Home >Industrial IoT>Industrial IoT
Overview of DNS Resolution

What is DNS?

DNS (Domain Name System) is a system that translates domain names into IP addresses.

In a nutshell, the function of the DNS resolution service is to convert domain names into IP addresses.

The DNS resolution process involves the following roles:

  • The domain name to be resolved

  • The DNS client

  • The DNS server

  • The IP address corresponding to the domain name

The DNS resolution process generally follows these steps:

  1. The user uses a domain name in an application.

  2. The application calls the DNS client to request domain resolution.

  3. The DNS client sends the domain name to the DNS server for resolution (if the local cache contains the resolution, no further request is made).

  4. The DNS server returns the resolved IP address to the client (the server may cache DNS resolution results to avoid redundant queries).

  5. The application uses the IP address corresponding to the domain name (the client may cache the DNS resolution result for faster responses).

Windows and Linux systems both have commonly used DNS resolution services, such as the DNS Client in Windows and systemd-resolved, BIND, etc., in Linux. Among these, systemd-resolved is the default and most commonly used DNS resolution service in modern Linux distributions (based on systemd). In this article, we will discuss the systemd-resolved DNS resolution service

Common Commands for systemd-resolved

checking the Current Status of systemd-resolved

systemctl status systemd-resolved

This service is enabled by default on systemd-based systems. You can also use the status field to start or stop the service by replacing it with start or stop. Since this article primarily focuses on systemd-resolved, detailed explanations of systemctl commands are not included.

 Checking Statistics for systemd-resolved

systemd-resolve --statistics

This command shows statistics such as cache hit rates, cache size, and DNSSEC validation status.

Checking Current DNS Configuration

resolvectl status

or

systemd-resolve --status  # For older versions

Clearing DNS Cache

systemd-resolve --flush-caches

Systemd-resolved caches DNS results in memory, but does not persist them. If the cache grows too large, this command clears the local cache.

Manual Domain Resolution Test

systemd-resolve www.xxx.com

This command allows you to manually test domain resolution. The output shows the resolved IP address and resolution time.

Temporarily Configuring a DNS Server for a Specific Interface

resolvectl dns eth0 8.8.8.8

This sets a DNS server for the specified interface (e.g., eth0). This configuration is temporary and will be lost after a reboot. To make it permanent, you need to modify the /etc/systemd/resolved.conf file or related configuration files

Configuration Files for systemd-resolved

 /etc/resolv.conf Configuration File

/etc/resolv.conf is the primary DNS configuration file. When systemd-resolved performs DNS resolution, it reads this file to get the DNS server IP addresses and proceeds with the resolution.

Since /etc/resolv.conf is often dynamically generated, it is crucial to understand that it is managed by various components to configure DNS resolution.

For temporary DNS server configuration, you can directly edit this file and add the DNS server IPs:

nameserver 114.114.114.114nameserver 8.8.8.8

However, these changes are not persistent because /etc/resolv.conf is usually a symbolic link and dynamically generated. For example:

lrwxrwxrwx 1 root root 37 Dec 5 14:24 /etc/resolv.conf -> /run/systemd/resolve/stub-resolv.conf

The file points to /run/systemd/resolve/stub-resolv.conf, which will be explained later.

/etc/systemd/resolved.conf Configuration File

/etc/systemd/resolved.conf is the main configuration file for systemd-resolved, used for setting DNS servers, DNS resolution policies, and more. After modifying this file, you must restart the systemd-resolved service for changes to take effect.

Example configuration:

[Resolve]DNS=8.8.8.8 8.8.4.4          # List of DNS serversFallbackDNS=114.114.114.114   # Fallback DNS when primary DNS is unavailableDomains=example.com           # Domain search listLLMNR=no                      # LLMNR (Link-Local Multicast Name Resolution) settingDNSSEC=no                     # DNSSEC (DNS Security Extensions) settingCache=yes                     # Enable DNS caching

 /run/systemd/resolve/stub-resolv.conf and /run/systemd/resolve/resolv.conf Files

As mentioned in section 3.1, /etc/resolv.conf is a symlink that points to either /run/systemd/resolve/stub-resolv.conf or /run/systemd/resolve/resolv.conf. These two files are directly managed and generated by systemd-resolved.

  • /run/systemd/resolve/resolv.conf: Generated by systemd-resolved based on the settings in /etc/systemd/resolved.conf. It specifies the DNS servers for connecting local clients directly to the DNS servers.

Example content:

# This file is managed by systemd-resolved. Do not edit.nameserver 8.8.8.8nameserver 8.8.4.4search example.com
  • /run/systemd/resolve/stub-resolv.conf: This file configures a DNS stub resolver for systemd-resolved. In this case, applications do not communicate directly with systemd-resolved but instead use the stub resolver that forwards queries to systemd-resolved. Normally, applications only need to query 127.0.0.53, which is forwarded to systemd-resolved by the stub resolver.

Example content:

# This file is managed by systemd-resolved. Do not edit.nameserver 127.0.0.53options edns0 trust-adsearch example.com


In practical use, you can focus on the /etc/resolv.conf file:

  • For temporary changes to the system DNS server, directly edit /etc/resolv.conf or use the resolvectl command (which provides better control).

  • For persistent changes to the system DNS server, configure /run/systemd/resolve/resolv.conf and ensure that /etc/resolv.conf is symlinked to /run/systemd/resolve/resolv.conf.

  • To use the DNS Stub Resolver, configure /run/systemd/resolve/resolv.conf and ensure that /etc/resolv.conf is symlinked to /run/systemd/resolve/stub-resolv.conf.

Understanding how systemd-resolved manages DNS requests and how configuration files affect DNS resolution behavior is sufficient for most everyday configuration and troubleshooting tasks.

For more advanced functionality, you can explore the underlying principles of DNS, the DNS protocol’s advanced features, and delve deeper into systemd-resolved’s advanced commands and security measures.


Recommend