How do I set my DNS when resolv.conf is being overwritten?
Most of the info I see online says to edit /etc/resolv.conf, but any changes I make there just get overridden.
$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND --
# YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.1.1
It seems that 127.0.1.1 is a local instance of dnsmasq. The dnsmasq docs say to edit /etc/resolv.conf. I tried putting custom nameservers in /etc/resolv.conf.d/base, but the changes didn’t show up in /etc/resolv.conf after running sudo resolvconf -u.
FYI, I don’t want to change DNS on a per-connection basis, I want to set default DNS settings to use for all connections when not otherwise specified.
UPDATE:
I answered this question myself:
https://unix.stackexchange.com/a/163506/67024
I think it’s the best solution since:
- It works.
- It requires the least amount of changes and
- It still works in conjunction with dnsmasq’s DNS cache, rather than bypassing it.
I believe if you want to override the DNS nameserver you merely add a line similar to this in your base file under resolv.conf.d.
Example
NOTE: Before we get started, sure the following package is installed, apt install resolvconf.
$ sudo vim /etc/resolvconf/resolv.conf.d/base
Then put your nameserver list in like so:
nameserver 8.8.8.8
nameserver 8.8.4.4
Finally update resolvconf:
$ sudo resolvconf -u
If you take a look at the man page for resolvconf it describes the various files under /etc/resolvconf/resolv.conf.d/.
/etc/resolvconf/resolv.conf.d/base
File containing basic resolver information. The lines in this
file are included in the resolver configuration file even when no
interfaces are configured.
/etc/resolvconf/resolv.conf.d/head
File to be prepended to the dynamically generated resolver
configuration file. Normally this is just a comment line.
/etc/resolvconf/resolv.conf.d/tail
File to be appended to the dynamically generated resolver
configuration file. To append nothing, make this an empty
file. This file is a good place to put a resolver options line
if one is needed, e.g.,
options inet6
Even though there’s a warning at the top of the head file:
$ cat /etc/resolvconf/resolv.conf.d/head
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
this warning is is there so that when these files are constructed, the warning will ultimately work its way into the resulting resolv.conf file that these files will be used to make. So you could just as easily have added the nameserver lines that are described above for the base file, to the head file too.
References
Try adding dns-nameservers XXX.XXX.XXX.X into your /etc/networking/interfaces file.
I am also interested in this question and I tried the solution proposed @sim.
To test it, I put
nameserver 8.8.8.8
in /etc/resolvconf/resolv.conf.d/base and
nameserver 8.8.4.4
in /etc/resolvconf/resolv.conf.d/head
Then I restarted the network with
sudo service network-manager restart
The result is that /etc/resolv.conf looks like
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 8.8.4.4
nameserver 127.0.1.1
and nm-tool states that the dnsserver are
DNS: 208.67.222.222
DNS: 208.67.220.220
which are the ones provided by my router.
On the other hand digging an address tells that
;; Query time: 28 msec
;; SERVER: 8.8.4.4#53(8.8.4.4)
If I am right, I conclude from all this that
- only the “head” part is read by resolvonf: the “base” part is
somehow controlled by dnsmasq - the dnsserver is actually forced to
8.8.4.4 regardless of the server provided by dhcp, BUT you loose the caching provided by dnsmasq, since the request is always sent to 8.8.4.4 - dnsmasq is still using ONLY the dnsserver provided by dhcp.
All in all, it works but I don’t think it is the intended result asked for.
A more close solution I think is the following. Edit
sudo vim /etc/dhcp/dhclient.conf
then add
supersede domain-name-servers 8.8.8.8;
The result is the following: resolv.conf contains only 127.0.0.1, which means that dnsmasq cache is invoked and nm-tool says
DNS: 8.8.8.8
which means that if the name searched for is not in the cache, then it is asked for at 8.8.8.8 and not at the server provided by dhcp.
