DNS system is failing to resolve domain names occasionally












4















I'm running Xubuntu…



$ cat /etc/issue
Ubuntu 17.04

$ uname -a
Linux intrepid 4.10.0-33-generic #37-Ubuntu SMP Fri Aug 11 10:55:28 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux


…and connecting through wireless network.



However, the DNS system is acting weird and it fails to resolve domain names occasionally.



When I'm trying to resolve some domain name manually it gives me the following error:



$ nslookup google.com
Server: 127.0.0.53
Address: 127.0.0.53#53

** server can't find google.com: REFUSED


Here's the list of all DNS servers configured on my computer:



$ nmcli device show wlp3s0 | grep IP4.DNS
IP4.DNS[1]: 192.168.1.1
IP4.DNS[2]: 8.8.4.4
IP4.DNS[3]: 8.8.8.8


But, when I try to resolve the domain name and tell it to use my router as a DNS server directly (which should be used automatically in the first place) it works flawlessly:



$ nslookup google.com - 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53

Non-authoritative answer:
Name: google.com
Address: 173.194.122.238



Why does it fail to resolve the domain names? What server is it trying to use by default?



My resolve.conf is looking like this:



$ cat /etc/resolv.conf 
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual nameservers.

nameserver 127.0.0.53


Any hints would be highly appreciated, thanks!





And here's the output of $ systemd-resolve --status. The interface I'm using is wlp3s0.










share|improve this question

























  • Is your router configured as a firewall to block DNS requests?

    – Charles Green
    Sep 3 '17 at 1:25











  • @CharlesGreen It has SPI firewall enabled, but I can't see any settings related to DNS. Also, if it was the case then manual lookup through router's DNS should also be blocked, right?

    – Slava Fomin II
    Sep 3 '17 at 4:43











  • Did you run systemd-resolve --status as suggested in the resolv.conf file? What is the output? Add that to your question.

    – Thomas
    Sep 3 '17 at 11:25











  • If you use your router's DNS, then a seperate server within the router issues another call to the internet for DNS. Please try to configure your router to allow port 53, for both TCP and UDP connections outbound from your network.

    – Charles Green
    Sep 3 '17 at 21:23






  • 3





    I have this issue too, after a session to a VPN network, it seems like the local DNS service (on 127.0.0.53) still tries to resolve the hostnames for which the DNS server in the VPN network is authoritative to that DNS server inside the VPN network and that doesn't work anymore after a disconnect. It should try another DNS server as provided via another network interface. A permanent workaround that I use is: mv /etc/resolv.conf /etc/resolv.conf_orig ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf This makes me suspect that this is due to a bug in systemd-resolved

    – jringoot
    Dec 17 '17 at 14:20
















4















I'm running Xubuntu…



$ cat /etc/issue
Ubuntu 17.04

$ uname -a
Linux intrepid 4.10.0-33-generic #37-Ubuntu SMP Fri Aug 11 10:55:28 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux


…and connecting through wireless network.



However, the DNS system is acting weird and it fails to resolve domain names occasionally.



When I'm trying to resolve some domain name manually it gives me the following error:



$ nslookup google.com
Server: 127.0.0.53
Address: 127.0.0.53#53

** server can't find google.com: REFUSED


Here's the list of all DNS servers configured on my computer:



$ nmcli device show wlp3s0 | grep IP4.DNS
IP4.DNS[1]: 192.168.1.1
IP4.DNS[2]: 8.8.4.4
IP4.DNS[3]: 8.8.8.8


But, when I try to resolve the domain name and tell it to use my router as a DNS server directly (which should be used automatically in the first place) it works flawlessly:



$ nslookup google.com - 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53

Non-authoritative answer:
Name: google.com
Address: 173.194.122.238



Why does it fail to resolve the domain names? What server is it trying to use by default?



My resolve.conf is looking like this:



$ cat /etc/resolv.conf 
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual nameservers.

nameserver 127.0.0.53


Any hints would be highly appreciated, thanks!





And here's the output of $ systemd-resolve --status. The interface I'm using is wlp3s0.










share|improve this question

























  • Is your router configured as a firewall to block DNS requests?

    – Charles Green
    Sep 3 '17 at 1:25











  • @CharlesGreen It has SPI firewall enabled, but I can't see any settings related to DNS. Also, if it was the case then manual lookup through router's DNS should also be blocked, right?

