I don’t know what your previous setup was, but given that running resolved fixes your DNS issues, run:

ln -sf ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

This will point programs that use /etc/resolved.conf during DNS resolution use the local DNS server provided by systemd-resolved.

Then, enable resolved so that it is started when you reboot:

systemctl enable systemd-resolved.service

Finally, start the service so that it is available immediately:

systemctl start systemd-resolved.service

You will want it run those with the required permissions, e. g. via sudo.

Did you undo the reverse path strict filtering your guide suggested?

net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1

Above is what the guide suggests to force reverse path strict filtering. Try setting as shown below:

net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0

According to the guide, “By default, these are set in /usr/lib/sysctl.d/50-default.conf”

I don’t use arch (shocking I know), so I can’t help you directly, but I will recommend instead that you invest some effort in learning about the Linux networking stack. It’s very powerful and can be very complicated, but usually the only thing you need to do to get it working is something very simple. Basically all distributions use the Linux kernel networking stack under the hood, usually with only a few user-interface sprinkles on top. Sometimes that can get in your way, but usually it doesn’t. All the basic tools you need should be accessible through the terminal.

The most basic things you can check are ip a which should show a bunch of interfaces, the one you’re particularly interested in is obviously the wired interface. This will tell you if it’s considered <UP> and whether it has an “inet” address (among other things). If it doesn’t, you need to get the interface configured and brought up somehow, usually by a DHCP broadcast. Network Manager is usually responsible for this in most distributions. Arch seems to have some information here.

If those things look good, next step is to look at ip r which will tell you the routes available. The most important one is the default route, this will tell your system where to send traffic when it isn’t local, and usually sends traffic to an internet gateway, which should’ve been provided by DHCP and is usually your router, but could also be a firewall, the internet modem itself, or something else. The route will tell it what IP the gateway has, and what interface it can be found on.

Assuming that looks good, see if you can ping the gateway IP. If your packets aren’t getting through (and back) that suggests something is wrong on a lower level, the kernel firewall might be dropping the packets (configuring the kernel firewall is a whole topic in itself) or one of the IPs is not valid and is not registered properly on the network, or the physical (wiring) or the hardware on either end is not functioning or misconfigured.

If you can ping the gateway successfully, the next step is to see if you can ping the internet itself by IP. ping 8.8.8.8 will reach out to one of Google’s DNS servers which is what I usually use as a quick test. If you get no response then it’s either not forwarding your traffic out to the internet, or the internet is not able to get responses back to it, and ultimately back to you. Or Google is down, but that’s not very likely.

If you’ve gotten this far and 8.8.8.8 is responding to you, then congratulations, you HAVE internet access! What you might NOT have is DNS service, which is what translates names into IP addresses. A quick test for DNS is simply to ping google.com and like before, if that fails either your DNS is broken or Google is down, which is still not very likely.

Hopefully this will help you at least start to find out where things are going wrong. From there, hopefully you can at least steer your investigation in the right direction. Good luck!

I had a similar issue with using tail scale, but here the issue was definitely not on the client. My actual DSL connection would reset, multiple times per day. Had the provider come 4 times to investigate the issue, got 3 new routers, they reinstalled the entry point to the house, and fixed an issue in the neighbourhood central point. All to no avail. I ended up purging everything tail scale and hand rolled wireguard. No more issues :/

I’ve had similar problems in the past - apparently no internet connection, and both times I narrowed it down to the machine being unable to resolve domain names.

Turns out Tailscale had changed the IP address for the machines’ DNS resolution in resolv.conf to 100.100.100.100

That’s fine when the machine is connected to Tailscale but not when it isn’t!

Reverting the DNS IP back to whatever it was previously, or to something like 1.1.1.1 solved the problem for me, at least to the extent that it could resolve URLs again.

Worth a look, if only to rule it out…?