DNS system is failing to resolve domain names occasionally
I'm running Xubuntu…
$ cat /etc/issue
Ubuntu 17.04
$ uname -a
Linux intrepid 4.10.0-33-generic #37-Ubuntu SMP Fri Aug 11 10:55:28 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
…and connecting through wireless network.
However, the DNS system is acting weird and it fails to resolve domain names occasionally.
When I'm trying to resolve some domain name manually it gives me the following error:
$ nslookup google.com
Server: 127.0.0.53
Address: 127.0.0.53#53
** server can't find google.com: REFUSED
Here's the list of all DNS servers configured on my computer:
$ nmcli device show wlp3s0 | grep IP4.DNS
IP4.DNS[1]: 192.168.1.1
IP4.DNS[2]: 8.8.4.4
IP4.DNS[3]: 8.8.8.8
But, when I try to resolve the domain name and tell it to use my router as a DNS server directly (which should be used automatically in the first place) it works flawlessly:
$ nslookup google.com - 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: google.com
Address: 173.194.122.238
…
Why does it fail to resolve the domain names? What server is it trying to use by default?
My resolve.conf is looking like this:
$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual nameservers.
nameserver 127.0.0.53
Any hints would be highly appreciated, thanks!
And here's the output of $ systemd-resolve --status. The interface I'm using is wlp3s0.
networking dns
|
show 3 more comments
I'm running Xubuntu…
$ cat /etc/issue
Ubuntu 17.04
$ uname -a
Linux intrepid 4.10.0-33-generic #37-Ubuntu SMP Fri Aug 11 10:55:28 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
…and connecting through wireless network.
However, the DNS system is acting weird and it fails to resolve domain names occasionally.
When I'm trying to resolve some domain name manually it gives me the following error:
$ nslookup google.com
Server: 127.0.0.53
Address: 127.0.0.53#53
** server can't find google.com: REFUSED
Here's the list of all DNS servers configured on my computer:
$ nmcli device show wlp3s0 | grep IP4.DNS
IP4.DNS[1]: 192.168.1.1
IP4.DNS[2]: 8.8.4.4
IP4.DNS[3]: 8.8.8.8
But, when I try to resolve the domain name and tell it to use my router as a DNS server directly (which should be used automatically in the first place) it works flawlessly:
$ nslookup google.com - 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: google.com
Address: 173.194.122.238
…
Why does it fail to resolve the domain names? What server is it trying to use by default?
My resolve.conf is looking like this:
$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual nameservers.
nameserver 127.0.0.53
Any hints would be highly appreciated, thanks!
And here's the output of $ systemd-resolve --status. The interface I'm using is wlp3s0.
networking dns
Is your router configured as a firewall to block DNS requests?
– Charles Green
Sep 3 '17 at 1:25
@CharlesGreen It has SPI firewall enabled, but I can't see any settings related to DNS. Also, if it was the case then manual lookup through router's DNS should also be blocked, right?
– Slava Fomin II
Sep 3 '17 at 4:43
Did you runsystemd-resolve --statusas suggested in theresolv.conffile? What is the output? Add that to your question.
– Thomas
Sep 3 '17 at 11:25
If you use your router's DNS, then a seperate server within the router issues another call to the internet for DNS. Please try to configure your router to allow port 53, for both TCP and UDP connections outbound from your network.
– Charles Green
Sep 3 '17 at 21:23
3
I have this issue too, after a session to a VPN network, it seems like the local DNS service (on 127.0.0.53) still tries to resolve the hostnames for which the DNS server in the VPN network is authoritative to that DNS server inside the VPN network and that doesn't work anymore after a disconnect. It should try another DNS server as provided via another network interface. A permanent workaround that I use is:mv /etc/resolv.conf /etc/resolv.conf_origln -s /run/systemd/resolve/resolv.conf /etc/resolv.confThis makes me suspect that this is due to a bug in systemd-resolved
– jringoot
Dec 17 '17 at 14:20
|
show 3 more comments
I'm running Xubuntu…
$ cat /etc/issue
Ubuntu 17.04
$ uname -a
Linux intrepid 4.10.0-33-generic #37-Ubuntu SMP Fri Aug 11 10:55:28 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
…and connecting through wireless network.
