DNS in Ubuntu 12.04

Anyone who’s been using 12.04 over the past month or so may have noticed some pretty significant changes in the way we do DNS resolving in Ubuntu.

This is the result of the implementation of: foundations-p-dns-resolving

Here is a description of the two big changes that happened:

Switch to resolvconf for /etc/resolv.conf management

resolvconf is a set of script and hooks managing DNS resolution. The most notable difference for the user is that any change manually done to /etc/resolv.conf will be lost as it gets overwritten next time something triggers resolvconf. Instead, resolvconf uses DHCP client hooks, a Network Manager plugin and /etc/network/interfaces to generate a list of nameservers and domain to put in /etc/resolv.conf.

For more details, I’d highly encourage you to read resolvconf’s manpage but here are a few answers to common questions:

  • I use static IP configuration, where should I put my DNS configuration?
    The DNS configuration for a static interface should go as “dns-nameservers”, “dns-search” and “dns-domain” entries added to the interface in /etc/network/interfaces
  • How can I override resolvconf’s configuration or append some entries to it?
    Resolvconf has a /etc/resolvconf/resolv.conf.d/ directory that can contain “base”, “head”, “original” and “tail” files. All in resolv.conf format.
    • base: Used when no other data can be found
    • head: Used for the header of resolv.conf, can be used to ensure a DNS server is always the first one in the list
    • original: Just a backup of your resolv.conf at the time of resolvconf installation
    • tail: Any entry in tail is appended at the end of the resulting resolv.conf. In some cases, upgrading from a previous Ubuntu release, will make tail a symlink to original (when we think you manually modified resolv.conf in the past)
  • I really don’t want resolvconf, how can I disable it?
    I certainly wouldn’t recommend disabling resolvconf but you can do it by making /etc/resolv.conf a regular file instead of a symlink.
    Though please note that you may then be getting inconsistent /etc/resolv.conf when multiple software are fighting to change it.

This change affects all Ubuntu installs except for Ubuntu core.

Using dnsmasq as local resolver by default on desktop installations

That’s the second big change of this release. On a desktop install, your DNS server is going to be “127.0.0.1” which points to a NetworkManager-managed dnsmasq server.

This was done to better support split DNS for VPN users and to better handle DNS failures and fallbacks. This dnsmasq server isn’t a caching server for security reason to avoid risks related to local cache poisoning and users eavesdropping on other’s DNS queries on a multi-user system.

The big advantage is that if you connect to a VPN, instead of having all your DNS traffic be routed through the VPN like in the past, you’ll instead only send DNS queries related to the subnet and domains announced by that VPN. This is especially interesting for high latency VPN links where everything would be slowed down in the past.

As for dealing with DNS failures, dnsmasq often sends the DNS queries to more than one DNS servers (if you received multiple when establishing your connection) and will detect bogus/dead ones and simply ignore them until they start returning sensible information again. This is to compare against the libc’s way of doing DNS resolving where the state of the DNS servers can’t be saved (as it’s just a library) and so every single application has to go through the same, trying the first DNS, waiting for it to timeout, using the next one.

Now for the most common questions:

  • How to know what DNS servers I’m using (since I can’t just “cat /etc/resolv.conf”)?
    “nm-tool” can be used to get information about your existing connections in Network Manager. It’s roughly the same data you’d get in the GUI “connection information”.
    Alternatively, you can also read dnsmasq’s configuration from /run/nm-dns-dnsmasq.conf
  • I really don’t want a local resolver, how can I turn it off?
    To turn off dnsmasq in Network Manager, you need to edit /etc/NetworkManager/NetworkManager.conf and comment the “dns=dnsmasq” line (put a # in front of it) then do a “sudo restart network-manager”.

Bugs and feedback

Although we’ve been doing these changes more than a month ago and we’ve been looking pretty closely at bug reports, there may be some we haven’t found yet.

Issues related to resolvconf should be reported with:
ubuntu-bug resolvconf

Issues related to the dnsmasq configuration should be reported with:
ubuntu-bug network-manager

And finally, actual dnsmasq bugs and crashed should be reported with:
ubuntu-bug dnsmasq

In all cases, please try to include the following information:

  • How was your system installed (desktop, alternate, netinstall, …)?
  • Whether it’s a clean install or an upgrade?
  • Tarball of /etc/resolvconf and /run/resolvconf
  • Content of /run/nm-dns-dnsmasq.conf
  • Your /var/log/syslog
  • Your /etc/network/interfaces
  • And obviously a detailed description of your problem
This entry was posted in Canonical voices, Planet Ubuntu. Bookmark the permalink.

