Using dnsmasq broke dig and more

Question

I am trying to set up dnsmasq as an address resolver on an Ubuntu 18.10.

So far I disabled systemd-resolved as the default resolver and brought dnsmasq in. Running netstat -tulpn shows the following:

> sudo netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      31609/dnsmasq       
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      561/sshd            
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      4614/openvpn        
tcp6       0      0 :::53                   :::*                    LISTEN      31609/dnsmasq       
tcp6       0      0 :::22                   :::*                    LISTEN      561/sshd            
udp        0      0 0.0.0.0:53              0.0.0.0:*                           31609/dnsmasq       
udp        0      0 XXX.XXX.XX.XX:YY        0.0.0.0:*                           440/systemd-network 
udp6       0      0 :::53                   :::*                                31609/dnsmasq

I think this is fine so far, as now dnsmasq is listening on port 53.

My /etc/resolv.conf looks like this:

nameserver 127.0.0.1
nameserver 127.0.1.1
nameserver 127.0.0.53

I am not sure about the second line, but I think this should be fine so far, too.

Nevertheless, when I try to run dig, ping or whatever, the connection always times out:

> dig askubuntu.com

; <<>> DiG 9.11.4-3ubuntu5-Ubuntu <<>> askubuntu.com
;; global options: +cmd
;; connection timed out; no servers could be reached

Where did I do something wrong, so I broke those functions?

heynnema · Accepted Answer · 2018-10-19T23:10:02.950

2

systemd-resolved is still running, as I see 127.0.0.53 in your /etc/resolv.conf.

If dnsmasq was running, it would show 127.0.0.1.

When you run both together, they tend to step on each others toes.

To run dnsmsaq, and to disable the DNS functionality of systemd-resolved, you need to edit /etc/systemd/resolved.conf and...

change:

#DNSStubListener=yes

to:

DNSStubListener=no

then reboot, recheck /etc/resolv.conf and you should see 127.0.0.1.

postnote: do NOT manually edit /etc/resolv.conf.

edited Oct 19 '18 at 23:10

answered Oct 19 '18 at 21:06

heynnema

70,711

Thank you very much, that seemed to work. Although I had to delete the symlink like written here and create a blank resolv.conf afterwards. Now dig and alike work again. Why shouldn't you touch the resolv.conf by hand (normally)? – flomei Oct 19 '18 at 21:35
1

@flomei first reason... it says right in the file not to manually edit it. second reason... if you do edit the file, then reboot, you'll lose all of your edits anyway. – heynnema Oct 19 '18 at 21:44
1

resolv.conf gets rewritten live, so it's not just at reboot - it might be if your wifi goes down and comes up again, or so. – pbhj Oct 19 '18 at 22:16
1

@flomei don't just create a blank /etc/resolv.conf. Recreate the proper symlink that points to /run/resolvconf/resolv.conf. – heynnema Oct 20 '18 at 13:42

Using dnsmasq broke dig and more

1 Answers1