ipv6.gateway:                           --
ipv6.routes:                            --
ipv6.route-metric:                      -1
ipv6.route-table:                       0 (unspec)
ipv6.routing-rules:                     --
ipv6.replace-local-rule:                -1 (default)
ipv6.dhcp-send-release:                 -1 (default)
ipv6.ignore-auto-routes:                no
ipv6.ignore-auto-dns:                   no
ipv6.never-default:                     no
ipv6.may-fail:                          yes
ipv6.required-timeout:                  -1 (default)
ipv6.ip6-privacy:                       -1 (default)
ipv6.temp-valid-lifetime:               0 (default)
ipv6.temp-preferred-lifetime:           0 (default)
ipv6.addr-gen-mode:                     stable-privacy
ipv6.ra-timeout:                        0 (default)
ipv6.mtu:                               auto
ipv6.dhcp-pd-hint:                      --
ipv6.dhcp-duid:                         --
ipv6.dhcp-iaid:                         --
ipv6.dhcp-timeout:                      0 (default)
ipv6.dhcp-send-hostname:                yes
ipv6.dhcp-hostname:                     --
ipv6.dhcp-hostname-flags:               0x0 (none)
ipv6.auto-route-ext-gw:                 -1 (default)
ipv6.token:                             --
proxy.method:                           none
proxy.browser-only:                     no
proxy.pac-url:                          --
proxy.pac-script:                       --
GENERAL.NAME:                           Wired connection 1
GENERAL.UUID:                           9d651378-0751-371d-9a80-10ffb96358d5
GENERAL.DEVICES:                        enp5s0
GENERAL.IP-IFACE:                       enp5s0
GENERAL.STATE:                          activated
GENERAL.DEFAULT:                        yes
GENERAL.DEFAULT6:                       no
GENERAL.SPEC-OBJECT:                    --
GENERAL.VPN:                            no
GENERAL.DBUS-PATH:                      /org/freedesktop/NetworkManager/ActiveConnection/8
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/Settings/2
GENERAL.ZONE:                           --
GENERAL.MASTER-PATH:                    --
IP4.ADDRESS[1]:                         192.168.1.110/24
IP4.GATEWAY:                            192.168.1.1
IP4.ROUTE[1]:                           dst = 192.168.1.0/24, nh = 0.0.0.0, mt = 100
IP4.ROUTE[2]:                           dst = 0.0.0.0/0, nh = 192.168.1.1, mt = 100
IP4.DNS[1]:                             192.168.1.1
DHCP4.OPTION[1]:                        broadcast_address = 192.168.1.255
DHCP4.OPTION[2]:                        dhcp_client_identifier = 01:b4:2e:99:f5:aa:a1
DHCP4.OPTION[3]:                        dhcp_lease_time = 86400
DHCP4.OPTION[4]:                        dhcp_server_identifier = 192.168.1.1
DHCP4.OPTION[5]:                        domain_name_servers = 192.168.1.1
DHCP4.OPTION[6]:                        expiry = 1730986537
DHCP4.OPTION[7]:                        host_name = me
DHCP4.OPTION[8]:                        ip_address = 192.168.1.110
DHCP4.OPTION[9]:                        next_server = 192.168.1.1
DHCP4.OPTION[10]:                       requested_broadcast_address = 1
DHCP4.OPTION[11]:                       requested_domain_name = 1
DHCP4.OPTION[12]:                       requested_domain_name_servers = 1
DHCP4.OPTION[13]:                       requested_domain_search = 1
DHCP4.OPTION[14]:                       requested_host_name = 1
DHCP4.OPTION[15]:                       requested_interface_mtu = 1
DHCP4.OPTION[16]:                       requested_ms_classless_static_routes = 1
DHCP4.OPTION[17]:                       requested_nis_domain = 1
DHCP4.OPTION[18]:                       requested_nis_servers = 1
DHCP4.OPTION[19]:                       requested_ntp_servers = 1
DHCP4.OPTION[20]:                       requested_rfc3442_classless_static_routes = 1
DHCP4.OPTION[21]:                       requested_root_path = 1
DHCP4.OPTION[22]:                       requested_routers = 1
DHCP4.OPTION[23]:                       requested_static_routes = 1
DHCP4.OPTION[24]:                       requested_subnet_mask = 1
DHCP4.OPTION[25]:                       requested_time_offset = 1
DHCP4.OPTION[26]:                       requested_wpad = 1
DHCP4.OPTION[27]:                       routers = 192.168.1.1
DHCP4.OPTION[28]:                       subnet_mask = 255.255.255.0
IP6.ADDRESS[1]:                         fe80::dd96:877a:c63d:7c06/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 1024

Just set this to default using:

sudo nmcli con mod "Wired connection 1" ipv6.addr-gen-mode default
sudo nmcli con up "Wired connection 1"

But doesn’t look like this helped.

Wouldn’t doing this for ipv4 help? I see no references to ipv6 in the first (non-working) one. Is ipv6 actually enabled on that machine?