The DNS system is one of the most important aspects of the modern internet. It is responsible for resolving domain names to IP addresses and vice versa. Linux, on the other hand, is one of the most versatile operating systems on Earth. It is frequently used to run DNS servers.
Today, we are going to discuss Linux client-side operations related to DNS. These are operations that anyone with a Linux system can perform on their computer without having to set up server-side software.
These operations are extremely important for diagnosing connection issues and verifying DNS settings. Let’s examine these client-side operations and how you can perform them.
Important DNS Client-Side Operations for Linux Users
Given below are five essential DNS client-side operations for Linux users.
1. Configure DNS Servers for Resolution
The first thing any Linux user can do is configure their system to use a specific DNS server for resolution. Normally, your ISP automatically assigns the DNS resolver. However, these resolvers are not very good, especially if the ISP is small. They can become overloaded, which results in long website loading times.
3rd party DNS like Google, Cloudflare, and Quad9 are usually much better. They can significantly improve DNS resolution times and reduce site loading speed.
There are two ways in which Linux users can configure a specific DNS server. One is to use the GUI, and the other is to edit the config file.
GUI Method
The GUI method is quite simple, especially for Ubuntu users. All they need to do is the following.
- Click the network icon in the system tray
- Click on network settings/configuration
- Select your active internet connection and click the gear icon
- Select your IP version (it is usually IPv4).
- In the DNS settings, select manual.
- Input the IP address of the DNS server that you want to use, such as 1.1.1.1 for Cloudflare or 8.8.8.8 for Google.
- Click “Apply” and close the settings.
This will change your DNS settings. Now, your computer will always use the specified DNS server for domain name resolution.
With Config File
The other method is to use the config file. The Config file contains information about which DNS servers your Linux system uses. You can edit the file and add custom DNS servers to it.
To edit the configuration file, you need an editor like Nano. So make sure that it is installed before you begin. After that, just follow these commands.
- Open the terminal and input the following command
edit /etc/resolv.conf
“Edit” is the command, and “etc/resolve.conf” is the file path.
- To input your selected DNS server, you need to input the following command
sudo nano /etc/resolve.conf
This will open the config file in the Nano editor.
- In the Nano editor, add the following command to the beginning of the file and save it.
nameserver 8.8.8.8
“8.8.8.8” is the Google DNS server. You can replace it with any other DNS, such as “1.1.1.1” for Cloudflare or 9.9.9.9 for Quad9.
So, those are two ways in which Linux users can specify which DNS servers are used.
2. Verify DNS Configuration
Changing DNS settings can sometimes mess with your connectivity. Errors in the configuration can lead to issues with website address resolution. So, Linux users need to be able to verify whether their DNS configuration works or not.
There are a few ways to go about this. You can use a command like “ping” to check if your new settings are working or not.
Let’s say you changed the DNS server that is responsible for handling request resolution. To verify that it is working, you can ping it using the ping command.
Here’s how you can do it.
- Open the terminal by pressing “Ctrl+Alt+t”
- Type “ping” followed by the domain name of any website, i.e., “ping google.com” or “ping 142.251.214.142” (Google public IP address).
This will start the ping process. If you see packets being sent and their latency, then your DNS settings are working (you may need to press the “Ctrl + C” button to stop the ping process). If you don’t see anything, then it means there is a problem.
Here’s how you can diagnose the issue. Use the ping command with a domain name first. If it works, well and good. If it does not, then try the ping command with an IP address. If the IP address ping works, then it means the DNS system is not working or configured improperly.
In this case, try changing your configured DNS to see if it is causing the issue. Use another server and redo the ping tests. If it works, then it means your previously configured DNS was malfunctioning.
3. Lookup DNS Records
DNS record lookup is useful for checking the records of a domain. Normally, record lookup is done to verify that DNS propagation is complete. It can also be used to diagnose other DNS issues.