However, the DNS system is acting weird and it fails to resolve domain names occasionally.
When I'm trying to resolve some domain name manually it gives me the following error:
$ nslookup google.com
Server: 127.0.0.53
Address: 127.0.0.53#53
** server can't find google.com: REFUSED
Here's the list of all DNS servers configured on my computer:
$ nmcli device show wlp3s0 | grep IP4.DNS
IP4.DNS[1]: 192.168.1.1
IP4.DNS[2]: 8.8.4.4
IP4.DNS[3]: 8.8.8.8
But, when I try to resolve the domain name and tell it to use my router as a DNS server directly (which should be used automatically in the first place) it works flawlessly:
$ nslookup google.com - 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: google.com
Address: 173.194.122.238
…
Why does it fail to resolve the domain names? What server is it trying to use by default?
My resolve.conf is looking like this:
$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual nameservers.
nameserver 127.0.0.53
Any hints would be highly appreciated, thanks!
And here's the output of $ systemd-resolve --status. The interface I'm using is wlp3s0.
networking dns
I'm running Xubuntu…
$ cat /etc/issue
Ubuntu 17.04
$ uname -a
Linux intrepid 4.10.0-33-generic #37-Ubuntu SMP Fri Aug 11 10:55:28 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
…and connecting through wireless network.
However, the DNS system is acting weird and it fails to resolve domain names occasionally.
When I'm trying to resolve some domain name manually it gives me the following error:
$ nslookup google.com
Server: 127.0.0.53
Address: 127.0.0.53#53
** server can't find google.com: REFUSED
Here's the list of all DNS servers configured on my computer:
$ nmcli device show wlp3s0 | grep IP4.DNS
IP4.DNS[1]: 192.168.1.1
IP4.DNS[2]: 8.8.4.4
IP4.DNS[3]: 8.8.8.8
But, when I try to resolve the domain name and tell it to use my router as a DNS server directly (which should be used automatically in the first place) it works flawlessly:
$ nslookup google.com - 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: google.com
Address: 173.194.122.238
…
Why does it fail to resolve the domain names? What server is it trying to use by default?
My resolve.conf is looking like this:
$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual nameservers.
nameserver 127.0.0.53
Any hints would be highly appreciated, thanks!
And here's the output of $ systemd-resolve --status. The interface I'm using is wlp3s0.
networking dns
networking dns
edited Sep 4 '17 at 22:01
Slava Fomin II
asked Sep 3 '17 at 1:15
Slava Fomin IISlava Fomin II
44821126
44821126
Is your router configured as a firewall to block DNS requests?
– Charles Green
Sep 3 '17 at 1:25
@CharlesGreen It has SPI firewall enabled, but I can't see any settings related to DNS. Also, if it was the case then manual lookup through router's DNS should also be blocked, right?
– Slava Fomin II
Sep 3 '17 at 4:43
Did you runsystemd-resolve --statusas suggested in theresolv.conffile? What is the output? Add that to your question.
– Thomas
Sep 3 '17 at 11:25
If you use your router's DNS, then a seperate server within the router issues another call to the internet for DNS. Please try to configure your router to allow port 53, for both TCP and UDP connections outbound from your network.
– Charles Green
Sep 3 '17 at 21:23
3
I have this issue too, after a session to a VPN network, it seems like the local DNS service (on 127.0.0.53) still tries to resolve the hostnames for which the DNS server in the VPN network is authoritative to that DNS server inside the VPN network and that doesn't work anymore after a disconnect. It should try another DNS server as provided via another network interface. A permanent workaround that I use is:mv /etc/resolv.conf /etc/resolv.conf_origln -s /run/systemd/resolve/resolv.conf /etc/resolv.confThis makes me suspect that this is due to a bug in systemd-resolved
– jringoot
Dec 17 '17 at 14:20
|
show 3 more comments
Is your router configured as a firewall to block DNS requests?
– Charles Green
Sep 3 '17 at 1:25
@CharlesGreen It has SPI firewall enabled, but I can't see any settings related to DNS. Also, if it was the case then manual lookup through router's DNS should also be blocked, right?
