DNS в Ubuntu

Чтобы лучше ориентироваться в сетевом администрировании, а именно в таких понятиях как типы IP адресов, маски, подсети и т.д. советую изучить статью

«Основы компьютерных сетей»

Введение

Настройка DNS важнейший шаг при работе с Ubuntu, который может вызвать у новичка много вопросов.

В этой статье вы можете найти ответы на некоторые из них.

Диагностика

Для диагностики выполните следующую команду

resolvectl dns

В случае, если вообще ничего не настроено, результат будет следующим

Global: Link 2 (enp0s3): Link 3 (enp0s8):

Также может представлять интерес файл resolv.conf

tail -n 3 /etc/resolv.conf

Если вообще ничего не настроено

# No DNS servers known. search .

Также возможен похожий вариант

nameserver 127.0.0.53 options edns0 trust-ad search .

Из документации:

127.0.0.53 is the systemd-resolved stub resolver.

Можно понять, что 127.0.0.53 это локальный кэширующий DNS сервер. Первые две строки примерно такими и должны быть.

В последней строке должен быть ближайший DNS сервер, например:

search example.com

Пример правильно настроенного DNS

tail -n 3 /etc/resolv.conf

nameserver 127.0.0.53 options edns0 trust-ad search dns.server.int

Добавить DNS сервер

Рассмотрим ситуацию, когда вы уже установили iputils-ping но всё ещё не можете пингануть сайт из за невозможности разрешить имя

ping urn.su

ping: urn.su: Temporary failure in name resolution

Если ваша Ubuntu пользуется resolvconf то стандартным временным решением может быть ручное добавление в resolv.conf

echo "nameserver 1.1.1.1" | sudo tee /etc/resolv.conf

Если Ubuntu уже не пользуется resolvconf то нужно использовать netplan

Первым делом нужно определиться через какой интерфейс будет выход в сеть

ip a

… 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 … 2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 … 3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 08:00:27:78:0e:62 brd ff:ff:ff:ff:ff:ff inet 10.0.2.8/24 metric 100 brd 10.0.2.255 scope global dynamic enp0s8 valid_lft 533sec preferred_lft 533sec inet6 fe80::a00:27ff:fe78:e62/64 scope link valid_lft forever preferred_lft forever …

Интерфейс 1 это Loopback Address

Интерфейс 2 это Host-only networking моего VirtualBox

Интерфейс 3 это NAT Network интерфейс который нам и нужен.

Теперь нужно отредактировать файл с настройками netplan

sudo vi /etc/netplan/50-cloud-init.yaml

# This file is generated from information provided by the datasource. Changes # to it will not persist across an instance reboot. To disable cloud-init's # network configuration capabilities, write a file # /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following: # network: {config: disabled} network: ethernets: enp0s8: dhcp4: true nameservers: addresses: - 8.8.4.4 - 1.1.1.1 version: 2

sudo netplan apply

resolvectl dns

Global: Link 2 (enp0s3): Link 3 (enp0s8): 8.8.4.4 1.1.1.1 10.150.180.147 10.150.210.10 10.150.210.11

resolv.conf

vi /etc/resolv.conf

# This file is managed by man:systemd-resolved(8). Do not edit. # # This is a dynamic resolv.conf file for connecting local clients to the # internal DNS stub resolver of systemd-resolved. This file lists all # configured search domains. # # Run "systemd-resolve --status" to see details about the uplink DNS servers # currently in use. # # Third party programs must not access this file directly, but only through the # symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way, # replace this symlink by a static file or a different symlink. # # See man:systemd-resolved.service(8) for details about the supported modes of # operation for /etc/resolv.conf. nameserver 127.0.0.53 options edns0 search home

В Ubuntu 24.04 Server

vi /etc/resolv.conf

# This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8). # Do not edit. # # This file might be symlinked as /etc/resolv.conf. If you're looking at # /etc/resolv.conf and seeing this text, you have followed the symlink. # # This is a dynamic resolv.conf file for connecting local clients to the # internal DNS stub resolver of systemd-resolved. This file lists all # configured search domains. # # Run "resolvectl status" to see details about the uplink DNS servers # currently in use. # # Third party programs should typically not access this file directly, but only # through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a # different way, replace this symlink by a static file or a different symlink. # # See man:systemd-resolved.service(8) for details about the supported modes of # operation for /etc/resolv.conf. nameserver 127.0.0.53 options edns0 trust-ad search .

