Fix DNS /etc/resolv.conf systemd-resolved

DNS resolution of /etc/resolv.conf and systemd-resolved doesn’t work after upgrade Ubuntu or Linux Mint.

How to Fix DNS resolution using systemd-resolved and /etc/resolv.conf after upgrade

Fix DNS /etc/resolv.conf systemd-resolved

Symptom: Could not resolve hostname. Name or service not known

After upgrading Ubuntu or Linux Mint querying DNS resolution fails. It seems the DNS servers which get by DHCP doesn’t work anymore.

Name resolution

resolvconf is a set of script and hooks managing DNS resolution. The most noticeable experience for the user is that any changes made manually to /etc/resolv.conf will be lost as they will be overwritten the next time resolvconf is triggered. resolvconf uses DHCP client hooks, a Netplan NetworkManager plugin and /etc/network/interfaces to generate a list of nameservers and domain to put in /etc/resolv.conf.

DNS client configuration

Traditionally, the file /etc/resolv.conf was a static configuration file that rarely needed to be changed, also it automatically changed via DHCP client hooks. systemd-resolved handles nameserver configuration, and it should be interacted with through the systemd-resolve command. Netplan configures systemd-resolved to generate a list of nameservers and domains to write in /etc/resolv.conf, which is a symlink:

/etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf

Note. Ubuntu Server network interface configuration utility is ifup and it is configured by the file /etc/network/interfaces.

Ubuntu Gnome Desktop or Linux Mint Mate or Cinnamon the network interface configuration is by Netplan configure utility.

DNS Resolution /etc/resolv.conf systemd-resolved

The Netplan NetworkManager daemon attempts to make networking configuration and operation as painless and automatic as possible by managing the primary network connection and other network interfaces.

Netplan NetworkManager is also configured by Edit Connections in the graphical network connection utility. However, for network interfaces configured by DHCP it normally isn’t necessary to change any settings manually.

If you are considering to configure the DNS resolution manually, you must first change the NetworkManager.conf file.

$ sudo vi /etc/NetworkManager/NetworkManager.conf

default: NetworkManager will update /etc/resolv.conf to reflect the nameservers provided by currently active connections.

[main]
plugins=ifupdown,keyfile
# Set to default DNS processing mode.
dns=default

Add dns default key to the main section in the NetworkManager.conf file.

If the key is unspecified, default is used, unless /etc/resolv.conf is a symlink to /run/systemd/resolve/stub-resolv.conf, /run/systemd/resolve/resolv.conf, /lib/systemd/resolv.conf or /usr/lib/systemd/resolv.conf. In that case, systemd-resolved is chosen automatically.

Now restart network management daemon to apply changes.

$ sudo systemctl restart NetworkManager

After an os upgrade, the symlink may need to be recreated. Make symlink to /run/systemd/resolve/stub-resolv.conf

$ sudo ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

Restart systemd-resolved DNS Network Name Resolution manager.

$ sudo systemctl restart systemd-resolved.service

Verify DNS Resolution using systemd-resolved /etc/resolv.conf

Verify processing and also oprations of Network Name Resolution.

$ journalctl -b -u systemd-resolved

Check DNS status of systemd-resolved Network Name Resolution.

$ resolvectl status

Using resolvectl command to resolve domain names, IPv4 and IPv6 addresses.

$ resolvectl query google.com

Set DNS Resolver completely manually

If you want to configure the DNS resolution manually, you must first change the NetworkManager.conf file.

$ sudo vi /etc/NetworkManager/NetworkManager.conf

Change NetworkManager configuration dns key to none.

dns=none

Now is a good moment to verify the NetworkManager settings.

$ NetworkManager --print-config

Apply changes of network management daemon.

$ sudo systemctl reload NetworkManager

Unlink resolv.conf symlinked to /run/systemd/resolve/stub-resolv.conf.

$ sudo unlink /etc/resolv.conf

Stop and disable systemd-resolved Network Name Resolution manager.

$ sudo systemctl stop systemd-resolved.service
$ sudo systemctl disable systemd-resolved.service

Manually configuring the /etc/resolv.conf file

Create new or edit existing /etc/resolv.conf file.

$ sudo vi /etc/resolv.conf

Add the following lines in to the /etc/resolv.conf file.

nameserver 8.8.8.8
nameserver 1.1.1.1
nameserver 1.0.0.1
options edns0 trust-ad
search localdomain

Note. The number of name servers is limited to 3 nameserver.

