Ubuntu resolv.conf, not going to next nameserver?

Question

I am using Ubuntu 10.04 Desktop, which comes by default with the "Network Manager" (which I am highly suspicious of). I am having an issue with resolving DNS zones on 2 different nameservers.

resolv.conf:

$ cat /etc/resolv.conf
#Generated by Network Manager
search example.org
nameserver 10.0.0.20 #public nameserver, contains public.example.org
nameserver 10.0.0.30 #private nameserver, contains private.example.org

And the problem. Whichever name server is listed first will resolve :

$ ping host.public.example.org
PING host.public.example.org (10.0.0.50) 56(84) bytes of data.

The one listed second will not:

$ ping host.private.example.org
ping: unknown host host.private.example.org

But it IS there:

$ dig @10.0.0.30 host.private.example.org
...
;; ANSWER SECTION:
host.private.example.org.   3600    IN  A   10.0.0.60
...

If I reverse the order of nameservers in /etc/resolv.conf, host.private will then be accessible and host.public will not. Why? From resolv.conf man page:

If there are multiple servers, the resolver library queries them in the order listed.

It isn't just ping that has problems, I noticed this when Thunderbird couldn't get mail because the mail server's DNS record is in the 2nd server listed. Shouldn't what I'm trying to do here work?

score 15 · Accepted Answer · answered Aug 20 '10 at 20:56

Ahhhh....it doesn't really work that way. As long as the first nameserver is running and active all bind requests will go to it. The only way that you get to the second nameserver is if the previous nameserver in the list has died and after a LONG timeout.

To fix your problem, I'm guessing that you might have to build a local caching DNS server configuration and direct the nameservers for the two zones to the two different servers. Your resolver configuration would be then set to use the IP of the host.

score 9 · Answer 2 · answered Oct 09 '14 at 18:12

This tip shows you how to improve DNS lookups by using multiple nameservers. This is useful if you've ever had your primary DNS server become unreachable for any reason.

Nameservers are listed in /etc/resolv.conf, one per line.

Code Listing 1: Example /etc/resolv.conf

nameserver 192.168.1.1

nameserver 10.0.0.1

To improve DNS lookups, add multiple DNS servers (preferably on different subnets) and the following options to /etc/resolv.conf:

Code Listing 2: /etc/resolv.conf options

options rotate

options timeout:1

This will use both nameserver in rotation and wait max. 1 second for answer before trying the next one.

score 0 · Answer 3 · answered Aug 21 '10 at 15:00

The public name server should respond that private address doesn't exit. If it is first and running you will get the public answer. List the private server first. The public server should only be used as a fallback.

A solution on the nameserver side is to use a split configuation. This would serve up the private data on the private network, and provide only the public data on the public side. The public server should only offer referrals (google.com, etc.) on the private network.

Ubuntu resolv.conf, not going to next nameserver?

3 Answers3