    – Slava Fomin II
    Sep 3 '17 at 4:43











  • Did you run systemd-resolve --status as suggested in the resolv.conf file? What is the output? Add that to your question.

    – Thomas
    Sep 3 '17 at 11:25











  • If you use your router's DNS, then a seperate server within the router issues another call to the internet for DNS. Please try to configure your router to allow port 53, for both TCP and UDP connections outbound from your network.

    – Charles Green
    Sep 3 '17 at 21:23






  • 3





    I have this issue too, after a session to a VPN network, it seems like the local DNS service (on 127.0.0.53) still tries to resolve the hostnames for which the DNS server in the VPN network is authoritative to that DNS server inside the VPN network and that doesn't work anymore after a disconnect. It should try another DNS server as provided via another network interface. A permanent workaround that I use is: mv /etc/resolv.conf /etc/resolv.conf_orig ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf This makes me suspect that this is due to a bug in systemd-resolved

    – jringoot
    Dec 17 '17 at 14:20














4












4








4


1






I'm running Xubuntu…



$ cat /etc/issue
Ubuntu 17.04

$ uname -a
Linux intrepid 4.10.0-33-generic #37-Ubuntu SMP Fri Aug 11 10:55:28 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux


…and connecting through wireless network.



However, the DNS system is acting weird and it fails to resolve domain names occasionally.



When I'm trying to resolve some domain name manually it gives me the following error:



$ nslookup google.com
Server: 127.0.0.53
Address: 127.0.0.53#53

** server can't find google.com: REFUSED


Here's the list of all DNS servers configured on my computer:



$ nmcli device show wlp3s0 | grep IP4.DNS
IP4.DNS[1]: 192.168.1.1
IP4.DNS[2]: 8.8.4.4
IP4.DNS[3]: 8.8.8.8


But, when I try to resolve the domain name and tell it to use my router as a DNS server directly (which should be used automatically in the first place) it works flawlessly:



$ nslookup google.com - 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53

Non-authoritative answer:
Name: google.com
Address: 173.194.122.238



Why does it fail to resolve the domain names? What server is it trying to use by default?



My resolve.conf is looking like this:



$ cat /etc/resolv.conf 
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual nameservers.

nameserver 127.0.0.53


Any hints would be highly appreciated, thanks!





And here's the output of $ systemd-resolve --status. The interface I'm using is wlp3s0.










share|improve this question
















I'm running Xubuntu…



$ cat /etc/issue
Ubuntu 17.04

$ uname -a
Linux intrepid 4.10.0-33-generic #37-Ubuntu SMP Fri Aug 11 10:55:28 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux


…and connecting through wireless network.



However, the DNS system is acting weird and it fails to resolve domain names occasionally.



When I'm trying to resolve some domain name manually it gives me the following error:



$ nslookup google.com
Server: 127.0.0.53
Address: 127.0.0.53#53

** server can't find google.com: REFUSED


Here's the list of all DNS servers configured on my computer:



$ nmcli device show wlp3s0 | grep IP4.DNS
IP4.DNS[1]: 192.168.1.1
IP4.DNS[2]: 8.8.4.4
IP4.DNS[3]: 8.8.8.8


But, when I try to resolve the domain name and tell it to use my router as a DNS server directly (which should be used automatically in the first place) it works flawlessly:



$ nslookup google.com - 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53

Non-authoritative answer:
Name: google.com
Address: 173.194.122.238



Why does it fail to resolve the domain names? What server is it trying to use by default?



My resolve.conf is looking like this:



$ cat /etc/resolv.conf 
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual nameservers.

nameserver 127.0.0.53


Any hints would be highly appreciated, thanks!





And here's the output of $ systemd-resolve --status. The interface I'm using is wlp3s0.







networking dns






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Sep 4 '17 at 22:01







Slava Fomin II

















asked Sep 3 '17 at 1:15









Slava Fomin IISlava Fomin II

44821126




44821126













  • Is your router configured as a firewall to block DNS requests?

    – Charles Green
    Sep 3 '17 at 1:25











  • @CharlesGreen It has SPI firewall enabled, but I can't see any settings related to DNS. Also, if it was the case then manual lookup through router's DNS should also be blocked, right?

    – Slava Fomin II
    Sep 3 '17 at 4:43











  • Did you run systemd-resolve --status as suggested in the resolv.conf file? What is the output? Add that to your question.