Finaly verify DNS name resolution.

$ resolvectl query ntp.pool.org
ntp.pool.org: 216.40.34.37                     -- link: ens160

-- Information acquired via protocol DNS in 13.0ms.
-- Data is authenticated: no

$ resolvectl status

$ dig ns1.google.com

; <<>> DiG 9.16.48-Ubuntu <<>> ns1.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45042
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;ns1.google.com.                        IN      A

;; ANSWER SECTION:
ns1.google.com.         18466   IN      A       216.239.32.10

;; Query time: 6 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue May 28 12:53:01 CEST 2024
;; MSG SIZE  rcvd: 59

what does systemd-resolved do?

systemd-resolved is a system service that provides network name resolution to local applications. It also implements a caching and validating DNS/DNSSEC stub resolver, as well as an LLMNR and MulticastDNS resolver and responder. Local applications may submit network name resolution requests via three interfaces:

systemd-resolved maintains the /run/systemd/resolve/stub-resolv.conf file for compatibility with traditional Linux programs. This file may be symlinked from /etc/resolv.conf. This file lists the 127.0.0.53 DNS stub (see above) as the only DNS server. It also contains a list of search domains that are in use by systemd-resolved. The list of search domains is always kept up-to-date. Note that /run/systemd/resolve/stub-resolv.conf should not be used directly by applications, but only through a symlink from /etc/resolv.conf.

A static file /usr/lib/systemd/resolv.conf is provided that lists the 127.0.0.53 DNS stub as only DNS server. This file may be symlinked from /etc/resolv.conf in order to connect all local clients that bypass local DNS APIs to systemd-resolved. This file also does not contain any search domains.

more help get also the man pages
$ man systemd-resolved.service
$ man NetworkManager.conf
$ man NetworkManager
$ man resolv.conf
$ man resolvectl

nginx_modsite command for NGINX

Using nginx_modsite command similar for use a2ensite and a2dissite with NGINX

nginx_modsite command for NGINX

As we all know, we can enable or disable a website using Apache on Debian and Ubuntu Linux. We remembered and appreciated using the a2ensite and a2dissite commands, why not for NGINX!

Unfortunately, there is no corresponding standard command in NGINX, but there is a workaround using a2ensite and a2dissite for NGINX.

Of course, the following command can create the symlink to the website configuration file:

$ sudo ln -s /etc/nginx/sites-available/example.org /etc/nginx/sites-enabled/

As well as we can unlink the site from enabled sites:

$ sudo unlink /etc/nginx/sites-enabled/example.org

nginx_modsite command for NGINX

The nginx_modsite command for use enable and disablbe NGINX websites and also list them.

Easy to use nginx_modsite

Just create this script file /usr/bin/nginx_modsite.

#!/bin/bash

##
#  File:
#    nginx_modsite
#  Description:
#    Provides a basic script to automate enabling and disabling websites found
#    in the default configuration directories:
#      /etc/nginx/sites-available and /etc/nginx/sites-enabled
#    For easy access to this script, copy it into the directory:
#      /usr/local/sbin
#    Run this script without any arguments or with -h or --help to see a basic
#    help dialog displaying all options.
##

# Copyright (C) 2010 Michael Lustfield <mtecknology@ubuntu.com>

# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#    documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.

##
# Default Settings
##

NGINX_CONF_FILE="$(awk -F= -v RS=' ' '/conf-path/ {print $2}' <<< $(nginx -V 2>&1))"
NGINX_CONF_DIR="${NGINX_CONF_FILE%/*}"
NGINX_SITES_AVAILABLE="$NGINX_CONF_DIR/sites-available"
NGINX_SITES_ENABLED="$NGINX_CONF_DIR/sites-enabled"
SELECTED_SITE="$2"

##
# Script Functions
##

ngx_enable_site() {
    [[ ! "$SELECTED_SITE" ]] &&
        ngx_select_site "not_enabled"

    [[ ! -e "$NGINX_SITES_AVAILABLE/$SELECTED_SITE" ]] && 
        ngx_error "Site does not appear to exist."
    [[ -e "$NGINX_SITES_ENABLED/$SELECTED_SITE" ]] &&
        ngx_error "Site appears to already be enabled"

    ln -sf "$NGINX_SITES_AVAILABLE/$SELECTED_SITE" -T "$NGINX_SITES_ENABLED/$SELECTED_SITE"
    ngx_reload
}

ngx_disable_site() {
    [[ ! "$SELECTED_SITE" ]] &&
        ngx_select_site "is_enabled"