– Slava Fomin II
Sep 3 '17 at 4:43
Did you runsystemd-resolve --statusas suggested in theresolv.conffile? What is the output? Add that to your question.
– Thomas
Sep 3 '17 at 11:25
If you use your router's DNS, then a seperate server within the router issues another call to the internet for DNS. Please try to configure your router to allow port 53, for both TCP and UDP connections outbound from your network.
– Charles Green
Sep 3 '17 at 21:23
3
I have this issue too, after a session to a VPN network, it seems like the local DNS service (on 127.0.0.53) still tries to resolve the hostnames for which the DNS server in the VPN network is authoritative to that DNS server inside the VPN network and that doesn't work anymore after a disconnect. It should try another DNS server as provided via another network interface. A permanent workaround that I use is:mv /etc/resolv.conf /etc/resolv.conf_origln -s /run/systemd/resolve/resolv.conf /etc/resolv.confThis makes me suspect that this is due to a bug in systemd-resolved
– jringoot
Dec 17 '17 at 14:20
Is your router configured as a firewall to block DNS requests?
– Charles Green
Sep 3 '17 at 1:25
Is your router configured as a firewall to block DNS requests?
– Charles Green
Sep 3 '17 at 1:25
@CharlesGreen It has SPI firewall enabled, but I can't see any settings related to DNS. Also, if it was the case then manual lookup through router's DNS should also be blocked, right?
– Slava Fomin II
Sep 3 '17 at 4:43
@CharlesGreen It has SPI firewall enabled, but I can't see any settings related to DNS. Also, if it was the case then manual lookup through router's DNS should also be blocked, right?
– Slava Fomin II
Sep 3 '17 at 4:43
Did you run
systemd-resolve --status as suggested in the resolv.conf file? What is the output? Add that to your question.– Thomas
Sep 3 '17 at 11:25
Did you run
systemd-resolve --status as suggested in the resolv.conf file? What is the output? Add that to your question.– Thomas
Sep 3 '17 at 11:25
If you use your router's DNS, then a seperate server within the router issues another call to the internet for DNS. Please try to configure your router to allow port 53, for both TCP and UDP connections outbound from your network.
– Charles Green
Sep 3 '17 at 21:23
If you use your router's DNS, then a seperate server within the router issues another call to the internet for DNS. Please try to configure your router to allow port 53, for both TCP and UDP connections outbound from your network.
– Charles Green
Sep 3 '17 at 21:23
3
3
I have this issue too, after a session to a VPN network, it seems like the local DNS service (on 127.0.0.53) still tries to resolve the hostnames for which the DNS server in the VPN network is authoritative to that DNS server inside the VPN network and that doesn't work anymore after a disconnect. It should try another DNS server as provided via another network interface. A permanent workaround that I use is:
mv /etc/resolv.conf /etc/resolv.conf_orig ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf This makes me suspect that this is due to a bug in systemd-resolved– jringoot
Dec 17 '17 at 14:20
I have this issue too, after a session to a VPN network, it seems like the local DNS service (on 127.0.0.53) still tries to resolve the hostnames for which the DNS server in the VPN network is authoritative to that DNS server inside the VPN network and that doesn't work anymore after a disconnect. It should try another DNS server as provided via another network interface. A permanent workaround that I use is:
mv /etc/resolv.conf /etc/resolv.conf_orig ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf This makes me suspect that this is due to a bug in systemd-resolved– jringoot
Dec 17 '17 at 14:20
|
show 3 more comments
1 Answer
1
active
oldest
votes
i did what @jringoot suggested in his comment:mv /etc/resolv.conf /etc/resolv.conf_origln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf
which basically copies the original resolv.conf file and creates another one.
I examined it and it showed it was still using router dns.
so then I opened the filevim /etc/resolv.conf
and edited the nameserver from the router dns to 1.1.1.1 (CloudFlare DNS)
i.e. fill it with:
nameserver 1.1.1.1
when i do a check usingnslookup google.com
it now shows it is using my specified DNS:nslookup google.comServer: 1.1.1.1Address: 1.1.1.1#53
Non-authoritative answer:Name: google.comAddress: 172.217.160.14
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f952284%2fdns-system-is-failing-to-resolve-domain-names-occasionally%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
i did what @jringoot suggested in his comment:mv /etc/resolv.conf /etc/resolv.conf_origln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf
which basically copies the original resolv.conf file and creates another one.