    – Thomas
    Sep 3 '17 at 11:25











  • If you use your router's DNS, then a seperate server within the router issues another call to the internet for DNS. Please try to configure your router to allow port 53, for both TCP and UDP connections outbound from your network.

    – Charles Green
    Sep 3 '17 at 21:23






  • 3





    I have this issue too, after a session to a VPN network, it seems like the local DNS service (on 127.0.0.53) still tries to resolve the hostnames for which the DNS server in the VPN network is authoritative to that DNS server inside the VPN network and that doesn't work anymore after a disconnect. It should try another DNS server as provided via another network interface. A permanent workaround that I use is: mv /etc/resolv.conf /etc/resolv.conf_orig ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf This makes me suspect that this is due to a bug in systemd-resolved

    – jringoot
    Dec 17 '17 at 14:20



















  • Is your router configured as a firewall to block DNS requests?

    – Charles Green
    Sep 3 '17 at 1:25











  • @CharlesGreen It has SPI firewall enabled, but I can't see any settings related to DNS. Also, if it was the case then manual lookup through router's DNS should also be blocked, right?

    – Slava Fomin II
    Sep 3 '17 at 4:43











  • Did you run systemd-resolve --status as suggested in the resolv.conf file? What is the output? Add that to your question.

    – Thomas
    Sep 3 '17 at 11:25











  • If you use your router's DNS, then a seperate server within the router issues another call to the internet for DNS. Please try to configure your router to allow port 53, for both TCP and UDP connections outbound from your network.

    – Charles Green
    Sep 3 '17 at 21:23






  • 3





    I have this issue too, after a session to a VPN network, it seems like the local DNS service (on 127.0.0.53) still tries to resolve the hostnames for which the DNS server in the VPN network is authoritative to that DNS server inside the VPN network and that doesn't work anymore after a disconnect. It should try another DNS server as provided via another network interface. A permanent workaround that I use is: mv /etc/resolv.conf /etc/resolv.conf_orig ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf This makes me suspect that this is due to a bug in systemd-resolved

    – jringoot
    Dec 17 '17 at 14:20

















Is your router configured as a firewall to block DNS requests?

– Charles Green
Sep 3 '17 at 1:25





Is your router configured as a firewall to block DNS requests?

– Charles Green
Sep 3 '17 at 1:25













@CharlesGreen It has SPI firewall enabled, but I can't see any settings related to DNS. Also, if it was the case then manual lookup through router's DNS should also be blocked, right?

– Slava Fomin II
Sep 3 '17 at 4:43





@CharlesGreen It has SPI firewall enabled, but I can't see any settings related to DNS. Also, if it was the case then manual lookup through router's DNS should also be blocked, right?

– Slava Fomin II
Sep 3 '17 at 4:43













Did you run systemd-resolve --status as suggested in the resolv.conf file? What is the output? Add that to your question.

– Thomas
Sep 3 '17 at 11:25





Did you run systemd-resolve --status as suggested in the resolv.conf file? What is the output? Add that to your question.

– Thomas
Sep 3 '17 at 11:25













If you use your router's DNS, then a seperate server within the router issues another call to the internet for DNS. Please try to configure your router to allow port 53, for both TCP and UDP connections outbound from your network.

– Charles Green
Sep 3 '17 at 21:23





If you use your router's DNS, then a seperate server within the router issues another call to the internet for DNS. Please try to configure your router to allow port 53, for both TCP and UDP connections outbound from your network.

– Charles Green
Sep 3 '17 at 21:23




3




3





I have this issue too, after a session to a VPN network, it seems like the local DNS service (on 127.0.0.53) still tries to resolve the hostnames for which the DNS server in the VPN network is authoritative to that DNS server inside the VPN network and that doesn't work anymore after a disconnect. It should try another DNS server as provided via another network interface. A permanent workaround that I use is: mv /etc/resolv.conf /etc/resolv.conf_orig ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf This makes me suspect that this is due to a bug in systemd-resolved

– jringoot
Dec 17 '17 at 14:20





I have this issue too, after a session to a VPN network, it seems like the local DNS service (on 127.0.0.53) still tries to resolve the hostnames for which the DNS server in the VPN network is authoritative to that DNS server inside the VPN network and that doesn't work anymore after a disconnect. It should try another DNS server as provided via another network interface. A permanent workaround that I use is: mv /etc/resolv.conf /etc/resolv.conf_orig ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf This makes me suspect that this is due to a bug in systemd-resolved

– jringoot
Dec 17 '17 at 14:20










1 Answer
1






active

oldest

votes


















1














i did what @jringoot suggested in his comment:
mv /etc/resolv.conf /etc/resolv.conf_orig
ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

which basically copies the original resolv.conf file and creates another one.



