When a name is resolved via DNS, the application, i.e. getaddrinfo(), asks for an IPv4 and IPv6 address via the local resolver. In Ubuntu, systemd's resolved is used as a stub resolver (not so on AWS Linux 2023, but that is another story).

The stub resolver is supposed to cache the query result. But why is resolvectl statistics still showing high cache miss numbers? Turning on debug log-level in resolved (resolvectl log-level debug) reveals the answer...

Turns out, Ubuntu chooses not to cache negative responses (LP: #1668771). In case the DNS A record (IPv4) is properly resolved, but not the DNS AAAA record (IPv6), the AAAA result is not cached and will be queried over and over.

On Ubuntu 26.04 (and likely earlier), this odd behavior can be changed in /usr/lib/systemd/resolved.conf.d/cache-no-negative.conf:

# Ubuntu defaults to Cache=no-negative. See LP: #1668771.

[Resolve]
#Cache=no-negative

The command systemd-analyze cat-config systemd/resolved.conf is useful to see the full resolved config (consisting of various parts).

posted at: 00:54 | path: /configuration | permanent link