Re: Why does resolv.conf keep changing?
- Date: Mon, 23 Oct 2017 11:48:36 -0400
- From: Jude DaShiell <jdashiel@xxxxxxxxx>
- Subject: Re: Why does resolv.conf keep changing?
If you've got dynamic ip addresses as many of us do, that file has to change to keep your internet connection up.
On Mon, 23 Oct 2017, Joe wrote:
Date: Mon, 23 Oct 2017 04:17:11 From: Joe <joe@xxxxxxxxxxxxxx> To: debian-user@xxxxxxxxxxxxxxxx Subject: Re: Why does resolv.conf keep changing? Resent-Date: Mon, 23 Oct 2017 08:54:41 +0000 (UTC) Resent-From: debian-user@xxxxxxxxxxxxxxxx On Sun, 22 Oct 2017 22:12:03 -0400 Roberto C. S?nchez <roberto@xxxxxxxxxx> wrote:So, I just upgraded my main router/firewall machine to Stretch. Following the upgrade my /etc/resolv.conf settings appear to track the DHCP options obtained by one of the two interfaces. No matter what I try I can't get the /etc/resolv.conf settings to remain as I would like them. The machine has two network interfaces: one on the Internt side which connects to my ISP-provided equipment and which obtains its address via DHCP, another on the LAN side which is statically configured. My /etc/network/interfaces looks like this (192.168.174.0/24 is my LAN subnet): auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.174.1 netmask 255.255.255.0 broadcast 192.168.174.255 auto eth1 iface eth1 inet dhcp My /etc/resolv.conf looks like this: domain example.com search example.com. nameserver 127.0.0.1 The reason for "nameserver 127.0.0.1" is that I run my own instance of bind which acts as a caching server and also serves my own internal zones. Prior to the recent upgrade to Stretch everything worked normally. That is, whatever I put in /etc/resolv.conf was left as I configured it. Following my recent Stretch upgrade I found my resolv.conf had been changed to just this (192.168.63.1/24 is the subnet used by the ISP equipment): nameserver 192.168.63.1 That has the effect of not allowing processes running on that machine (the router/firewall) to properly resolve internal DNS addresses. Other machines on my network are fine since they get their name servers set by the internal DHCP server which is configured with the name server address 192.168.174.1. This DHCP server is different from the embedded DHCP server that runs on my ISP's device. I have tried two different things. First, I added this directive to /etc/network/interfaces under the eth0 stanza: dns-nameservers 127.0.0.1 That did not appear to have any effect because taking eth0 and eth1 down and then bringing them back up still results in resolv.conf pointing to the ISP router as its name server. Additionally, after the interfaces are up even if I manually change resolv.conf, something comes along sometime later and undoes my changes. The second thing I tried was adding to /etc/dhcp/dhclient.conf: supersede domain-name example.com; supersede domain-search example.com.; supersede domain-name-servers 127.0.0.1; This similarly has no lasting effect, which is really surprising to me. I did find a page on the Debian wiki  which recommends setting the immutable attribute on /etc/resolv.conf. However, that feels like an ugly hack.It most certainly is, and shouldn't be necessary in your case.Can anyone point out what it is that I am missing here?Not 'missing', you probably have the package resolvconf installed, and with your network configuration, you don't need it. It's not certain, but it seems to be the culprit in most of these cases. There is undoubtedly a way to beat it into submission, but it's not widely known. There was another recent thread on this matter. If you're bringing up and taking down random interfaces, such as VPN tunnels and wifi, then you do want to keep shifting your DNS server, so resolvconf is appropriate on a laptop, but probably not on a fixed workstation.