Также в Ubuntu 24.04 Server

vi /run/systemd/resolve/resolv.conf

# This is /run/systemd/resolve/resolv.conf managed by man:systemd-resolved(8). # Do not edit. # # This file might be symlinked as /etc/resolv.conf. If you're looking at # /etc/resolv.conf and seeing this text, you have followed the symlink. # # This is a dynamic resolv.conf file for connecting local clients directly to # all known uplink DNS servers. This file lists all configured search domains. # # Third party programs should typically not access this file directly, but only # through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a # different way, replace this symlink by a static file or a different symlink. # # See man:systemd-resolved.service(8) for details about the supported modes of # operation for /etc/resolv.conf. # No DNS servers known. search .

sudo apt install resolvconf

Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: resolvconf 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 48.0 kB of archives. After this operation, 187 kB of additional disk space will be used. Get:1 http://fi.archive.ubuntu.com/ubuntu bionic-updates/universe amd64 resolvconf all 1.79ubuntu10.18.04.3 [48.0 kB] Fetched 48.0 kB in 1s (53.3 kB/s) Preconfiguring packages ... /tmp/resolvconf.config.Dpl2pL: 13: /tmp/resolvconf.config.Dpl2pL: ifquery: not found /tmp/resolvconf.config.Dpl2pL: 13: /tmp/resolvconf.config.Dpl2pL: ifquery: not found Selecting previously unselected package resolvconf. (Reading database ... 67344 files and directories currently installed.) Preparing to unpack .../resolvconf_1.79ubuntu10.18.04.3_all.deb ... Unpacking resolvconf (1.79ubuntu10.18.04.3) ... Setting up resolvconf (1.79ubuntu10.18.04.3) ... /var/lib/dpkg/info/resolvconf.config: 13: /var/lib/dpkg/info/resolvconf.config: ifquery: not found /var/lib/dpkg/info/resolvconf.config: 13: /var/lib/dpkg/info/resolvconf.config: ifquery: not found Created symlink /etc/systemd/system/sysinit.target.wants/resolvconf.service → / lib/systemd/system/resolvconf.service. Created symlink /etc/systemd/system/systemd-resolved.service.wants/resolvconf-p ull-resolved.path → /lib/systemd/system/resolvconf-pull-resolved.path. resolvconf-pull-resolved.service is a disabled or a static unit, not starting i t. resolvconf-pull-resolved.service is a disabled or a static unit, not starting i t. Processing triggers for systemd (237-3ubuntu10.51) ... Processing triggers for man-db (2.8.3-2ubuntu0.1) ... Processing triggers for ureadahead (0.100.0-21) ... Processing triggers for resolvconf (1.79ubuntu10.18.04.3) ...

sudo systemctl status resolvconf.service

● resolvconf.service - Nameserver information manager Loaded: loaded (/lib/systemd/system/resolvconf.service; enabled; vendor pres Active: inactive (dead) Docs: man:resolvconf(8)

sudo systemctl start resolvconf.service sudo systemctl enable resolvconf.service

Synchronizing state of resolvconf.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable resolvconf

sudo systemctl status resolvconf.service

● resolvconf.service - Nameserver information manager Loaded: loaded (/lib/systemd/system/resolvconf.service; enabled; vendor pres Active: active (exited) since Mon 2021-09-13 18:45:15 UTC; 16s ago Docs: man:resolvconf(8) Main PID: 11851 (code=exited, status=0/SUCCESS) Tasks: 0 (limit: 4915) CGroup: /system.slice/resolvconf.service Sep 13 18:45:15 ubuntu-openstack systemd[1]: Starting Nameserver information ma Sep 13 18:45:15 ubuntu-openstack systemd[1]: Started Nameserver information man

sudo vi /etc/resolvconf/resolv.conf.d/head

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # 127.0.0.53 is the systemd-resolved stub resolver. # run "systemd-resolve --status" to see details about the actual nameservers. nameserver 192.168.56.149 nameserver 1.1.1.1 nameserver 1.0.0.1 nameserver 8.8.8.8 nameserver 8.8.4.4

192.168.56.149 - это мой локальный DNS сервер на основе bind. Вам его указывать нужно только если вы полностью повторили мой урок про DNS сервер в CentOS.

8.8.8.8; 8.8.4.4; - это публичные DNS сервера Google

1.1.1.1; 1.0.0.1; - это публичные DNS сервера Cloudflare

Порядок перечисления не имеет значения - будет использоваться тот, от которого быстрее отклик.

sudo systemctl restart resolvconf.service
cat /etc/resolv.conf

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # 127.0.0.53 is the systemd-resolved stub resolver. # run "systemd-resolve --status" to see details about the actual nameservers. nameserver 192.168.56.149 nameserver 1.1.1.1 nameserver 1.0.0.1 nameserver 8.8.8.8 nameserver 8.8.4.4 nameserver 127.0.0.53 search home options edns0

