foundations-p-dns-resolving<\/a><\/p>\nHere is a description of the two big changes that happened:<\/p>\n
Switch to resolvconf for \/etc\/resolv.conf management<\/h2>\n
resolvconf is a set of script and hooks managing DNS resolution. The most notable difference for the user is that any change manually done to \/etc\/resolv.conf will be lost<\/strong> as it gets overwritten next time something triggers resolvconf. Instead, resolvconf uses DHCP client hooks, a Network Manager plugin and \/etc\/network\/interfaces to generate a list of nameservers and domain to put in \/etc\/resolv.conf.<\/p>\nFor more details, I\u2019d highly encourage you to read resolvconf\u2019s manpage but here are a few answers to common questions:<\/p>\n
\n- I use static IP configuration, where should I put my DNS configuration?
\nThe DNS configuration for a static interface should go as \u201cdns-nameservers\u201d, \u201cdns-search\u201d and \u201cdns-domain\u201d entries added to the interface in \/etc\/network\/interfaces<\/strong><\/li>\n- How can I override resolvconf\u2019s configuration or append some entries to it?
\nResolvconf has a<\/strong> \/etc\/resolvconf\/resolv.conf.d\/ directory that can contain \u201cbase\u201d, \u201chead\u201d, \u201coriginal\u201d and \u201ctail\u201d files. All in resolv.conf format.
\n<\/strong><\/li>\n\n- base:<\/strong> Used when no other data can be found<\/li>\n
- head: <\/strong>Used for the header of resolv.conf, can be used to ensure a DNS server is always the first one in the list<\/li>\n
- original: <\/strong>Just a backup of your resolv.conf at the time of resolvconf installation<\/li>\n
- tail: <\/strong>Any entry in tail is appended at the end of the resulting resolv.conf. In some cases, upgrading from a previous Ubuntu release, will make tail<\/strong> a symlink to original<\/strong> (when we think you manually modified resolv.conf in the past)<\/li>\n<\/ul>\n
- I really don\u2019t want resolvconf, how can I disable it?
\nI certainly wouldn\u2019t recommend disabling resolvconf but you can do it by making \/etc\/resolv.conf a regular file instead of a symlink.
\nThough please note that you may then be getting inconsistent \/etc\/resolv.conf when multiple software are fighting to change it.
\n<\/strong><\/li>\n<\/ul>\nThis change affects all Ubuntu installs except for Ubuntu core.<\/p>\n
Using dnsmasq as local resolver by default on desktop installations<\/h2>\n
That\u2019s the second big change of this release. On a desktop install, your DNS server is going to be \u201c127.0.0.1\u2033 which points to a NetworkManager-managed dnsmasq server.<\/p>\n
This was done to better support split DNS for VPN users and to better handle DNS failures and fallbacks. This dnsmasq server isn\u2019t a caching server for security reason to avoid risks related to local cache poisoning and users eavesdropping on other\u2019s DNS queries on a multi-user system.<\/p>\n
The big advantage is that if you connect to a VPN, instead of having all your DNS traffic be routed through the VPN like in the past, you\u2019ll instead only send DNS queries related to the subnet and domains announced by that VPN. This is especially interesting for high latency VPN links where everything would be slowed down in the past.<\/p>\n
As for dealing with DNS failures, dnsmasq often sends the DNS queries to more than one DNS servers (if you received multiple when establishing your connection) and will detect bogus\/dead ones and simply ignore them until they start returning sensible information again. This is to compare against the libc\u2019s way of doing DNS resolving where the state of the DNS servers can\u2019t be saved (as it\u2019s just a library) and so every single application has to go through the same, trying the first DNS, waiting for it to timeout, using the next one.<\/p>\n
Now for the most common questions:<\/p>\n
\n- How to know what DNS servers I\u2019m using (since I can\u2019t just \u201ccat \/etc\/resolv.conf\u201d)?
\n\u201cnm-tool\u201d can be used to get information about your existing connections in Network Manager. It\u2019s roughly the same data you\u2019d get in the GUI \u201cconnection information\u201d.
\nAlternatively, you can also read dnsmasq\u2019s configuration from \/run\/nm-dns-dnsmasq.conf<\/strong><\/li>\n- I really don\u2019t want a local resolver, how can I turn it off?
\nTo turn off dnsmasq in Network Manager, you need to edit \/etc\/NetworkManager\/NetworkManager.conf and comment the \u201cdns=dnsmasq\u201d line (put a # in front of it) then do a \u201csudo restart network-manager\u201d.<\/strong><\/li>\n<\/ul>\nBugs and feedback<\/h2>\n
Although we\u2019ve been doing these changes more than a month ago and we\u2019ve been looking pretty closely at bug reports, there may be some we haven\u2019t found yet.<\/p>\n
Issues related to resolvconf should be reported with:
\nubuntu-bug resolvconf<\/strong><\/p>\nIssues related to the dnsmasq configuration should be reported with:
\nubuntu-bug network-manager<\/strong><\/p>\nAnd finally, actual dnsmasq bugs and crashed should be reported with:
\nubuntu-bug dnsmasq<\/strong><\/p>\nIn all cases, please try to include the following information:<\/p>\n
\n- How was your system installed (desktop, alternate, netinstall, \u2026)?<\/li>\n
- Whether it\u2019s a clean install or an upgrade?<\/li>\n
- Tarball of \/etc\/resolvconf and \/run\/resolvconf<\/li>\n
- Content of \/run\/nm-dns-dnsmasq.conf<\/li>\n
- Your \/var\/log\/syslog<\/li>\n
- Your \/etc\/network\/interfaces<\/li>\n
- And obviously a detailed description of your problem<\/li>\n<\/ul>\n
Source: http:\/\/www.stgraber.org\/2012\/02\/24\/dns-in-ubuntu-12-04\/<\/p>\n","protected":false},"excerpt":{"rendered":"
Anyone who\u2019s been using 12.04 over the past month or so […]<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3508],"tags":[],"class_list":["post-3501","post","type-post","status-publish","format-standard","hentry","category-dnssec-and-dns-","category-3508-id","post-seq-1","post-parity-odd","meta-position-corners","fix"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/3501","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3501"}],"version-history":[{"count":2,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/3501\/revisions"}],"predecessor-version":[{"id":3543,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/3501\/revisions\/3543"}],"wp:attachment":[{"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3501"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3501"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.icocean.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3501"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}