243 Responses to DNS in Ubuntu 12.04

  1. Pingback: Mudanças na resolução DNS no Ubuntu 12.04 | Ubuntero

  2. Pingback: S05E01 – An Exhortation to Peace and Unity – Ogg | Ubuntu Podcast

  3. Pingback: S05E01 – An Exhortation to Peace and Unity – MP3 | Ubuntu Podcast

  4. Pingback: S05E01 – An Exhortation to Peace and Unity | Ubuntu Podcast

  5. Pingback: LUG Mureş » Noutăți în Ubuntu 12.04 LTS

  6. Pingback: DNS Fail? Not anymore | MWJ Computing

  7. Pingback: Appending Search Domain with Ubuntu | GAWAG

  8. Pingback: Using host networking and NAT with VirtualBox, v2.0 | tolaris.com

  9. Pingback: Características de Ubuntu 12.04 LTS

  10. Pingback: (English) DNS in Ubuntu 12.04 | Senouf.fr Conseil Systèmes et Réseaux

  11. Pingback: DNS resolver changes in Ubuntu Precise (12.04) | sandipb.net

  12. Pingback: Ubuntu 12.04 and resolv.conf - The Data Nest

  13. Pingback: How to disable DNSMASQ in ubuntu 12.04(Precise) | .::Madesumitre blog's

  14. Pingback: Upgrading to Ubuntu 12.04 | thestorey.ca

  15. Pingback: DNS Cache su ubuntu 12.04 | ReefBits.net

  16. Pingback: Ubuntu 12.04 LTS

  17. Pingback: Easily ssh to your containers and VMs on Ubuntu 12.04 LTS | Stéphane Graber's website

  18. Pingback: Problemes amb el DNS (/etc/resolv.conf) amb el nou Ubuntu 12.04 ? | DomestiCAT

  19. Pingback: YV Tech | Ubuntu Desktop 12.04 LTS

  20. Pingback: Ubuntu 12.04 LTSへアップデート時,名前解決が失敗する | Res-Log

  21. Pingback: 使用国外 DNS 造成国内网站访问慢的解决方法 | wzyboy's blog

  22. Pingback: 使用国外 DNS 造成国内网站访问慢的解决方法 | Albert's recording

  23. Pingback: DigitalWebCare

  24. Pingback: Ubuntu Studio 12.04 Precise Pangolin Release Notes « smartboyhw's new blog

  25. Pingback: 使用 dnsmasq 分流域名解析请求 | 细柳营

  26. Pingback: Ubuntu 12.04 connects to local network but not to the Internet | Wildeng TechDad

  27. Pingback: tolaris.com Non-localhost dnsmasq breaks DNS on Ubuntu 12.10 | tolaris.com

  28. Pingback: MINT14 Neuseinsteiger WLAN - Linux: Linux-Forum

  29. Pingback: 使用国外 DNS 造成国内网站访问慢的解决方法 | Singjet

  30. Pingback: How to disable DNSMASQ in ubuntu 12.04 | Ayhee d'Inet

  31. Pingback: Ubuntu 12.04 Review

  32. Pingback: Auto DNS resolving in Ubuntu 12.04 desktop | ATOM OCT

  33. Pingback: Virtualbox: resolvconf in ubuntu 12.04 host breaks DNS in WinXP guest | WyldePlayground.netWyldePlayground.net -

  34. Pingback: Read/Write Access in Recovery Mode With WPA2 Wireless. | WyldePlayground.netWyldePlayground.net -

  35. Pingback: Configuring Static DNS with DHCP on Debian/Ubuntu - Raam Dev

  36. Pingback: NetworkManager and dnsmasq

  37. Pingback: DNS Caching in Ubuntu Desktop | sine walker

  38. Pingback: DNS Resolver Changes in Ubuntu Precise (12.04) | sandipb.net

  39. Pingback: DNS sometimes works, but it is very slow. | Some Ubuntu Questions and Answers

  40. Pingback: Ubuntu 17.04 | ubuntu-buch.info

  41. Pingback: Solved: dns resolve bei statischer IP Ubunutu - Übermüdet

  42. Pingback: name resolution basic – LAVATEIN NOTE

Leave a Reply

Your email address will not be published. Required fields are marked *