0

Dear Linux Graybeards,

Is 127.0.0.1 a magic token for resolvconf in Ubuntu 14 LTS when using DNS settings pushed by DHCP?

I'm using Ubuntu 14.0.3 (LTS) in AWS (ami-0f8bce65) with custom DNS settings in my VPC's DHCP Options. I can push multiple DNS servers via the DHCP options in my AWS VPC to Ubuntu only if the values do not include the loopback adapter.

Pushing 127.0.0.1 as a DNS server appears to cause Ubuntu to ignore all subsequent name servers.

Working Example - Without loopback as a nameserver

For example, if I configure the DHCP options to use 8.8.8.8, 8.8.4.4, and AmazonProvidedDNS (e.g., 172.24.0.2 in my VPC), I see this in /etc/resolve.conf:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 172.24.0.2

Broken Example - With loopback as a nameserver

However, setting the DNS servers as 8.8.8.8, 127.0.0.1 and AmazonProvidedDNS results in:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 8.8.8.8
nameserver 127.0.0.1

The expected value 172.24.0.2 is missing in the second example.

AWS DHCP Behaving As Expected

I confirmed this is not an AWS issue with their DHCP server. dhcpdump confirms the DHCP server is responding with 8.8.8.8,127.0.0.1,172.24.0.2 as the DNS servers:

ubuntu@ip-172-24-0-13:~$ sudo dhcpdump -i eth0 &
[1] 1742
ubuntu@ip-172-24-0-13:~$ sudo: unable to resolve host ip-172-24-0-13
sudo dhclient -v eth0
sudo: unable to resolve host ip-172-24-0-13
Internet Systems Consortium DHCP Client 4.2.4
Copyright 2004-2012 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/eth0/0e:fa:a9:1e:38:c1
Sending on   LPF/eth0/0e:fa:a9:1e:38:c1
Sending on   Socket/fallback
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 3 (xid=0xd6248a3f)
DHCPREQUEST of 172.24.0.13 on eth0 to 255.255.255.255 port 67 (xid=0x3f8a24d6)
DHCPOFFER of 172.24.0.13 from 172.24.0.1
DHCPACK of 172.24.0.13 from 172.24.0.1
RTNETLINK answers: File exists
bound to 172.24.0.13 -- renewal in 1361 seconds.
ubuntu@ip-172-24-0-13:~$   TIME: 2015-11-18 20:38:09.837
    IP: 0.0.0.0 (e:fa:a9:1e:38:c1) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
    OP: 1 (BOOTPREQUEST)
 HTYPE: 1 (Ethernet)
  HLEN: 6
  HOPS: 0
   XID: d6248a3f
  SECS: 0
 FLAGS: 0
CIADDR: 0.0.0.0
YIADDR: 0.0.0.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: 0e:fa:a9:1e:38:c1:00:00:00:00:00:00:00:00:00:00
 SNAME: .
 FNAME: .
OPTION:  53 (  1) DHCP message type         1 (DHCPDISCOVER)
OPTION:  12 ( 14) Host name                 ip-172-24-0-13
OPTION:  55 ( 13) Parameter Request List      1 (Subnet mask)
                         28 (Broadcast address)
                          2 (Time offset)
                          3 (Routers)
                         15 (Domainname)
                          6 (DNS server)
                        119 (Domain Search)
                         12 (Host name)
                         44 (NetBIOS name server)
                         47 (NetBIOS scope)
                         26 (Interface MTU)
                        121 (Classless Static Route)
                         42 (NTP servers)

---------------------------------------------------------------------------

  TIME: 2015-11-18 20:38:09.839
    IP: 172.24.0.1 (e:56:f6:92:57:f3) > 172.24.0.13 (e:fa:a9:1e:38:c1)
    OP: 2 (BOOTPREPLY)
 HTYPE: 1 (Ethernet)
  HLEN: 6
  HOPS: 0
   XID: d6248a3f
  SECS: 0
 FLAGS: 0
CIADDR: 0.0.0.0
YIADDR: 172.24.0.13
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: 0e:fa:a9:1e:38:c1:00:00:00:00:00:00:00:00:00:00
 SNAME: .
 FNAME: .
OPTION:  53 (  1) DHCP message type         2 (DHCPOFFER)
OPTION:  54 (  4) Server identifier         172.24.0.1
OPTION:  51 (  4) IP address leasetime      3600 (60m)
OPTION:   1 (  4) Subnet mask               255.255.255.240
OPTION:  28 (  4) Broadcast address         172.24.0.15
OPTION:   3 (  4) Routers                   172.24.0.1
OPTION:   6 ( 12) DNS server                8.8.8.8,127.0.0.1,172.24.0.2
OPTION:  12 ( 14) Host name                 ip-172-24-0-13
OPTION:  26 (  2) Interface MTU             9001
---------------------------------------------------------------------------
Steve Jansen
  • 423
  • 4
  • 6
  • If you are going to use `127.0.0.1` then you really should ONLY use `127.0.0.1` and setup forwarders in your DNS server. – Zoredache Nov 18 '15 at 20:53
  • @Zoredache Agree that makes sense, but, I have a corner case for a few nodes where a local resolver/forwarder isn't possible. Technically, I should be able to specify a list of nameservers, right? If the first, `127.0.0.1`, isn't reachable, resolv should carry on to the next nameserver in the list, right? – Steve Jansen Nov 18 '15 at 21:04
  • Brilliant answer below but I *really* can't see a use case for anything other than the AWS-provided resolver inside a VPC. – Michael - sqlbot Nov 19 '15 at 01:29
  • @Michael-sqlbot Use case is running Consul.io for service discovery. Consul provides dynamic DNS, binding to the loopback adapter. The AmazonProvidedDNS is a fallback during boot before Consul is online. I also have a few 3rd party appliances running Ubuntu LTS that I can't modify to run the Consul agent, thus the corner case. – Steve Jansen Nov 19 '15 at 15:42

1 Answers1

3

Is 127.0.0.1 a magic token for resolvconf

I don't have an Ubuntu 14 system available, but it is 'magic' on most versions of resolvconf.

Specifically in the file /etc/resolvconf/update.d/libc there is a variable $TRUNCATE_NAMESERVER_LIST_AFTER_LOOPBACK_ADDRESS that if left at default, will result in the loopback superseding any other setting. If Bind, or DNSMasq is on your system and is setting the 127.0.0.1 that name server gets applied very highly in the resolvconf interface order and you almost always will have 127.0.0.1 only.

If you want to change this behavior try creating the file /etc/default/resolvconf and setting TRUNCATE_NAMESERVER_LIST_AFTER_LOOPBACK_ADDRESS=y.

Zoredache
  • 128,755
  • 40
  • 271
  • 413