Find out the DNS server for a DHCP connection in Linux

Question

I know they're defined in /etc/resolv.conf, but what if it's not there? And more specifically, how do you find the DNS server returned by DHCP?

In GNOME you can use the NetworkManager applet to see the primary DNS for any connection, so how would you do the same from the command line?

score 24 · Accepted Answer · edited Oct 25 '13 at 12:21

24

Usually dhclient.leases file is located at /var/lib/dhcp3/dhclient.leases, type the following command:

less /var/lib/dhcp3/dhclient.leases

OR

cat /var/lib/dhcp3/dhclient.leases

OR

You can just use grep command to get DHCP server address, enter:

grep dhcp-server-identifier /var/lib/dhcp3/dhclient.leases

OR

dhclient eth0

edited Oct 25 '13 at 12:21

user

105
1
1
6

answered Sep 17 '09 at 17:33

KPWINC

11,274
3
36
44

Great, thanks! In case anybody looks for this, the IPCop file is found on /var/ipcop/dhcpc/dhcpcd-*.info – Ivan Sep 17 '09 at 18:56
This is specific of one DHCP client but there are others (such as pump). – bortzmeyer Sep 18 '09 at 07:06
1

I ran `ps aux | grep dhclient` and found that my leases file was set to `/var/run/dhclient.eth0.leases` with the `-lf` option. – Roger Dueck May 05 '15 at 20:22

score 9 · Answer 2 · answered Aug 13 '12 at 18:15

9

I recently had this problem where my dhcpcd was misconfigured as was not setting DNS servers. I found out that I can query which nameservers are available by DHCP with the following command:

sudo dhcpcd -o domain_name_servers -T

The command will output a bunch of network connection information. Look for the line beginning with new_domain_name_servers.

From here I was able to manually set the nameservers.

answered Aug 13 '12 at 18:15

Russell O'Connor

191
1
1

2

Perfect. This should be the accepted answer, hehe. – drumfire Jun 03 '15 at 00:37
1

This was also the solution that worked for me. – Vidia Aug 20 '18 at 10:05
why `-o` switch is necessary if it dumps all the same options with `-T` alone? – Sep 17 '18 at 13:33

score 7 · Answer 3 · answered Dec 12 '19 at 23:54

One more solution to query the DHCP server:

sudo nmap --script broadcast-dhcp-discover

The output tells you the name server offered by the DHCP server:

Starting Nmap 7.60 ( https://nmap.org ) at 2019-12-12 23:50 UTC
Pre-scan script results:
| broadcast-dhcp-discover: 
|   Response 1 of 1: 
|     IP Offered: 144.123.211.44
|     DHCP Message Type: DHCPOFFER
|     Server Identifier: 144.123.99.200
|     IP Address Lease Time: 5m00s
|     Subnet Mask: 255.255.0.0
|     Router: 144.123.99.200
|     Domain Name Server: 144.123.99.200
|_    Domain Name: localdomain

score 3 · Answer 4 · answered Dec 09 '11 at 08:59

3

I found my DHCP lease info at /var/lib/dhclient/dhclient-eth0.leases in case anyone can't find it at /var/lib/dhcp3/dhclient.leases

answered Dec 09 '11 at 08:59

Darryl Hein

1,662
2
19
21

score 2 · Answer 5 · answered Sep 17 '09 at 17:35

2

well, why not simply dig that?

marcus@marcus ~ $ dig google.de

; <<>> DiG 9.4.3-P3 <<>> google.de
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27579
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 6, ADDITIONAL: 0

;; QUESTION SECTION:
;google.de.         IN  A

;; ANSWER SECTION:
google.de.      1785    IN  A   209.85.229.104
google.de.      1785    IN  A   216.239.59.104
google.de.      1785    IN  A   74.125.77.104

;; AUTHORITY SECTION:
de.         23431   IN  NS  L.DE.NET.
de.         23431   IN  NS  Z.NIC.de.
de.         23431   IN  NS  F.NIC.de.
de.         23431   IN  NS  C.DE.NET.
de.         23431   IN  NS  S.DE.NET.
de.         23431   IN  NS  A.NIC.de.

