Ubuntu 18.04 Server - how to check DNS IP server setting being used

Question

Working with Ubuntu 18.04 Server LTS. I am trying to find a way to check the DNS IP(s) that is actually being used when set via DHCP. The resolv.conf only will point to 127.0.0.53 now. /etc/systemd/network folder is empty. The NSLOOKUP output also always references the internal 127.0.0.53 IP. Seems all the old tricks aren't working.

The Ubuntu documentation is not updated yet as it still looks like the help for 16.04 referencing eth0, ifup and ifdown which are all deprecated on 18: https://help.ubuntu.com/lts/serverguide/network-configuration.html

I've tried setting a static adapter setup with Netplan via a custom .yaml. The settings work fine but I can't seem to find the DNS IP that I set anywhere. I expect it will be consistent between DHCP and static settings but I'm not sure where to look now.

I would settle for either a C library call or a bash CLI method at this point. Does anyone have a way to check this on 18.04 Server?

score 62 · Accepted Answer · answered May 14 '18 at 11:19

62

I found the following showed my the DNS servers by adapter towards the end of the output:

systemd-resolve --status

It contains a list under 'DNS Servers' organized by Link. I think this has changed from previous versions with Ubuntu. It will take a little text parsing work but this gives me what I'm after.

answered May 14 '18 at 11:19

Nathan Smith

1,287
2
8
15

2

This does not answer your question. Your question was not what dns server ip's where provided by dhcp. Your question was How to check the DNS server IP being used. – webmite May 16 '18 at 16:50
@webmite : I was looking for the DNS server being used, specified via a static definition or DHCP. systemd-resolve --status is the only method I have found so far that lists the current servers being referenced for DNS resolution. – Nathan Smith May 17 '18 at 13:36
If you check using the method discussed above in my answer you will find the real server being used regardless of the parameters being passed. I found that my system by default had dnsmasq activated which meant the dhcp provided dns server parameters were being ignored until I disabled it. Please verify whether dnsmasq is enabled on your system. – webmite May 17 '18 at 14:06
@webmite: I did not install NetworkManager on 18.04 server so I can't try that suggestion exactly. I am using systemd-networkd which is the default. As the solution I have gives the easily parse-able DNS IP that is what the application is now using. I assume a similar property is set somewhere as it is masking the actual IP of the DNS in the trace info. – Nathan Smith May 17 '18 at 19:32
I found a reference to dnsmasq and systemd-resolve [https://askubuntu.com/questions/907246/how-to-disable-systemd-resolved-in-ubuntu]. It mentions that attempting to disable it can break dns when connected through a vpn. And they do reference a bug-report. – webmite May 18 '18 at 00:35

score 26 · Answer 2 · answered Jun 27 '18 at 10:36

Another way is:

cat /run/systemd/resolve/resolv.conf

That file is dynamically generated by systemd-resolved, but contains the actual DNS servers instead of 127.0.0.53.

In fact, if you want make that the default for /etc/resolv.conf, you simply create symlink for it. (/etc/resolv.conf is a symlink that points to /run/systemd/resolve/stub-resolv.conf by default):

sudo mv /etc/resolv.conf /etc/resolv.conf.orig
sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

Sample /run/systemd/resolve/resolv.conf :

# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients directly to
# all known uplink DNS servers. This file lists all configured search domains.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.

nameserver 10.1.2.3
search host.domain.com

For more info:

http://manpages.ubuntu.com/manpages/bionic/man8/systemd-resolved.service.8.html

This is the Right Way^tm to set up networking if you don't want systemd messing with your DNS queries (for example, if you want the DHCP server on your router to handle DNS resolution, which most people probably want). — g33kz0r, Jan 07 '19 at 11:54

score 6 · Answer 3 · answered Nov 07 '19 at 18:43

6

You can also use:

nmcli dev show eth0

Replace eth0 with your network interface to see how it was configured. If you got the DNS address over DHCP, you should see it here.

answered Nov 07 '19 at 18:43

SePeF

317
3
7

1

Use `nmcli dev show` (without device name) if you have many interfaces and don't know which one is used for DNS queries. `nmcli dev show | grep DNS` will directly give the anwer. – Laurent Simon Feb 12 '20 at 14:00

webmite · Answer 4 · 2018-05-14T13:59:34.940

-3

I am suprised at this too. I am running Ubuntu 16.04 LTS and see something similar.

If you issue a

dig www.google.ca +trace | grep 'Received'

The first host in the response is the one doing the lookups for your server.

$ dig www.google.ca +trace | grep 'Received'
;; Received 525 bytes from 127.0.1.1#53(127.0.1.1) in 19 ms
;; Received 42 bytes from 199.7.91.13#53(d.root-servers.net) in 32 ms

This means that this box is doing it's own dns lookups directly to the root servers and following the path recursively to get my dns lookups.

Found the issue is that dnsmasq is enabled. To disable it do as follows.

edit the NetworkManager.conf file

sudo gedit /etc/NetworkManager/NetworkManager.conf

comment out the dnsmasq line

#dns=dnsmasq

restart the network-manager service

sudo /etc/init.d/network-manager restart

then verify that it is using the dns-server assigned via dhcp

$ dig www.google.ca +trace | grep 'Received'
;; Received 525 bytes from 192.168.30.1#53(192.168.30.1) in 18 ms
;; Received 42 bytes from 198.41.0.4#53(a.root-servers.net) in 32 ms

edited May 14 '18 at 13:59

answered May 11 '18 at 20:21

webmite

573
3
6

Yes, Ubuntu has had an internal listening scheme on port 53 but it is supposed to use the DNS servers issued by DHCP. With the changes it looks like it now creates a new internal loopback IP of 127.0.0.53 as well for another loopback path. Resolv.conf and other methods used to report the IP(s) being used. That is what I am looking for, the IP(s) the the DHCP has issued for the external DNS lookup. I hope someone doesn't think that a device would always have an open connection to the internet and use the top level DNS servers that it might never be able to access. – Nathan Smith May 14 '18 at 10:48
5

This does not work in Ubuntu 18.04. When you do `dig +trace`, you get `;; Received 28 bytes from 127.0.0.53#53(127.0.0.53) in 0 ms`, which is not the real DNS server. Also, in Ubuntu 18.04, `NetworkManager.conf` doesn't even have the `dns=dnsmaq` line to comment out. – wisbucky Jun 27 '18 at 08:23
1

Doesn't work like that if using systemd-resolved (which is what 127.0.0.53 is). – TJJ Nov 10 '19 at 11:05

Ubuntu 18.04 Server - how to check DNS IP server setting being used

4 Answers4