systemd-resolved

systemd-resolved status

sudo systemctl status systemd-resolved.service

● systemd-resolved.service - Network Name Resolution Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service; enabled; preset: enabled) Active: active (running) since Thu 2024-09-19 11:48:30 UTC; 2h 8min ago Docs: man:systemd-resolved.service(8) man:org.freedesktop.resolve1(5) https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients Main PID: 589 (systemd-resolve) Status: "Processing requests..." Tasks: 1 (limit: 9445) Memory: 7.1M (peak: 7.6M) CPU: 1.684s CGroup: /system.slice/systemd-resolved.service └─589 /usr/lib/systemd/systemd-resolved Sep 19 11:48:27 ubuntuserver systemd[1]: Starting systemd-resolved.service - Network Name Resolution... Sep 19 11:48:28 ubuntuserver systemd-resolved[589]: Positive Trust Anchors: Sep 19 11:48:28 ubuntuserver systemd-resolved[589]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d Sep 19 11:48:28 ubuntuserver systemd-resolved[589]: Negative trust anchors: home.arpa 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.> Sep 19 11:48:30 ubuntuserver systemd-resolved[589]: Using system hostname 'ubuntuserver'. Sep 19 11:48:30 ubuntuserver systemd[1]: Started systemd-resolved.service - Network Name Resolution.

Или

sudo service systemd-resolved status

● systemd-resolved.service - Network Name Resolution Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service; enabled; preset: enabled) Active: active (running) since Thu 2024-09-19 14:07:50 UTC; 18min ago Docs: man:systemd-resolved.service(8) man:org.freedesktop.resolve1(5) https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients Main PID: 1518 (systemd-resolve) Status: "Processing requests..." Tasks: 1 (limit: 9445) Memory: 2.6M (peak: 3.1M) CPU: 136ms CGroup: /system.slice/systemd-resolved.service └─1518 /usr/lib/systemd/systemd-resolved Sep 19 14:07:50 ubuntuserver systemd[1]: Starting systemd-resolved.service - Network Name Resolution... Sep 19 14:07:50 ubuntuserver systemd-resolved[1518]: Positive Trust Anchors: Sep 19 14:07:50 ubuntuserver systemd-resolved[1518]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d Sep 19 14:07:50 ubuntuserver systemd-resolved[1518]: Negative trust anchors: home.arpa 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172> Sep 19 14:07:50 ubuntuserver systemd-resolved[1518]: Using system hostname 'ubuntuserver'. Sep 19 14:07:50 ubuntuserver systemd[1]: Started systemd-resolved.service - Network Name Resolution.

resolvectl

С помощью команд resolvectl и resolvectl dns можно понять прописан ли DNS и какие используются сервера

resolvectl

Если DNS не прописан, то будет примерно такой результат

Global Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported resolv.conf mode: stub Link 2 (enp0s3) Current Scopes: none Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported Link 3 (enp0s8) Current Scopes: none Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

resolvectl dns

Global: Link 2 (enp0s3): Link 3 (enp0s8):

resolvectl

Если DNS прописан, то будет примерно такой результат

Global Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported resolv.conf mode: stub Link 2 (enp0s3) Current Scopes: none Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported Link 3 (enp0s8) Current Scopes: DNS Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported Current DNS Server: 10.150.180.147 DNS Servers: 10.150.180.147 10.150.210.10 10.150.210.11 DNS Domain: accdom.for.int

resolvectl dns

Global: Link 2 (enp0s3): Link 3 (enp0s8): 10.150.180.147 10.150.210.10 10.150.210.11

Global

Если нужно добавить DNS в Global то это можно сделать двумя способами

sudo vi /etc/systemd/resolved.conf.d/dns_servers.conf

[Resolve] DNS=8.8.8.8 1.1.1.1

sudoedit /etc/systemd/resolved.conf

# This file is part of systemd. # # systemd is free software; you can redistribute it and/or modify it under the # terms of the GNU Lesser General Public License as published by the Free # Software Foundation; either version 2.1 of the License, or (at your option) # any later version. # # Entries in this file show the compile time defaults. Local configuration # should be created by either modifying this file (or a copy of it placed in # /etc/ if the original file is shipped in /usr/), or by creating "drop-ins" in # the /etc/systemd/resolved.conf.d/ directory. The latter is generally # recommended. Defaults can be restored by simply deleting the main # configuration file and all drop-ins located in /etc/. # # Use 'systemd-analyze cat-config systemd/resolved.conf' to display the full config. # # See resolved.conf(5) for details. [Resolve] # Some examples of DNS servers which may be used for DNS= and FallbackDNS=: # Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com # Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google # Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net DNS=8.8.4.4 #FallbackDNS= #Domains= #DNSSEC=no #DNSOverTLS=no #MulticastDNS=no #LLMNR=no #Cache=no-negative #CacheFromLocalhost=no #DNSStubListener=yes #DNSStubListenerExtra= #ReadEtcHosts=yes #ResolveUnicastSingleLabel=no #StaleRetentionSec=0

resolvectl dns

Global: 8.8.4.4 8.8.8.8 1.1.1.1 Link 2 (enp0s3): Link 3 (enp0s8):