Name resolution with unqualified names
Paul Smith
paul at mad-scientist.net
Mon Nov 27 21:30:36 UTC 2017
On Mon, 2017-11-27 at 12:57 -0800, Kevin O'Gorman wrote:
> So why do just two of them have 127.0.1.1 listed as its name
> resolver, and the others list the IP of the router?
>
> Come to that, how does it work for camelot's /etc/resolv.conf
> (actually linked to /run/resolveconf/resolv.conf) list 127.0.1.1 as
> its resolver
I haven't followed closely the differences between your systems that
would lead to different behaviors.
But, I can explain the above configuration.
In the old days when life was simple, network connections were static,
and a DNS server was forever, you could just put the upstream IP
address of your favorite DNS server into /etc/resolv.conf and call it a
day.
These days, where you have wireless devices that roam, VPNs with
private domains, virtual machines, etc. configuring name resolution is
a morass of different requirements and capabilities, and a simple IP
address (or four) in your /etc/resolv.conf very often simply can't get
the job done.
So, systems started providing dnsmasq which is a super-cool,
lightweight DNS caching server. It can run on your system and be
configured to handle all the fancy bits above: for example, deal with
virtual machines running locally, send DNS requests for VPN private
domains to one DNS server and DNS requests for google.com etc. to
another DNS server (for split tunneling), etc.
In order to use dnsmasq, you put 127.0.1.1 or 127.0.0.1 or whatever as
your DNS IP address, then the resolver library (in libc) will connect
to the DNS port on your local host, which is... your dnsmasq
service! Network Manager will configure all the things for you, if you
want it to.
That worked great (IMO) but apparently the systemd people decided it
was all too complicated or something (I'm not sure really what the
impetus was) and created systemd-resolved which, like dnsmasq, is a
local DNS caching service. Ubuntu switched over to that instead of
dnsmasq and now many things that used to work are broken (like VPN
split tunneling short name lookup), but I suppose they'll get fixed
sooner or later.
In any event, that's why you see these IP addresses in your
/etc/resolv.conf.
For the systems where you don't see this, it means you're using the
old-school simple DNS service and not the local dnsmasq or systemd-
resolved versions. I don't know if that's because you specifically
configured it like that at some point, or those systems are using a
different distribution, or what.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20171127/be282105/attachment.html>
More information about the ubuntu-users
mailing list