Resolve the battle for control over your DNS settings in Debian/Ubuntu

There are a few daemons all wanting to control your DNS in Debian and Ubuntu. However, it’s better to resolve the conflict and leave one daemon in charge instead of having them battle it out on their own.

The Debian 8.0 “Jessie” network installer installs some packages that leave you with broken domain name resolution in some situations. Ubuntu 15.04 “Vivid Vervet” also does some strange things out of the box. Both leaving Network Manager with a hard time controlling the systems’ DNS settings. Let us correct this by putting Network Manager back in control.

Update (): This article still applies if you’ve updated from an older version of Debian or Ubuntu. However, I’ve since published How to take back control of /etc/resolv.conf on Linux which provides more up to date advice and help in more similar situations. I recommend you read that article instead.

One assumption before leaving all of your system’s networking in Network Manager’s capable hands: You want your network to always configure itself automatically with minimal hassle at any location/Wi-Fi network. Read on if this sounds like your use case.

Some symptoms indicating that you may have DNS resolution problems:

  • Frequent unreliable and slow domain name resolution in browsers and other programs that seemingly correct themselves after some seconds
  • It takes a long time for DNS to start working after connecting to a new network
  • Only IPv6 resolution working when IPv4 resolution isn’t working, and visa-versa
  • /etc/resolv.conf is rewritten every few seconds
  • /etc/resolv.conf is missing the “# Generated by NetworkManager” header at the top

Check that you’re using Network Manager. In most situations on most distributions this will be the case:

  1. Run service NetworkManager status to confirm that Network Manager is running
  2. Run head /etc/resolv.conf and look for:
    # Generated by NetworkManager

If the header is missing, continue with the below instructions. If it’s there then this post doesn’t hold a solution to your network problem answer. Sorry, but you need to do more research elsewhere to identify your problem.

  1. Run service rdnssd status to see if rdnssd is also running
  2. Run service resolvconf status to see if resolvconf is also running

If two or more services are running we may have successfully identified the problem. Network Manager already covers the functionality provided by rdnssd and resolvconf, so you can go ahead and remove rdnssd and resolvconf.

  1. Run apt-get purge rdnssd to remove it from your system
  2. Run apt-get purge resolvconf to remove it from your system
  3. Run service NetworkManager restart to stop and start the Network Manager daemon so it can find the changes

Wait a minute – or disconnect and reconnect your network – and then repeat step 2 to verify that Network Manager is back in control over your name resolution.

How did this problem arise in the first place? According to Debian bug #740998, the Debian network installer (for Debian 8.0 “Jessie”) will install the troublesome rdnssd program if the network installer sees an IPv6 environment. The package isn’t required on systems managed by Network Manager. Debian 9.0 “Sketch” – currently in the testing release channel – has resolved the problem by making the two packages conflict with each other, preventing them from being installed at the same time.

As for resolvconf, it’s a bit harder to track down how that gets installed. I suspect it’s the network installer again but haven’t confirmed it. Although resolvconf alone can almost manage your /etc/resolv.conf file, it will interfere with Network Manager. resolvconf will not setup IPv6 name servers in all situations

Ubuntu extra

Ubuntu always installs resolvconf. If you’re running Network Manager (see step 2), you can remove it. In addition to resolvconf, you also have to deal with dnsmasq in the mix on Ubuntu. dnsmasq is a caching system meant for situations when DNS is broken. As a side effect, it interferes with DNS and gets in the way of IPv6 DNS servers. Assuming you aren’t on the Moon or the International Space Station, you don’t need a separate system-level DNS caching daemon and can remove it:

  1. Remove (or comment out) the below line from /etc/NetworkManager/NetworkManager.conf:
  2. Run service NetworkManager restart

Wait a minute – or disconnect and reconnect your network – and then repeat step 2 to verify that Network Manager is back in control over your name resolution.

If your DNS still is broken, you can start blaming your router or internet service provider at this point. Check to see if you also have issues with other machines on the same network. Debian and Ubuntu’s conflicting oddities should have been neutralized, at least.