Another (perhaps better) option is to use “prepend” instead of “supersede”: in this way, if the name is not resolved by 8.8.8.8, then the request falls back on the other server. In fact, nm-tool says
DNS: 8.8.8.8
DNS: 208.67.222.222
DNS: 208.67.220.220
A quick and dirty workaround that wasn’t mentioned yet is setting the immutable flag on the resolv.conf file right after editing it.
$ sudo nano /etc/resolv.conf
Add this and save:
nameserver 8.8.8.8
Then:
$ sudo chattr +i /etc/resolv.conf
That should do the trick. I do this on my system too.
I found out that you can change the nameservers that dnsmasq uses by adding the following lines to /etc/dnsmasq.conf:
server=8.8.8.8
server=8.8.4.4
I didn’t have a /etc/dnsmasq.conf file though, since it’s installed by the dnsmasq package, but Ubuntu only comes with dnsmasq-base. I ran sudo apt-get install dnsmasq, then edited /etc/dnsmasq.conf, then sudo service dnsmasq restart and sudo service network-manager restart.
I ran sudo tail -n 200 /var/log/syslog to check my syslog and verify that dnsmasq was using the nameservers I specified:
Oct 21 23:00:54 mylaptop dnsmasq[8611]: using nameserver 8.8.8.8#53
Oct 21 23:00:54 mylaptop dnsmasq[8611]: using nameserver 8.8.4.4#53
EDIT MAY 6,2016
I’ve written a script to update all settings for system connections in the /etc/Network-Manager/system-connections/ directory. The GUI that you use to edit individual connections, edits a particular file in that directory. The script updates all of the files – it just searches for those who don’t have dns set with grep and sets it with awk.
Since accessing those files requires sudo access, run this script with sudo and then – restart network manager
#!/bin/bash
# Author: Serg Kolo
# Date: May 6, 2015
# Description: this script checks all settings for connections in
# /etc/NetworkManager/system-connections/ , and if there's no custom
# dns set , this script sets it;
# NOTE: run sudo service network-manager restart after running this script
set -x
for file in /etc/NetworkManager/system-connections/* ; do
grep 'dns=208.67.220.220;' "$file" || ( awk '{print;if ($1=="[ipv4]"){getline; print "method=autondns=208.67.220.
220;nignore-auto-dns=true"}}' "$file" > .tmpfile && ( cat .tmpfile > "$file") )
done
Script in action:
ORIGINAL POST
Some users here pointed out that DNS is somehow controlled by dnsmasq. That is indeed true. I’ve faced a somewhat smaller issue, where no matter how I changed head or body in /etc/resolvconf/resolv.conf.d , my computer couldn’t actually access interned by domain name – only working with IP addresses.
What I did is to edit the /etc/NetworkManager/NetworkManager.conf file. Originally, it said dns=dnsmasq but I changed it to: dns=208.67.222.222. Although this way, nm-tool doesn’t mention 208.67.222.222, I still was able to use domain names, not just IP addresses.
Here’s how my NetworkManager.conf file looks like now:
[main]
plugins=ifupdown,keyfile,ofono
#dns=dnsmasq
dns=208.67.222.222
[ifupdown]
managed=false
NOTE: For more details on my problem and this solution, refer to my post on askubuntu.com.
UPDATE #1
Having returned home from the university today, I discovered that I couldn’t connect to my home WiFi. I’ve read-up a little on man NetworkManager.conf and it turns out that dns= in [main] is actually a line for plug-ins, so line dns=dnsmasq is actually adding the dnsmasq plugin to the NetworkManager, apparently.
So my solution still worked, just not as I had expected. Here’s excerpt from the man page:
dns=plugin1,plugin2, ... List DNS plugin names separated by ','.DNS plugins are used to provide local caching nameserver functionality
(which speeds up DNS queries) and to push DNS data to applications
that use it.
So by setting dns=208.67.222.222 I may have, basically, prevented NetworkManager from using that plugin, which would otherwise used the local DNS server (which apparently doesn’t work).
