42

I'm using a Raspberry Pi 3 with Ubuntu 18.04. At my company we have a DNS server and a couple of domains with ".local". I know technically this isn't correct and it should be ".lan" instead, because .local is reserved for multicast dns. But that's the way it is and it can't easily be changed. So on my windows machine I can ping and browse to those domain names without trouble. On my Ubuntu however I can not.

I can not use IPs because some domains are on the same machine and the IIS webserver sorts things out what goes where.

I have searched and it comes up quite often:

However changing /etc/nsswitch.conf doesn't do the trick for me. I tried

  • hosts: files mdns4_minimal [NOTFOUND=return] dns myhostname # default
  • hosts: files dns
  • hosts: files mdns4_minimal [NOTFOUND=continue] dns myhostname
  • hosts: files mdns4 [NOTFOUND=return] dns myhostname
  • hosts: files mdns4 [NOTFOUND=continue] dns myhostname
  • hosts: files dns mdsn4_minimal myhostname
  • hosts: dns
  • a few others

None of which worked. I tried rebooting after a change too. I tried to tell avahi that the domain-name=alocal in /etc/avahi/avahi-daemon.conf, didn't work after service restart, didn't work after reboot. After this not working, I tried disabling the avahi-daemon service entirely.

sudo systemctl disable avahi-daemon

After a reboot I tried a couple of permutations in /etc/nsswitch.conf again, with no effect.

with my current settings in hosts (files dns) I get this response:

dig login.name.local # not the actual name

; <<>> Dig 9.11.3-1ubuntu1.1-Ubuntu <<>> login.name.local
;; global options: +cmd
;; Got answer:
;; WARNING .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33538
;; flags: qr rd ra; QUERY: 1, ANSWER:0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;login.name.local. 0     IN     A

;; Query time: 2msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Thu Aug 23 10:51:50 CEST 2018
;; MSG SIZE  rcvd: 56

However when I instruct dig to query the server directly I get the correct answer:

dig @dnsIP login.name.local
; <<>> Dig 9.11.3-1ubuntu1.1-Ubuntu <<>> login.name.local
; (1 server found)
;; global options: +cmd
;; Got answer:
;; WARNING .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57866
;; flags: qr aa rd ra; QUERY: 1, ANSWER:1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;login.name.local. 0     IN     A

;; ANSWER SECTION:
login.name.local. 3600 IN    A        serverIP

;; Query time: 2msec
;; SERVER: dnsIP#53(dnsIP)
;; WHEN: Thu Aug 23 10:51:50 CEST 2018
;; MSG SIZE  rcvd: 56

This version of Ubuntu uses netplan with the network manager. The correct DNS IP is definitely in the list. (in fact it's the primary DNS.) Also the dnsIp is the same as serverIP, but that shouldn't be an issue.

Ping or connecting via browser and such don't work of course. None use the dns query.

I'm at a loss at what to do. Certainly we can't switch to a different domain name. I put the servername into /etc/hosts but that's just a temporary solution.

FalcoGer
  • 925

9 Answers9

48

The accepted answer did not resolve my issue. It was nothing to do with avahi - I did not have avahi service installed. I have my system set to get its IP AND its DNS server settings from DHCP. However, the DHCP supplied DNS was not being checked for queries using .local

The real issue is that Ubuntu 18.04 has its resolv.conf sym-linked to a stub file that points to the localhost for name resolution. Localhost DNS name resolution means that the system refuses to check the supplied DNS server for .local names, believing (incorrectly) that such names are invalid. This is the default setup of /etc/resolv.conf:

ls -la /etc/resolv.conf
lrwxrwxrwx 1 root root 39 Jan 22 13:26 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf

content of the stub file is (comments removed):

 cat /run/systemd/resolve/stub-resolv.conf
 .. removed comments..  
nameserver 127.0.0.53
    search reddog.microsoft.com

the 'real' resolve conf has the 'correct' DNS setting (from DHCP):

cat /run/systemd/resolve/resolv.conf

..removed comments..
nameserver 10.168.200.250 # This is my server that can resolve .local
nameserver 208.67.220.220 # these are optional, fallback DNS servers
nameserver 208.67.222.222
# Too many DNS servers configured, the following entries may be ignored.
nameserver 8.8.8.8
search reddog.microsoft.com

