Ok, obviously my simple question " How to overwrite Qubes Virtual DNS 10.139.1.1, 10.139.1.2" cannot be solved by a simple command.
I start with a step-by-step explanation. Hopefully, this will give some more light into the setup, the DNS issue and how to troubleshoot this on Qubes.
I did a fresh setup on a standaloneVM, followed the lokinet installation instructions:
-
sudo apt-get update && sudo apt install curl
-
sudo curl -so /etc/apt/trusted.gpg.d/oxen.gpg https://deb.oxen.io/pub.gpg
-
echo “deb https://deb.oxen.io $(lsb_release -sc) main” | sudo tee /etc/apt/sources.list.d/oxen.list
-
sudo apt update && sudo apt install lokinet-gui
during the installation routine I see this (I guess this could be a useful info):
Created symlink /etc/systemd/system/sysinit.target.wants/resolvconf.service
→ /lib/systemd/system/resolvconf.service.
Created symlink /etc/systemd/system/systemd-resolved.service.wants/resolvconf-pull-resolved.path
→ /lib/systemd/system/resolvconf-pull-resolved.path.
Created symlink /etc/systemd/system/systemd-resolved.service.wants/resolvconf-pull-resolved.service
→ /lib/systemd/system/resolvconf-pull-resolved.service.
checking Qubes DNS returns:
user@lokinet-standalone-debian-11:~$ cat /etc/resolvconf/resolv.conf.d/head
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "resolvectl status" to see details about the actual nameservers.
user@lokinet-standalone-debian-11:~$ cat /etc/resolvconf/resolv.conf.d/original
nameserver 10.139.1.1
nameserver 10.139.1.2
checking the lokinet’s systemctl:
user@lokinet-standalone-debian-11:~$ systemctl status lokinet
● lokinet.service - LokiNET: Anonymous Network layer thingydoo, client
Loaded: loaded (/lib/systemd/system/lokinet.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 20yy-mm-dd hh:mm:ss XXXX; 13min ago
Process: 4897 ExecStartPost=/usr/sbin/lokinet-resolvconf add /var/lib/lokinet/lokinet.ini (code=exited, status=0/SUCCESS)
Main PID: 4888 (lokinet)
Status: "v0.9.11 client | known/connected: 954/6 | paths/endpoints 44/1"
Tasks: 9 (limit: 4633)
Memory: 11.2M
CPU: 22.294s
CGroup: /system.slice/lokinet.service
└─4888 /usr/bin/lokinet /var/lib/lokinet/lokinet.ini
Verify everything is working fine:
-
Starting a web-browser, set HTTPS-Only Mode to: Don’t enable HTTPS-Only Mode.
browse to a *.loki website: http://deb.loki , http://mirror.loki/debian …
→ works. -
Switch on lokinet VPN mode (exit.loki) and checking IP (https://myip.is , https://iplocation.net …):
IPv4 address: 199.195.253.224 / exit.loki.network
→ works. -
Checking the lokinet status / lokinet-GUI displays: ~1600 routers, active paths ~100 with 92% success.
→ works.
NOW, reboot the standaloneVM.
- checking the systemctl status again:
user@lokinet-standalone-debian-11:~$ sudo systemctl status lokinet
● lokinet.service - LokiNET: Anonymous Network layer thingydoo, client
Loaded: loaded (/lib/systemd/system/lokinet.service; enabled; vendor prese>
Active: active (running) since Tue 20yy-mm-dd hh:mm:ss XXXX; 44s ago
Process: 656 ExecStartPost=/usr/sbin/lokinet-resolvconf add /var/lib/lokine>
Main PID: 599 (lokinet)
Status: "v0.9.11 client | known/connected: 1596/4 | paths/endpoints 11/0"
Tasks: 8 (limit: 4633)
Memory: 28.1M
CPU: 933ms
CGroup: /system.slice/lokinet.service
└─599 /usr/bin/lokinet /var/lib/lokinet/lokinet.ini
- Open web-browser and go to a *.loki
→ We can’t connect to the server at deb.loki.
Any idea what is set during the installation routine and overwritten with the (standaloneVM) reboot?
How to fix the DNS reboot issue?
… ultimately, what needs to be done (bind-dirs …) to get it working as ProxyVM?
Thanks for your support