I examined it and it showed it was still using router dns.
so then I opened the filevim /etc/resolv.conf
and edited the nameserver from the router dns to 1.1.1.1 (CloudFlare DNS)
i.e. fill it with:
nameserver 1.1.1.1
when i do a check usingnslookup google.com
it now shows it is using my specified DNS:nslookup google.comServer: 1.1.1.1Address: 1.1.1.1#53
Non-authoritative answer:Name: google.comAddress: 172.217.160.14
add a comment |
i did what @jringoot suggested in his comment:mv /etc/resolv.conf /etc/resolv.conf_origln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf
which basically copies the original resolv.conf file and creates another one.
I examined it and it showed it was still using router dns.
so then I opened the filevim /etc/resolv.conf
and edited the nameserver from the router dns to 1.1.1.1 (CloudFlare DNS)
i.e. fill it with:
nameserver 1.1.1.1
when i do a check usingnslookup google.com
it now shows it is using my specified DNS:nslookup google.comServer: 1.1.1.1Address: 1.1.1.1#53
Non-authoritative answer:Name: google.comAddress: 172.217.160.14
add a comment |
i did what @jringoot suggested in his comment:mv /etc/resolv.conf /etc/resolv.conf_origln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf
which basically copies the original resolv.conf file and creates another one.
I examined it and it showed it was still using router dns.
so then I opened the filevim /etc/resolv.conf
and edited the nameserver from the router dns to 1.1.1.1 (CloudFlare DNS)
i.e. fill it with:
nameserver 1.1.1.1
when i do a check usingnslookup google.com
it now shows it is using my specified DNS:nslookup google.comServer: 1.1.1.1Address: 1.1.1.1#53
Non-authoritative answer:Name: google.comAddress: 172.217.160.14
i did what @jringoot suggested in his comment:mv /etc/resolv.conf /etc/resolv.conf_origln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf
which basically copies the original resolv.conf file and creates another one.
I examined it and it showed it was still using router dns.
so then I opened the filevim /etc/resolv.conf
and edited the nameserver from the router dns to 1.1.1.1 (CloudFlare DNS)
i.e. fill it with:
nameserver 1.1.1.1
when i do a check usingnslookup google.com
it now shows it is using my specified DNS:nslookup google.comServer: 1.1.1.1Address: 1.1.1.1#53
Non-authoritative answer:Name: google.comAddress: 172.217.160.14
answered Sep 9 '18 at 3:52
cryanbhucryanbhu
1112
1112
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f952284%2fdns-system-is-failing-to-resolve-domain-names-occasionally%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Is your router configured as a firewall to block DNS requests?
– Charles Green
Sep 3 '17 at 1:25
@CharlesGreen It has SPI firewall enabled, but I can't see any settings related to DNS. Also, if it was the case then manual lookup through router's DNS should also be blocked, right?
– Slava Fomin II
Sep 3 '17 at 4:43
Did you run
systemd-resolve --statusas suggested in theresolv.conffile? What is the output? Add that to your question.– Thomas
Sep 3 '17 at 11:25
If you use your router's DNS, then a seperate server within the router issues another call to the internet for DNS. Please try to configure your router to allow port 53, for both TCP and UDP connections outbound from your network.
– Charles Green
Sep 3 '17 at 21:23
3
I have this issue too, after a session to a VPN network, it seems like the local DNS service (on 127.0.0.53) still tries to resolve the hostnames for which the DNS server in the VPN network is authoritative to that DNS server inside the VPN network and that doesn't work anymore after a disconnect. It should try another DNS server as provided via another network interface. A permanent workaround that I use is:
mv /etc/resolv.conf /etc/resolv.conf_origln -s /run/systemd/resolve/resolv.conf /etc/resolv.confThis makes me suspect that this is due to a bug in systemd-resolved– jringoot
Dec 17 '17 at 14:20