In order to make the system use your preferred DNS resolver instead of localhost, you change the symlink to point to /run/systemd/resolve/resolv.conf instead of /run/systemd/resolve/stub-resolv.conf :

sudo rm -f /etc/resolv.conf
sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

Immediately after this, resolution of .local started working. No need to reboot or restart any service.

logoff
  • 876
  • 1
  • 16
  • 31
OzPHB
  • 591
22

I faced a very similar issue (if not exactly the same) on Linux Mint 19 (Tara). I've managed to solve it by combining 3 different pieces of information. It seems to all be related to recent changes with systemd-resolved.

First, yes I've needed to configure /etc/nsswitch.conf as you did and would expect. As long as dns comes before mdns you should be good. I ended with simply:

hosts:          files dns myhostname

ref: https://unix.stackexchange.com/a/457172/271210

Prior to upgrading to this version of Mint, this is the only thing I needed to do. Now I also ended up making the below two other changes to get it working...

After that I've configured my search domain so systemd-resolved would work as I wanted. So I've edited the file /etc/systemd/resolved.conf, the Domains setting under the [resolve] section. In my case it ended up looking like:

[Resolve]
#DNS=
#FallbackDNS=
Domains=trilliant.local
#LLMNR=no
#MulticastDNS=no
#DNSSEC=no
#Cache=yes
#DNSStubListener=yes

ref: https://askubuntu.com/a/1031271/872881

I've also changed the avahi configuration to something else ("mdns" if I remember correctly, but it doesn't matter). It shouldn't be required however from my understanding. Just adding for completeness.

But none of it worked until I've called the following:

sudo ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf

ref: https://askubuntu.com/a/938703/872881

After calling this, everything started working perfectly and as expected!

So it's possible I didn't really need to change the /etc/systemd/resolved.conf file but I kept this change since it made sense and allows me to only type a machine's name, without the complete FQDN, for DNS resolution to work.

jeremfg
  • 336
4

For me working way for Ubuntu 18.04 is:

Edit avahi conf:

sudo vim /etc/avahi/avahi-daemon.conf

and change .local to .alocal :

[server]
domain-name=.alocal

then, open resolved.conf:

sudo vim /etc/systemd/resolved.conf

and uncomment and edit Domains:

[Resolve]
...
Domains=yourdomain.local
...

and finally restart services:

sudo service systemd-resolved restart
sudo service avahi-daemon restart
Anton To
  • 41
3

This worked me on several Ubuntu systems:

https://github.com/lathiat/nss-mdns#etcmdnsallow

Essentially put two lines in /etc/mdns.allow:

.local.
.local

And you might need to change /etc/nsswitch.conf to use the mdns4 module instead of mdns4_minimal. Notably this necessary on a Ubuntu Server box, but not on my Kubuntu desktop.

robbie.huffman
  • 131
2

What worked for me was adding the local DNS as a nameserver to /etc/resolvconf/resolv.conf.d/head (as described here).

  1. Install the resolvconf package.

    sudo apt install resolvconf

  2. Edit /etc/resolvconf/resolv.conf.d/head and add the following:

    nameserver 8.8.4.4  
nameserver 8.8.8.8

  3. Restart the resolvconf service.

    sudo service resolvconf restart

The fix should be permanent.

karel
  • 122,292
  • 133
  • 301
  • 332
Kevin Stevens
  • 21
  • 2
2

For 20.04:

  1. I updating dns to use a local dns server (gnome 'wired settings' config)
  2. I adding local domain in: /etc/systemd/resolved.conf & Domains=domain.local
  3. Then restarted the service: service systemd-resolved restart

Thanks for this thread helping me get this working.

Wolftales
  • 41
2

On Ubuntu Server 18.04/20.04 we were unable to resolve hostnames under our corpname.local domain, despite other name resolution taking place through our AD DNS server. What fixed it for me was to edit /etc/systemd/resolved.conf and add:

DNS=x.x.x.x
Domains=corpname.local

where x.x.x.x is the IP of our AD DNS server. Then run service systemd-resolved restart.

This to me seems cleaner than the various solutions posted above which involve adding symlinks to change which resolve.conf the system is using etc.

