Understanding DNS Configuration and Fundamentals in Linux

Introduction
DNS (Domain Name System) is the internet’s phonebook, translating human-friendly domain names (e.g., google.com) into machine-readable IP addresses (e.g., 142.250.66.110). In Linux, configuring DNS correctly ensures reliable internet access and network communication. This guide explains DNS fundamentals and practical setup steps.

1. DNS Basic Principles

a. Hierarchy

DNS operates in a hierarchical tree structure:

• Root DNS (.): Top-level (managed by organizations like ICANN).
• Top-Level Domains (TLDs): .com, .org, .net, or country codes like .kr.
• Authoritative Name Servers: Store DNS records for specific domains (e.g., ns1.google.com).
• Recursive Resolvers: Intermediate servers (like your ISP’s or Cloudflare’s 1.1.1.1) that fetch DNS data.

b. Resolution Process

When you visit example.com:

1. Your device queries a recursive resolver.
2. The resolver starts at the root server, then the TLD server (.com), and finally the authoritative server for example.com.
3. The IP address is returned and cached locally.

2. Key Configuration Files in Linux

a. /etc/resolv.conf

Defines DNS servers for name resolution. Temporary (often auto-generated):

nameserver 8.8.8.8      # Google DNS  
nameserver 1.1.1.1      # Cloudflare DNS  

⚠️ Note: This file may be overwritten by network services (e.g., systemd-resolved).

b. /etc/hosts

Static mappings bypassing DNS. Edit with sudo nano /etc/hosts:

192.168.1.10  my-server.local  

Useful for testing or blocking sites.

c. systemd-resolved (Modern Systems)

Manages DNS dynamically. Check status:

systemctl status systemd-resolved  

• Config file: /etc/systemd/resolved.conf
• Cache: Query with resolvectl query example.com

3. Configuring DNS Permanently

a. Using Netplan (Ubuntu)

Edit /etc/netplan/01-netcfg.yaml:

network:  
  ethernets:  
    eth0:  
      dhcp4: true  
      nameservers:  
        addresses: [8.8.8.8, 8.8.4.4]  
  version: 2  

Apply: sudo netplan apply.

b. Using NetworkManager (GUI/CLI)

• GUI: Settings → Network → ⚙️ → IPv4/IPv6 → Set DNS.
• CLI:

  nmcli con mod eth0 ipv4.dns "8.8.8.8 1.1.1.1"  
  nmcli con up eth0  

4. Testing DNS Functionality

a. Tools

• dig (Detailed DNS queries):

  dig example.com +short  # Returns IP  

• nslookup (Legacy tool):

  nslookup example.com  

• ping (Connectivity check):

  ping -c 4 google.com  

b. Check DNS Resolution Order

Linux resolves names in this order:

1. /etc/hosts
2. DNS servers from /etc/resolv.conf
   Verify:

   systemd-resolve --status    # For systemd systems  
   cat /etc/nsswitch.conf      # Look for "hosts: files dns"  

5. Best Practices & Security

• Use Trusted DNS Providers:
  • Google (8.8.8.8), Cloudflare (1.1.1.1), or Quad9 (9.9.9.9).
• DNSSEC: Enable DNS Security Extensions (validates responses) in /etc/systemd/resolved.conf:

  DNSSEC=yes  

• Avoid Public Wi-Fi DNS Hijacking: Use DNS-over-HTTPS (DoH) tools like dnscrypt-proxy.

Conclusion
Mastering DNS in Linux involves understanding hierarchical resolution, editing key configuration files (/etc/resolv.conf, /etc/hosts), and using modern tools like systemd-resolved or Netplan. Test configurations with dig/nslookup, and prioritize security with DNSSEC or encrypted DNS. Proper DNS setup ensures fast, secure, and reliable network access.

Final Tip: Always verify changes with systemd-resolve --status or cat /etc/resolv.conf after reconnecting networks!