-
Search ‘ Network Connection’
-
Open it
-
Then select either WiFi or Ethernet, or whatever you are using, and click on edit. You’ll get this:
-
Select ipv4 in tabs
-
Select addresses only in method
-
Enter your DNS name below, and save it
-
You’re done
For static IP situations, the Ubuntu Server Guide says to change the file /etc/network/interfaces, which may look like this:
iface eth0 inet static
address 192.168.3.3
netmask 255.255.255.0
gateway 192.168.3.1
dns-search example.com
dns-nameservers 192.168.3.45 192.168.8.10
You change the IPs 192.168.3.45 192.168.8.10 for the ones you want, like 8.8.8.8
https://help.ubuntu.com/14.04/serverguide/serverguide.pdf
Page 38
The easy way to change DNS:
$ sudo nano /etc/network/interfaces
If issues come up, install nano:
$ sudo apt-get install nano -y
then ..
- find this:
dns-nameservers - if you don’t find it just type it in there
- I did mine like this:
dns-nameservers 199.85.126.10 199.85.127.10
I hope this is the best way, I did it like this on a VPS by the way.
My issue was a bit different, I wanted to override my routers DNS servers. I found this link from Ubuntu: https://wiki.ubuntu.com/OverrideDNSServers
It says:
If you would like to override the DNS settings provided to you by a DHCP server, open
/etc/dhcp3/dhclient.conf
and add the following line:
supersede domain-name-servers <dns_ip_address1>,<dns_ip_address2>;
replacing <dns_ip_address*> items with the proper content.
on root:
- comment
dns=dnsmasqon/etc/NetworkManager/NetworkManager.conf - add
supersede domain-name-servers 4.2.2.1,4.2.2.3,4.2.2.5,4.2.2.4,4.2.2.1,4.2.2.2;at the end of/etc/dhcp/dhclient.conf sudo service network-manager restart
The following makes the changes shown above:
$ sudo sed -i 's/dnsx3Ddnsmasq/x23dnsx3Ddnsmasq/'
/etc/NetworkManager/NetworkManager.conf
$ echo 'supersede domain-name-servers 4.2.2.1,4.2.2.3,4.2.2.5,4.2.2.4,4.2.2.1,4.2.2.2;' |
sudo tee --append /etc/dhcp/dhclient.conf
$ sudo service network-manager restart
Wait 7/10 seconds to finish the restart process, check your config with
“nslookup nist.gov”. Works well on Ubuntu LTS 14.04.
Maybe I’m missing something, but according to the config instructions at https://help.ubuntu.com/14.04/serverguide/network-configuration.html all you do is update the following. I am not running a proxy – just a machine behind a firewall and local DNS (example shows Googles, but set it to whatever you need).
nano /etc/network/interfaces
Default:
# This file...
# and how to activate...
# The loopback...
auto local
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet dhcp
UPDATED:
# This file...
# and how to activate...
# The loopback...
auto local
iface lo inet loopback
# The primary network interface
#iface eth0 inet dhcp
iface eth0 inet static
address x.x.x.x
netmask 255.255.255.0
gateway x.x.x.x
#nameservers
# you may not need dns-search
# I use it because I'm running this on a Windows network
# so its useful to have
# dns-search x.y
dns-nameservers 4.4.4.4 8.8.8.8
Reboot, if you can.
Some of the answers here work just fine. However I wasn’t happy with the fact I have to manually go through configuration files just to set the “proper” DNS which I already am receiving over DHCP with NetworkManager.
I did a little digging and noticed that the /etc/resolv.conf file is actually a link and it’s pointing to /run/systemd/resolve/stub-resolv.conf. After some experimenting it appears that /run/systemd/resolve/ directory contains another file named resolv.conf which already contains the settings you’ve received via DHCP. So, instead of having to manually overwrite/create configuration files in /etc/, you can simply re-link /etc/resolv.conf to point to the /run/systemd/resolve/resolv.conf file and all should be just fine:
# sudo ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf
You should now be able to edit the settings even from the Network Manager in Gnome. 🙂
Not sure if this will work on older ubuntu’s but it does on Ubuntu 17.10.