    [[ ! -e "$NGINX_SITES_AVAILABLE/$SELECTED_SITE" ]] &&
        ngx_error "Site does not appear to be \'available\'. - Not Removing"
    [[ ! -e "$NGINX_SITES_ENABLED/$SELECTED_SITE" ]] &&
        ngx_error "Site does not appear to be enabled."

    rm -f "$NGINX_SITES_ENABLED/$SELECTED_SITE"
    ngx_reload
}

ngx_list_site() {
    echo "Available sites:"
    ngx_sites "available"
    echo "Enabled Sites"
    ngx_sites "enabled"
}

##
# Helper Functions
##

ngx_select_site() {
    sites_avail=($NGINX_SITES_AVAILABLE/*)
    sa="${sites_avail[@]##*/}"
    sites_en=($NGINX_SITES_ENABLED/*)
    se="${sites_en[@]##*/}"

    case "$1" in
        not_enabled) sites=$(comm -13 <(printf "%s\n" $se) <(printf "%s\n" $sa));;
        is_enabled) sites=$(comm -12 <(printf "%s\n" $se) <(printf "%s\n" $sa));;
    esac

    ngx_prompt "$sites"
}

ngx_prompt() {
    sites=($1)
    i=0

    echo "SELECT A WEBSITE:"
    for site in ${sites[@]}; do
        echo -e "$i:\t${sites[$i]}"
        ((i++))
    done

    read -p "Enter number for website: " i
    SELECTED_SITE="${sites[$i]}"
}

ngx_sites() {
    case "$1" in
        available) dir="$NGINX_SITES_AVAILABLE";;
        enabled) dir="$NGINX_SITES_ENABLED";;
    esac

    for file in $dir/*; do
        echo -e "\t${file#*$dir/}"
    done
}

ngx_reload() {
    read -p "Would you like to reload the Nginx configuration now? (Y/n) " reload
    [[ "$reload" != "n" && "$reload" != "N" ]] && invoke-rc.d nginx reload
}

ngx_error() {
    echo -e "${0##*/}: ERROR: $1"
    [[ "$2" ]] && ngx_help
    exit 1
}

ngx_help() {
    echo "Usage: ${0##*/} [options]"
    echo "Options:"
    echo -e "\t<-e|--enable> <site>\tEnable site"
    echo -e "\t<-d|--disable> <site>\tDisable site"
    echo -e "\t<-l|--list>\t\tList sites"
    echo -e "\t<-h|--help>\t\tDisplay help"
    echo -e "\n\tIf <site> is left out a selection of options will be presented."
    echo -e "\tIt is assumed you are using the default sites-enabled and"
    echo -e "\tsites-disabled located at $NGINX_CONF_DIR."
}

##
# Core Piece
##

case "$1" in
    -e|--enable)    ngx_enable_site;;
    -d|--disable)   ngx_disable_site;;
    -l|--list)  ngx_list_site;;
    -h|--help)  ngx_help;;
    *)      ngx_error "No Options Selected" 1; ngx_help;;
esac

Make the script executable with ran chmod 700 /usr/bin/nginx_modsite.

Using the command nginx_modsite

To list all available virtualhosts, you can run the following command.

$ sudo nginx_modsite -l

Enable virtualhost “example.org”.

$ sudo nginx_modsite -e example.org

Disable virtualhost “example.org”.

$ sudo nginx_modsite -d example.org

About NGINX

Nginx “engine x” is an open source web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. The software was created by Russian developer Igor Sysoev and publicly released in 2004. Nginx is free and open-source software, released under the terms of the 2-clause BSD license. A large fraction of web servers use Nginx, often as a load balancer.

Nginx is built to offer low memory usage and high concurrency. Rather than creating new processes for each web request, Nginx uses an asynchronous, event-driven approach where requests are handled in a single thread.

With Nginx, one master process can control multiple worker processes. The master maintains the worker processes, while the workers do the actual processing. Because Nginx is asynchronous, each request can be executed by the worker concurrently without blocking other requests.

Nginx vs Apache Usage Stats

Apache is another popular open source web server. In terms of raw numbers, Apache is the most popular web server in existence and is used by 43.6% (down from 47% in 2018) of all websites with a known web server, according to W3Techs. Nginx comes in a close second at 41.8%.

Netcraft ran a survey across 233 million domains and found Apache usage at 31.54% and Nginx usage at 26.20%.