Comprehensive Guide to Diagnosing DNS Issues on Linux

If you’re experiencing DNS resolution issues on a Linux system, there are several steps you can take to diagnose and check your upstream DNS resolver. Here’s a step-by-step guide:

1. Check the Resolver Configuration File

Your DNS resolver settings are typically found in the /etc/resolv.conf file. This file lists the DNS servers your system is using.

To check the file, you can use a command like cat:

cat /etc/resolv.conf

You should see output similar to this, which shows the DNS servers your system is using:

nameserver 8.8.8.8
nameserver 8.8.4.4

2. Test DNS Resolution

To test if your DNS is working, you can use the dig or nslookup commands followed by a domain name.

For dig:

dig bigbeartechworld.com

For nslookup:

nslookup bigbeartechworld.com

If these commands return an IP address, then your DNS is working.

3. Query Specific DNS Servers

You can also test querying specific DNS servers to rule out issues with your default resolver.

For example, to query Google’s public DNS for the IP of google.com:

dig @8.8.8.8 google.com

4. Check for Firewall or Network Issues

Sometimes, DNS issues can be caused by a firewall or network configuration that blocks DNS queries. You can check if you can reach the DNS server with ping:

ping -c 3 8.8.8.8

Replace 8.8.8.8 with the DNS server you want to check.

5. Check Systemd-resolved Service

If you’re using systemd-resolved, which is common in newer distributions, you can check its status with:

systemctl status systemd-resolved

6. Use the resolvectl or systemd-resolve Commands

resolvectl (or systemd-resolve on older systems) is a utility for service and network configuration. To check the status of the DNS servers, use:

resolvectl status

This will show detailed information about the DNS servers and their reachability.

7. Check Network Manager

If you’re using Network Manager, it might be managing your DNS settings. You can check the settings with:

nmcli device show

Look for the IP4.DNS and IP6.DNS entries.

8. Look at Logs

Sometimes, the logs can provide hints as to what’s going wrong with DNS. To check the logs, you can use:

journalctl -u systemd-resolved

Replace systemd-resolved with the name of your DNS service if different.

9. Flush DNS Cache

If you think the issue might be related to caching, you can flush the DNS cache:

For systemd-resolved:

resolvectl flush-caches

10. Restart Networking Services

As a last resort, sometimes restarting the networking services can help:

sudo systemctl restart NetworkManager

Or, if you’re not using Network Manager:

sudo systemctl restart networking

If you have systemd-resolved running:

sudo systemctl restart systemd-resolved

11. Use NetworkManager to Change DNS Settings

When using NetworkManager, changes made directly to /etc/resolv.conf may be overwritten. To make persistent DNS changes with NetworkManager:

a) List available connections:

nmcli connection show

b) Modify the DNS servers for a specific connection:

sudo nmcli connection modify <connection-name> ipv4.dns "8.8.8.8 8.8.4.4"

Replace <connection-name> with the name of your connection and the IP addresses with your preferred DNS servers.

c) For IPv6, use:

sudo nmcli connection modify <connection-name> ipv6.dns "2001:4860:4860::8888 2001:4860:4860::8844"

d) To set the connection to automatically receive DNS servers from DHCP:

sudo nmcli connection modify <connection-name> ipv4.ignore-auto-dns no

e) To use only manually set DNS servers:

sudo nmcli connection modify <connection-name> ipv4.ignore-auto-dns yes

f) After making changes, apply them by bringing the connection down and up:

sudo nmcli connection down <connection-name>
sudo nmcli connection up <connection-name>

g) Verify the changes:

nmcli connection show <connection-name> | grep dns

These steps ensure that your DNS changes persist even after reboots or network restarts when using NetworkManager. This approach is generally more reliable than directly editing /etc/resolv.conf on systems that use NetworkManager.

After performing these checks and actions, you should be able to identify if there’s an issue with your upstream DNS resolver or elsewhere in your system’s DNS configuration. If problems persist, it might be necessary to look at wider network issues or consult with your ISP or network administrator.