MDNS multi-cast DNS and resolv.conf file

Question

Can a MDNS ( multicast dns ) issue cause duplicate lines in the resolv.conf file?

For example , we have the following resolv.conf file

more /etc/resolv.conf
search coronplesdf.hh.com
server 108.16.1.71
domain coronplesdf.hh.com
domain coronplesdf.hh.com
domain coronplesdf.hh.com
domain coronplesdf.hh.com
domain coronplesdf.hh.com
domain coronplesdf.hh.com
domain coronplesdf.hh.com
domain coronplesdf.hh.com
domain coronplesdf.hh.com
domain coronplesdf.hh.com

example what we getting from dmesg

[6484420.812643] raid6: using avx2x2 recovery algorithm
[6484420.859086] Btrfs loaded
[6484426.278636] nr_pdflush_threads exported in /proc is scheduled for removal
[6484708.776239] ixgbe 0000:04:00.0: invalid short VPD tag 06 at offset 4
[6900952.098901] perf: interrupt took too long (6247 > 6167), lowering kernel.perf_event_max_sample_rate to 32000
[7372848.819396] Peer 0000:0000:0000:0000:0000:ffff:0a15:f030:1054/8042 unexpectedly shrunk window 3002395993:3002395997 (repaired)
[8139485.039423] Turbo disabled by BIOS or unavailable on processor
[8380300.891343] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380320.890541] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380440.896206] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380460.895001] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380463.207397] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380467.316531] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380468.363352] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380469.332044] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380489.330943] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380509.329849] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380529.328678] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380549.468256] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380569.326474] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380589.340946] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380609.339969] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380619.870472] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380620.964216] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380621.979847] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380641.869255] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69
[8380661.883737] UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69

Answer 1

A layer 2 network performance optimization/quirk is not supposed to affect resolv.conf. I would bet on some non-idempotent operation on some devops script of yours is adding/added the domain line in multiple invocations.

Also mDNS does not use a central point, and is independent of regular DNS; equipments talking it announce their name/IP address(es) to the entire network (m stands for multicast). As I have everything in DNS, I usually stop mDNS daemons/avahi in "my" enterprise servers.

Answer 2

No, bad MDNS packet checksums should not cause multiple domain lines in /etc/resolv.conf nor vice versa.

The message

UDP: bad checksum. From 73.2.33.11:5353 to 82.2.33.1:5353 ulen 69

would indicate that the system with IP 82.2.33.1 is receiving bad UDP packets originating from 73.2.33.11, so the system with IP 73.2.33.11 might have a software bug or some NIC hardware fault. It might also be an attempt to probe your system by intentionally sending bad packages and seeing how/if your system will respond to them.

I'm assuming you modified the IP addresses for privacy, because having IPs like 73.x.x.x and 82.x.x.x in the same network segment doesn't generally make sense. MDNS is usually useful only within a single network segment, so if 73.2.33.11 is not part of your local network, you might want to block incoming UDP/5353 traffic from Internet to your network at your router (or at a dedicated firewall device, if you have one).