Why dig reports the dns server as 127.0.0.1 when I’m using a external DNS

dnsdnsmasq

I use unbound and usually use openDNS as my DNS server.

When I run dig google.com say I get SERVER: 127.0.0.1#53(127.0.0.1). What exactly is this thing listening on port #53? is this unbound or is it something to do with dnsmasq (do I even have dnsmasq installed as dnsmasq.conf doesn't seem to be in /etc?)

In resolv.conf there is nameserver 127.0.0.1 but then in network manager I have the DNS servers pointed to the two openDNS addresses. So what is going on here? does the local nameserver point to dnsmasq which then uses the values from network manager? or is it unbound that is in fact listening?

Best Answer

By default, NetworkManager uses Dnsmasq as a DNS resolver, if it's installed. Which is the default on Debian based systems, so Dnsmasq runs in a default configuration where it only resolves names based on the upstream servers specified by command line options (plus the contents of /etc/hosts). You have no /etc/dnsmasq.conf because that file is only present in the optional package dnsmasq.

To see whether your system is currently using Dnsmasq or Unbound for DNS queries, run netstat -ulnp | grep ":53 ".

In Ubuntu 12.04, NetworkManager doesn't play well with other DNS resolvers (see bug 959037 — Thomas Hood's summary pretty much covers it all). To keep running Unbound together with NetworkManager, your best bet is to tell NetworkManager not to run Dnsmasq (you don't need it in addition to Unbound, not unless you're using features of Dnsmasq that NetworkManager doesn't use). To do that:

Edit /etc/NetworkManager/NetworkManager.conf to comment out the line containing dns=dnsmasq (add a # at the beginning of that line).
Restart NetworkManager with service network-manager restart.

Related Solutions

Debian – set the Debian box to use OpenDNS nameservers if it uses DHCP

This site suggests you can put

option domain-name-servers x.y.z.1 x.y.z.2

into dhclient.conf. This will prevent dhclient from clobbering resolve.conf with your dhcp provided nameservers.

Personally I take the route you mention and tell my dhcp server on the router to provide the nameservers I want that way all of my machines get the benefit and not just one server.

How to make dnsmasq obey the order of servers in resolv.conf

You want to un-comment "strict-order" in /etc/dnsmasq.con, as near as I can tell.

# By  default,  dnsmasq  will  send queries to any of the upstream
# servers it knows about and tries to favour servers to are  known
# to  be  up.  Uncommenting this forces dnsmasq to try each query
# with  each  server  strictly  in  the  order  they   appear   in
# /etc/resolv.conf
#strict-order

I'm not sure if dnsmasq ever re-reads its config file or not. You may have to stop/restart dnsmasq.

Best Answer

Related Solutions

Debian – set the Debian box to use OpenDNS nameservers if it uses DHCP

How to make dnsmasq obey the order of servers in resolv.conf

Related Question