;; Query time: 1 msec
;; SERVER: 192.168.1.15#53(192.168.1.15)
;; WHEN: Thu Sep 17 19:33:39 2009
;; MSG SIZE  rcvd: 181

look at the last lines: ;; SERVER: 192.168.1.15#53(192.168.1.15)

answered Sep 17 '09 at 17:35

Marcus Spiegel

187
5

I was thinking the same thing originally, but I don't that that would show ALL of the assigned DNS servers, would it? I think dig only returns the one it used for that particular lookup. On second look, the poster didn't specify so if he's happy with it then your answer is definitely the easiest. :-) – KPWINC Sep 17 '09 at 17:40
yes you are right output only shows up the dns used by that query... so you can see what __is__ really happening. I found your solution fine to figure out what __should__ happen, thy for that :-) – Marcus Spiegel Sep 17 '09 at 17:45
That wasn't exactly what I was looking for, but thanks anyway. – Ivan Sep 17 '09 at 18:57
1

When no DNS server responds, dig doesn't show any useful info, is it possible to make it spit out the DNS servers it tried to ask? – Ivan Sep 17 '09 at 18:58
So after RingTFM, I see it just uses whatever is on /etc/resolv.conf – Ivan Sep 17 '09 at 19:07

score 1 · Answer 6 · answered Dec 09 '20 at 10:25

If you are using NetworkManager, to get ipv4 DNS servers for YourConnectionName connection, you can use something like

nmcli -g IP4.DNS connection show YourConnectionName

Use nmcli connection show YourConnectionName to get all possible options and values.

mario.q59 · Answer 7 · 2014-11-27T18:45:41.033

1

this command show the DNS server on your net

dig | grep SERVER: | awk -F# '{ print $1 }' | awk -F: '{ print $2 }'

172.17.0.1

edited Nov 27 '14 at 18:45

answered Nov 27 '14 at 18:39

mario.q59

11
2

This does answer the question. In fact it is less reliable than the approach the OP mentions in the question, which is simply to read it from `/etc/resolv.conf`. After all dig is going to read from `/etc/resolv.conf` as well and then (try to) communicate with the server before producing any output. – kasperd Nov 27 '14 at 19:14

score 1 · Answer 8 · answered Sep 23 '09 at 05:58

If there is nothing in /etc/resolv.conf, DNS resolution (that is, resolution using dns as defined in /etc/nsswitch.conf) will not work. This is what dig, host and the libc routines use to do DNS resolution. If there is nothing specified in this file, DNS resolution will not work (though host resolution may work via other means, if another host resolution method is configured, such as NIS (this is unlikely)).

score 0 · Answer 9 · answered Sep 18 '09 at 07:07

0

Read /etc/resolv.conf. That's all.

man resolv.conf is useful, too.

answered Sep 18 '09 at 07:07

bortzmeyer

3,903
1
20
24

except he said what to do if it's *not* there.. – warren Sep 23 '09 at 06:01
1

Yes, but I ignored this point, which makes no sense. Since the libc resolver uses resolv.conf, it has to be there. – bortzmeyer Sep 23 '09 at 07:08

junior ruby developer · Answer 10 · 2017-05-01T07:21:55.630

In modern distributions it is looks like

ps aux | grep dhcli | grep -v grep                                                    
root       367  0.0  0.0  16128  3076 ?        S    Apr30   0:00 /sbin/dhclient -d -q -sf /usr/lib/NetworkManager/nm-dhcp-helper -pf /var/run/dhclient-enp3s0.pid -lf /var/lib/NetworkManager/dhclient-324caec3-58f9-3f00-bff4-2f8bd7d2aafa-enp3s0.lease -cf /var/lib/NetworkManager/dhclient-enp3s0.conf enp3s0


tail -16 /var/lib/NetworkManager/dhclient-324caec3-58f9-3f00-bff4-2f8bd7d2aafa-enp3s0.lease
lease {
  interface "enp3s0";
  fixed-address 10.191.104.3;
  option subnet-mask 255.255.255.0;
  option routers 10.191.104.254;
  option dhcp-lease-time 86400;
  option dhcp-message-type 5;
  option domain-name-servers 91.193.220.3,91.193.220.7;
  option dhcp-server-identifier 91.193.220.3;
  option ntp-servers 91.193.220.6;
  option broadcast-address 10.191.104.255;
  option domain-name "myISP.ru";
  renew 1 2017/05/01 12:56:02;
  rebind 2 2017/05/02 00:27:11;
  expire 2 2017/05/02 03:27:11;
}

where 91.193.220.7 is my ISP's DNS server

nslookup serverfault.com 91.193.220.7
Server:     91.193.220.7
Address:    91.193.220.7#53

Non-authoritative answer:
Name:   serverfault.com
Address: 151.101.1.69
Name:   serverfault.com
Address: 151.101.65.69
Name:   serverfault.com
Address: 151.101.193.69
Name:   serverfault.com
Address: 151.101.129.69

Find out the DNS server for a DHCP connection in Linux

10 Answers10