I examined it and it showed it was still using router dns.

so then I opened the file
vim /etc/resolv.conf

and edited the nameserver from the router dns to 1.1.1.1 (CloudFlare DNS)

i.e. fill it with:
nameserver 1.1.1.1



when i do a check using
nslookup google.com

it now shows it is using my specified DNS:
nslookup google.com
Server: 1.1.1.1
Address: 1.1.1.1#53



Non-authoritative answer:
Name: google.com
Address: 172.217.160.14






share|improve this answer























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "89"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f952284%2fdns-system-is-failing-to-resolve-domain-names-occasionally%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    1














    i did what @jringoot suggested in his comment:
    mv /etc/resolv.conf /etc/resolv.conf_orig
    ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

    which basically copies the original resolv.conf file and creates another one.



    I examined it and it showed it was still using router dns.

    so then I opened the file
    vim /etc/resolv.conf

    and edited the nameserver from the router dns to 1.1.1.1 (CloudFlare DNS)

    i.e. fill it with:
    nameserver 1.1.1.1



    when i do a check using
    nslookup google.com

    it now shows it is using my specified DNS:
    nslookup google.com
    Server: 1.1.1.1
    Address: 1.1.1.1#53



    Non-authoritative answer:
    Name: google.com
    Address: 172.217.160.14






    share|improve this answer




























      1














      i did what @jringoot suggested in his comment:
      mv /etc/resolv.conf /etc/resolv.conf_orig
      ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

      which basically copies the original resolv.conf file and creates another one.



      I examined it and it showed it was still using router dns.

      so then I opened the file
      vim /etc/resolv.conf

      and edited the nameserver from the router dns to 1.1.1.1 (CloudFlare DNS)

      i.e. fill it with:
      nameserver 1.1.1.1



      when i do a check using
      nslookup google.com

      it now shows it is using my specified DNS:
      nslookup google.com
      Server: 1.1.1.1
      Address: 1.1.1.1#53



      Non-authoritative answer:
      Name: google.com
      Address: 172.217.160.14






      share|improve this answer


























        1












        1








        1







        i did what @jringoot suggested in his comment:
        mv /etc/resolv.conf /etc/resolv.conf_orig
        ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

        which basically copies the original resolv.conf file and creates another one.



        I examined it and it showed it was still using router dns.

        so then I opened the file
        vim /etc/resolv.conf

        and edited the nameserver from the router dns to 1.1.1.1 (CloudFlare DNS)

        i.e. fill it with:
        nameserver 1.1.1.1



        when i do a check using
        nslookup google.com

        it now shows it is using my specified DNS:
        nslookup google.com
        Server: 1.1.1.1
        Address: 1.1.1.1#53



        Non-authoritative answer:
        Name: google.com
        Address: 172.217.160.14






        share|improve this answer













        i did what @jringoot suggested in his comment:
        mv /etc/resolv.conf /etc/resolv.conf_orig
        ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

        which basically copies the original resolv.conf file and creates another one.



        I examined it and it showed it was still using router dns.

        so then I opened the file
        vim /etc/resolv.conf

        and edited the nameserver from the router dns to 1.1.1.1 (CloudFlare DNS)

        i.e. fill it with:
        nameserver 1.1.1.1



        when i do a check using
        nslookup google.com

        it now shows it is using my specified DNS:
        nslookup google.com
        Server: 1.1.1.1
        Address: 1.1.1.1#53



        Non-authoritative answer:
        Name: google.com
        Address: 172.217.160.14







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Sep 9 '18 at 3:52









        cryanbhucryanbhu

        1112




        1112






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Ask Ubuntu!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f952284%2fdns-system-is-failing-to-resolve-domain-names-occasionally%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            Mouse cursor on multiple screens with different PPI

            Agildo Ribeiro

            Sometime when accessing a menu: “Ubuntu 16.04 has experienced an internal error”