For example, if someone configured DNSSEC for their domain and wanted to check if it is working or not, they can do a record lookup to verify that DNSKey and DS records exist for their domain.
Linux systems have a number of commands that can be used for DNS record lookup, such as “dig” and “nslookup”. Dig is the more useful command and has more options. Linux comes preinstalled with Dig, so you don’t need anything more than your terminal.
Here are some useful commands for checking important records.
- “dig google.com” (you can replace google.com with any domain name). This will show you the A record of the domain, which contains the IPv4 address.
- “dig mx google.com”. This will show the domain's MX records, which name the domain's mail servers.
- “dig dnskey google.com” will show you the DNSKey record of Google.com.
- “dig ds google.com” will show Google's DS record (if it has one).
All the records shown will be in text form, which can be a bit confusing to read. For example, if you use the ‘dig google.com’ command, you will see an output like this:
; <<>> DiG 9.18.18-0ubuntu0.22.04.1-Ubuntu <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61087
;; flags: qr rd ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 0 IN A 142.250.183.206
;; Query time: 10 msec
;; SERVER: 172.17.192.1#53(172.17.192.1) (UDP)
;; WHEN: Thu Apr 25 17:42:56 PKT 2024
;; MSG SIZE rcvd: 54
This is quite confusing. The data we need is under the “Answer Section,” and it gets kind of lost in the rest of the text. An easier method of doing a record lookup is to use a DNS lookup tool. Tools remove the clutter and provide only the information you need. Or, you can append “+short” to the end of the dig command, and you will only be shown a simplified version.
DNS record look-up helps domain owners or administrators check if their public DNS records are correct or not. Aspiring domain admins can simply play around with DNS lookup commands to see how commercial domains manage their records.
4. Reverse DNS Lookup
Reverse DNS lookup refers to using the IP address and resolving it to the domain name. In a typical DNS lookup, the domain name is resolved to an IP address. For example, if you search for the Google domain, i.e., ‘google.com’, the DNS resolver will find the IP address of google.com.
In a reverse DNS lookup, you search for the IP address (142.250.183.206), and the resolver will find the domain name to which it belongs (in this case, Google.com).
A reverse DNS lookup is useful for troubleshooting and verifying that the DNS is working.
Here’s how you can do a reverse DNS lookup on Linux systems.
- Open the terminal by pressing “Ctrl+Alt+t.”
- In the terminal, type “dig -x <ip addres>”
- Hit enter
Here is what that would look like in a real example.
dig -x 8.8.8.8
The answer received will be “dns.google.” You can do this with any public IP address to learn its domain name.
Typically, reverse DNS lookups are used by network admins and IT professionals to check if their domains are mapped and reverse-mapped to the correct IP address.
5. Flush DNS Cache
The DNS cache is a temporary storage on a device that stores the data of previous DNS lookups. It is used to reduce the time it takes to resolve repetitive DNS queries. The client system can use the cache to recall the IP addresses of previous queries and bypass the entire DNS lookup process.
However, maintaining a DNS cache indefinitely is a bad idea. Some common reasons include:
- It results in you seeing outdated versions of a website
- It can become a security concern. A spoofed DNS cache will result in you being directed to the wrong websites.
- Sometimes, websites just don’t load for some reason. If clearing cookies does not help, then flushing the DNS cache resolves the issue.
So, how can a Linux user flush the DNS cache? It is quite easy. You just need to input a single command in your terminal. This command differs for each type of Linux distribution. You can check out the most common commands below.
- For Ubuntu distros, the “sudo systemd-resolve-flush-caches” command will work.
- If you have the Name Service Cache Demon (NSCD), you can do it with “sudo /etc/init.d/nscd restart”.
You may be asked for your password before you can successfully flush the cache.
Conclusion
These are some essential client-side DNS operations for Linux users. They are quite easy to do and, despite their simplicity, are immensely useful. This was by no means an exhaustive list, especially with regard to ‘dig’ commands, but these are enough to get you started.