Several DNS-related programs want to automatically manage the DNS name server and resolution configuration file at /etc/resolv.conf
. In some situations, you may want to manage this file yourself. Here is how you identify which programs are automatically managing this file on your Linux distribution, and how you can take back manual control of the file.
There are quite a few different tools that fight to control a Linux system’s DNS resolution configuration file /etc/resolv.conf
including netconfig
, NetworkManager
, resolvconf
, rdnssd
, and systemd-resolved
.
Except for NetworkManager
, most of these tools are oblivious to each other’s presence which can cause DNS resolution problems. If you simply try to make changes to the file without disabling the managing program, it may overwrite your changes after a few minutes or revert them when you reboot the system.
Identifying which utility currently controls your /etc/resolv.conf
The following command will read the first few lines the resolv.conf
file, which should include a comment identifying any programs that have automatically taken over management over the file.
Some utilities don’t include a comment in the resolv.conf
file, but you can identify these programs by checking for symbolic links with the following command:
As a last resort, you can check your init system to see if any of the programs mentioned in this article are running. If you can’t identify any management programs using these methods, chances are you should be in control over the resolv.conf
file and your system’s DNS resolution.
The next sections will teach you how to disable various programs that automatically manage resolv.conf
.
Opting-out of NetworkManager
NetworkManager
is by far the most common auto-configuration tool for the entire networking stack including DNS resolution. It’s responsible for /etc/resolv.conf
on many popular Linux distributions including Debian and Fedora Linux.
After you’ve disabled all other programs that try to manage resolv.conf
, you may also discover that NetworkManager
will jump in to fill the job — as happens on Ubuntu 16.10 and later.
Set the dns
option in the main
configuration section to none
to disable DNS handling in NetworkManager. The below commands sets this option in a new conf.d/no-dns.conf
configuration file, restarts the NetworkManager service, and deletes the NetworkManager
-generated resolv.conf
file.
If you discover that NetworkManager is still managing your resolv.conf
, then you may have a configuration conflict (usually caused by dnsmasq
.) Recursively search through your NetworkManager configuration to discover any conflicts.
Refer to the last section of this article for instructions on recreating a /etc/resolv.conf
file with manual configuration
Opting-out of netconfig
You’ll encounter netconfig
on openSUSE, SUSE, and derivative distributions.
You can disable netconfig
’s handling of /etc/resolv.conf
by disabling the NETCONFIG_DNS_POLICY
option in /etc/sysconfig/network/config
to an empty string as shown below.
Afterward, you should delete the netconfig
-generated resolv.conf
file, and reboot the system.
Refer to the last section of this article for instructions on recreating a /etc/resolv.conf
file with manual configuration.
Disabling resolvconf
and rdnssd
If you installed Debian 8.0 or Ubuntu 15.04 with an active IPv6 connection and have upgraded your system, you may end up with both resolvconf
and rdnssd
fighting each other for control over resolv.conf
. Both services want to control the file, which may lead to intermittent DNS resolution outages as the two services overwrite each other’s changes every few milliseconds.
You can disable both services with the following commands. You can just go ahead and run both commands, as nothing unexpected should happen if disable an already disabled service.
You may also need to follow the instructions in the section on NetworkManager
, as it may step in automatically to handle the resolv.conf
file after you remove it.
Disabling systemd-resolved
If you’re running Ubuntu 16.10 or later, your DNS resolution will be managed by the systemd-resolved
service. You can disable this service without any further ado using the following commands.
You may also need to follow the instructions in the section on NetworkManager
, as it may step in automatically to handle the resolv.conf
file after you remove it.
Recreating /etc/resolv.conf
By this point, you shouldn’t have anything automatically creating the /etc/resolv.conf
file anymore. Please begin again from the top of this article to troubleshoot if the file still exists on your system. You now need to create a world-readable (permission 644) resolv.conf
and add some nameservers to it.
The below shows two examples that set IPv4 and IPv6 nameservers. The first example uses the free security-hardened public DNS service from Quad9, and the second example assumes there’s a DNS server like Knot Resolver or dnsmasq
running on your local device. Both examples are set up for dual-stack IPv4/6 routing for improved reliance and compatibility.
Example /etc/resolv.conf
files:
You generally don’t need to restart any network management services for the changes to take effect. However, some system services or programs may have entered a failed state while DNS resolution was disabled. Do a quick reboot to kick-start them unless you want to manually double-check that all running services and programs have recovered.
You may want to configure additional parameters for the resolv.conf
file. See the man 5 resolv.conf
manual for details on other domain resolution configuration options.