enforce the DNS search order in dnsmasq manged by network-manager?

0

I have some DN which does not have entry in DNS server x.x.x.x can only be resolved by server y.y.y.y and some DN will be wrong in y.y.y.y but correct in x.x.x.x. In traditional linux I just put 2 lines in /etc/resolv.conf.

x.x.x.x
y.y.y.y

In this way, program will first send request to x.x.x.x. If it does not have that entry it will fall back to y.y.y.y. Thus everything will be fine.

The modern linux distro normally use dnsmasq. I can still give multiple DNS server by network manager. nmcli dev list iface eth0 show this:

IP4.DNS[1]:                             x.x.x.x
IP4.DNS[2]:                             y.y.y.y

However, the DNS lookup does not follow the order I give. Since the y.y.y.y is a local server it always response faster, dnsmasq always use response from y.y.y.y and never use response from x.x.x.x. Is there anyway that I can enfore the lookup order in dnsmasq?

I am aware I could do something like strict-order in dnsmasq.conf. However, in ubuntu 14.04 there is no such file and the resolv.conf is automatically generated.

[update]

I add "strict-order" to /etc/NetworkManager/dnsmasq.d/dnsorder.conf. Restart the network and networkmanager, it has no effect so far. the dnsmasq command run by networkmnager is like this:

/usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts --bind-interfaces --pid-file=/run/sendsigs.omit.d/network-manager.dnsmasq.pid --listen-address=127.0.1.1 --conf-file=/var/run/NetworkManager/dnsmasq.conf --cache-size=0 --proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq –conf-dir=/etc/NetworkManager/dnsmasq.d

/var/run/NetworkManager/dnsmasq.conf is empty. No resolv.conf find in /etc/NetworkManager.

Wang

Posted 2017-05-08T12:37:32.483

Reputation: 465

Answers

0

In my opinion this is the wrong way of thinking. While the libc is somewhat limited to sequential attempts to use DNS servers, the global DNS server list should contain entries that are all equal and the behavior of dnsmasq is perfectly correct.

If you want to configure certain DNS subtrees to be handled by different DNS servers as an exception to the root tree, you should do just that.

As far as I know you can configure NetworkManager-provided dnsmasq instances in /etc/NetworkManager/dnsmasq.d/ which is already covered by answers to other questions.

Also dnsmasq is not the only option for a modern distribution. You can still use the good old /etc/resolv.conf libc configuration file in all distributions featuring NetworkManager including your Ubuntu. Or you can use Unbound on some distributions. There are all sorts of ways to approach local DNS configuration on modern distributions.

Pavel Šimerda

Posted 2017-05-08T12:37:32.483

Reputation: 712

1networkmanager is very flexible so I'd like to use it. dnsmasq can cache the lookup entries that can make my network much faster, so I also would like to use it. I just need the networkmanager managed dnsmasq take the strict-order option. So far I still cannot find any working solution based on dnsmasq.d. If you can share more details and point me to a right direction I shall accept your answer. – Wang – 2017-05-08T14:28:39.607

Asked: 2017-05-08T12:37:32.483

Viewed: 956 times

Active: 2017-05-08T14:30:50.040