Home / ubuntu / Questions / 1034912
Accepted
Stephen Boston
Asked: 2018-05-12 05:03:33 +0800 CST

netplan: nameservers in netplan yaml. What effect?

  • 772

What is the effect of the nameservers/addresses field in the yaml configuration file?

Any application I've tried uses the /etc/resolv.conf nameservers. This happens even with resolvconf stopped.

This is using systemd as resolver. No errors on generate or apply.

RESOLUTION

Thanks to all who responded. The netplan config yaml configures the nameservers after I do this:

  1. Purge resolvconf;
  2. Put my LAN DNS as forwarder in /etc/bind/named.conf.options;

  3. Replace the /etc/resolv.conf link with a static file as

    search nameserver 127.0.0.53

And that works. I find I have to include the search in the resolv.conf even though I have a search field in my netplan config yaml. Puzzle for another day.

netplan

2 Answers

  1. Best Answer

    NOTE: This may duplicate information from chili555, however in discussion with them, the aforementioned individual suggested posting an 'authoritative' answer as I have worked with this exact issue/question before.

    The behavior witnessed in your environment is the systemd-resolved equivalent of what dnsmasq on pre-18.04 was doing. The netplan updates affect the nameservers that systemd-resolved use for its lookups. This is detailed in the last section of the answer.

    But first, for the curious, some history about this behavior, and how it differs from the 'older' Ubuntu versions which use Network Manager and dnsmasq. (Feel free to skip past the next section of this answer if you only want the 18.04-related stuff)

    Before 18.04: dnsmasq as a local caching resolver

    Prior to 18.04, whenever you used the GUI Ubuntu, it would install dnsmasq alongside Network Manager. The Network Manager integration with dnsmasq would update the dnsmasq list of 'next hop' servers (upstream DNS servers) for where to send a query.

    Therefore, a DNS query for google.com would pass from whatever application is requesting the resolution, into dnsmasq, and if dnsmasq doesn't know the IP address or has had a cached entry expire, would then pass the DNS request to whatever upstream DNS server (for this example, 8.8.8.8 or 8.8.4.4). You would then have to check Network Manager or the dnsmasq config to see where the 'upstream' DNS servers were.

    This is typical behavior in a graphical Ubuntu installed from the Desktop ISOs.

    The default install from the Server ISOs, conversely, followed the traditional "update /etc/resolv.conf" method via the resolvconf package and utilized /etc/resolv.conf directly instead of communicating via dnsmasq.

    18.04: netplan, and systemd-resolved

    With 18.04, the default DNS system is systemd-resolved. This operates like the dnsmasq of old does, except it does this for both Desktop and Server ISO installations currently. It also can integrate with Network Manager (used in the GUI environments for managing wifi and such), and with Netplan (which better handles ethernets)

    systemd-resolved is handed from netplan (servers or custom desktops) or Network Manager (default Desktop images) the list of DNS servers to send queries to (whether statically configured or configured via DHCP). Therefore, using the same example from above, a DNS query to google.com would pass through systemd-resolved's stub resolver which would either return the cached lookup value or pass it on to upstream DNS servers.

    This emulates the default behavior of dnsmasq, but also adds some additional lookup handling for how 'localhost', and other local-related addresses can be queried.

    With NetPlan, or Network Manager, you can get the list of upstream DNS servers through systemd-resolved with the following command:

    systemd-resolve --status

    which will give you a bunch of output. The relevant section would look like this (taken from chili555's answer for expediency):

    DNS Servers: 8.8.8.8
             8.8.4.4
             2600:1700:5aa0:830::1
    • 4

  2. Disclaimer: This is a well-educated guess and not a canonical, documented answer.

    Any application I've tried uses the /etc/resolv.conf nameservers.

    On my 18.04 system, the un-commented, that is, actually operational, section of /etc/resolv.conf says:

    nameserver 127.0.0.53

    That is, I believe, a symptom of the use of dnsmasq, the system that caches DNS information. That means, I believe, look in the local cache first, before asking external nameservers.

    But the local cache won’t contain any nameserver information about a website that has never been visited before. In that case, the system uses declared external DNS nameservers. These may be declared in /etc/network/interfaces in older systems; in /etc/netplan/*.yaml in newer systems or, in almost all desktop installations, in Network Manager.

    In fact, /etc/resolv.conf tells us how the external nameservers can be found.

    Run "systemd-resolve --status" to see details about the uplink DNS servers currently in use.

    On my system, the report says, in part:

    DNS Servers: 8.8.8.8
             8.8.4.4
             2600:1700:5aa0:830::1

    In short, I believe that DNS nameservers are declared in netplan to tell the system where to look if the DNS information is not found in the local cache.

    • 2