DNS and DNS Servers for Linux

The Domain Name System (DNS) is a fundamental component of the internet. It translates human-readable domain names like example.com into IP addresses such as 93.184.216.34, allowing users to connect to websites and services without memorizing numerical addresses. For Linux users, understanding DNS and managing DNS servers is essential for troubleshooting, configuring networks, and ensuring smooth internet connectivity.

What is DNS?

DNS functions as the internet’s phonebook. When you type a domain name into a browser, DNS resolves it into the corresponding IP address so your computer can establish a connection. This resolution process involves several DNS components:

• Resolvers: Client-side components that initiate DNS queries.
• Root servers: Direct queries to the appropriate Top-Level Domain (TLD) servers.
• TLD servers: Handle requests for specific domain extensions (e.g., .com, .org).
• Authoritative name servers: Provide the IP address for the requested domain.

Configuring DNS on Linux

Linux systems use the /etc/resolv.conf file to configure DNS resolvers. This file specifies the DNS servers that the system should query for name resolution.

Example /etc/resolv.conf

nameserver 8.8.8.8
nameserver 1.1.1.1

• 8.8.8.8: Google Public DNS
• 1.1.1.1: Cloudflare DNS

To apply changes:

1. Edit /etc/resolv.conf using a text editor:

   sudo nano /etc/resolv.conf
   

2. Save the changes and restart the network service:

   sudo systemctl restart network
   

Note: On modern systems using NetworkManager, changes to /etc/resolv.conf may be overwritten. To prevent this, configure DNS via NetworkManager.

Setting Up a Local DNS Server

Running a local DNS server can improve network performance and provide better control over name resolution. Popular DNS server software for Linux includes:

• BIND (Berkeley Internet Name Domain): A versatile and widely used DNS server.
• dnsmasq: A lightweight option for local DNS and DHCP.
• Unbound: A caching-only DNS resolver focused on security and privacy.

Installing BIND on Linux

To install and configure BIND:

1. Install BIND:

   sudo apt install bind9    # Debian/Ubuntu
   sudo dnf install bind     # Fedora/RHEL
   

2. Configure the DNS zone file in /etc/bind/named.conf.local:

   zone "example.com" {
       type master;
       file "/etc/bind/db.example.com";
   };
   

3. Create the zone file /etc/bind/db.example.com:

   $TTL    86400
   @       IN      SOA     ns1.example.com. admin.example.com. (
                           2025012601 ; Serial
                           3600       ; Refresh
                           1800       ; Retry
                           604800     ; Expire
                           86400 )    ; Minimum TTL
   
           IN      NS      ns1.example.com.
   ns1     IN      A       192.168.1.10
   www     IN      A       192.168.1.20
   

4. Restart the BIND service:

   sudo systemctl restart bind9
   

Testing the DNS Server

Use the dig command to query the DNS server:

dig @192.168.1.10 www.example.com

This command queries the DNS server at 192.168.1.10 for the www.example.com record.

Using a Caching DNS Resolver

A caching DNS resolver stores query results to reduce response times and network traffic. Unbound is a popular choice:

Installing and Configuring Unbound

1. Install unbound:

   sudo apt install unbound    # Debian/Ubuntu
   sudo dnf install unbound    # Fedora/RHEL
   

2. Configure the resolver in /etc/unbound/unbound.conf:

   server:
       interface: 0.0.0.0
       access-control: 192.168.0.0/16 allow
       verbosity: 1
   

3. Restart unbound:

   sudo systemctl restart unbound
   

4. Update /etc/resolv.conf to use the local resolver:

   nameserver 127.0.0.1
   

Troubleshooting DNS Issues

Common Problems

1. DNS Resolution Fails: Ensure the DNS server specified in /etc/resolv.conf is reachable.
2. Configuration Errors: Validate zone files using named-checkzone for BIND.
3. Network Connectivity: Verify the system’s IP settings with ip a and routing tables with ip route.

Useful Commands

• nslookup: Check DNS resolution:

  nslookup example.com
  

• dig: Detailed DNS queries:

  dig example.com
  

• host: Simple DNS lookups:

  host example.com
  

Summary

The Domain Name System (DNS) is a critical component of networking, enabling seamless connections between human-readable domain names and IP addresses. On Linux, tools like resolv.conf, BIND, and Unbound provide flexible options for configuring and managing DNS. Whether you’re troubleshooting connectivity issues or setting up a local DNS server, mastering DNS tools and concepts is invaluable for Linux administrators.

For a deeper dive into DNS concepts and tools, check out this comprehensive guide to DNS on Linux.

See also

• Introduction to OpenSearch
• Open Source SMTP Servers
• Understanding Dovecot
• Introduction to Firewalld
• tcpdump