There are two methods
Method 1
The DNS server to use can be changed by updating head file in under resolv.conf.d
$ echo 'nameserver 1.1.1.1' | sudo tee /etc/resolvconf/resolv.conf.d/base
and then run
$ sudo resolvconf -u
The above will generate a generic resolv.conf file in the /etc directory. All your resolve requests will be sent to the above said nameserver. Solved.
However there are implications to this. When using resolvconf to directly query 1.1.1.1 for address resolutions, the power of caching provided by dnsmasq is gone. Every request will go to 1.1.1.1
Method 2
If you don’t want above to happen and use dnsmasq for DNS resolutions refer this answer. The answer is simply described here.
Add the following content in /etc/dnsmasq.conf file.
server=1.1.1.1
Then restart the dnsmasq service
$ sudo systemctl restart dnsmasq.service
Things will work fine. Solved.
NB : Like most answers, this one assumes the use of NetworkManager. However unlike most other answers, it doesn’t assume the use of resolvconf, dhclient or anything else — beware that they may take over, though (see update).
Given the number of views of this question it’s quite incredible that this 8 characters solution hasn’t been posted yet : according to man NetworkManager.conf,
dns: […] none: NetworkManager will not modify resolv.conf. This implies rc-manager unmanaged
Therefore add
dns=none
in the [main] section of /etc/NetworkManager/NetworkManager.conf then restart NetworkManager and it won’t modify /etc/resolv.conf anymore.
Note that setting rc-manager=unmanaged should be equivalent to dns=none, and that setting rc-manager=symlink along with having /etc/resolv.conf as a symbolic link may be a better idea (read above-mentioned manpage).
Update :
After NetworkManager stopped overwriting /etc/resolv.conf, I figured dhcpcd was already replacing /etc/resolv.conf by a useless empty file at boot. The manpage of dhcpcd.conf helped, it suffices to add
nohook resolv.conf
in your dhcpcd.conf (mine is in /etc/dhcpcd.conf).
That’s because a particular installed application is managing this file.
You can either uninstall that application or set your desired options directly through that application.
On my case (Linux centos7 minimal server) having same situation I was getting # Generated by NetworkManager at top of resolv.conf file so the best way I could change this option was using
nmtui
command. You can edit nameservers in this tool and when you change options of networkmanager from this utility they will be automatically applied to /etc/resolv.conf after reboot. Here you can find more information.
Nothing at all on the Internet helped me, because NordVPN’s CLI utility kept overwriting /etc/resolv.conf every time I connected and disocnnected from the VPN. It even overrode chattr +i, which was super annoying!!
What worked for me was completely disabling resolvconf!
Edit /etc/resolvconf.conf and make this the only entry:
resolv_conf=NO
This specifically disables resolvconf, meaning your /etc/resolv.conf will never be changed by it. Then go ahead and sudo chattr +i /etc/resolv.conf for good measure.
Tested on Arch Linux.
On Centos 7, using NetworkManager, the cleanest, persisent, working solution that I’ve been able to find is to create a NetworkManager script that uses nmcli to set the values I want.
e.g.
Create /etc/NetworkManager/dispatcher.d/mydns.sh with permissions 755 and the following contents:
#!/usr/bin/sh
if [ $1 == "enp0s11" -a $2 == "up" ]
then
echo "Setting my DNS ($1 is $2)" | logger
# disable default DNS
nmcli device mod enp0s11 ipv4.ignore-auto-dns yes
# Substitute our own DNS, in the desired order
nmcli device mod enp0s11 ipv4.dns "10.0.1.101 10.0.1.1"
fi
And to test, without rebooting:
systemctl restart NetworkManager.service
cat /etc/resolv.conf
YMMV, but this is the only way I’ve found that allows my /etc/resolv.conf to ‘survive’ a reboot without being overwritten with values I don’t want.