Earl Sven
  • 123
  • 3
0

My situation was similar but somewhat different: We use server names like myserver on Windows but this did not work on Ubuntu 16.04 and I had to use myserver.mycompany.local. After upgrading to 18.04, I got the following behavior:

$ ping myserver.mycompany.local
ping: myserver.mycompany.local: Name or service not known

$ ping myserver
PING myserver.mycompany.local (192.168.x.y) 56(84) bytes of data.
64 bytes from myserver.mycompany.local (192.168.x.y): icmp_seq=1 ttl=62 time=3.05 ms
...

I simply had to replace myserver.mycompany.local with myserver in my applications.

Melebius
  • 11,750
0

After grabbing great info from a few of these other answers I managed to make everything work on my system like I wanted. Here were a few things I did...

#1: Fix The Symlink For The resolv.conf File

For this I needed to first change the permissions of the file with...

sudo chattr -a -i /etc/resolv.conf

Then I was able to delete the existing file and relink the symlink using...

sudo rm -f /etc/resolv.conf
sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

#2: Check On You DNS Settings To Ensure Servers Are Being Used In The Order You Want

To check your current DNS settings you can use...

resolvectl status

In my case I had screwed up my DNS settings by editing the /etc/systemd/resolved.conf file. Because I did this, my DNS settings command showed my some things in the "GLOBAL" DNS settings I needed to get rid of...

user@server:/$ resolvectl status
Global
         Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
  resolv.conf mode: foreign
Current DNS Server: 1.1.1.1
       DNS Servers: 1.1.1.1 8.8.8.8

Link 2 (eth0)
    Current Scopes: DNS
         Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
       DNS Servers: 8.8.8.8
        DNS Domain: 8.8.4.4

To fix this, I just had to edit the resolved.conf file and comment out everything I tried to uncomment before using the command...

sudo nano /etc/systemd/resolved.conf

You can see below where I commented out things like DNS and Domains...

[Resolve]
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google:     8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9:      9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
#DNS=8.8.8.8 8.8.4.4
#FallbackDNS=
#Domains=mydomain.local
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=no
#LLMNR=no
#Cache=no-negative
#CacheFromLocalhost=no
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no
#StaleRetentionSec=0

After that I did a reboot sudo reboot to let the Global DNS info drop off.

#3: Fix DNS Server And Domain Information On The Interface

To do this I needed to edit my netplan config which is located here...

cd /etc/netplan

Then when in that directory I could do a ls -al command to show me what my yaml config file was named. In my case it was named 50-cloud-init.yaml so I went into nano to edit it...

sudo /etc/netplan/nano 50-cloud-init.yaml

Then I edited the file to look like this...

network:
    ethernets:
        eth0:
            addresses:
            - 192.168.2.22/24
            nameservers:
                addresses:
                - 192.168.1.3
                - 1.1.1.1
                - 8.8.8.8
                - 1.0.0.1
                - 8.8.4.4
                search:
                - mydomain.local
            routes:
            -   to: default
                via: 192.168.2.1

There are different ways you can type out the addresses such as one by one with leading dashes like I have done or in an array format like any of the following formats...

nameservers:
    addresses: [ 192.168.1.3]
    addresses: [ 1.1.1.1, 1.0.0.1 ]
    addresses: [8.8.8.8, 8.8.4.4]

Now checking DNS settings everything looks smashing...

user@server:/$ resolvectl status
Global
         Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
  resolv.conf mode: uplink

Link 2 (eth0)
    Current Scopes: DNS
         Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
       DNS Servers: 192.168.1.3 1.1.1.1 8.8.8.8 1.0.0.1 8.8.4.4
        DNS Domain: mydomain.local

Then trying to ping things, now I can ping like...

user@server:~$ ping mypc.mydomain.local
PING mypc.mydomain.local (192.168.1.3) 56(84) bytes of data.
64 bytes from mypc.mydomain.local (192.168.1.3): icmp_seq=1 ttl=127 time=1.01 ms

or even just...

user@server:~$ ping mypc
PING mypc.mydomain.local (192.168.1.3) 56(84) bytes of data.
64 bytes from mypc.mydomain.local (192.168.1.3): icmp_seq=1 ttl=127 time=1.01 ms
Arvo Bowen
  • 101