What DNS server is bind using?
I installed Bind9 in 14.04.1 and made no config changes, I did not touch any files in /etc
. This means my laptop is a caching DNS server.
My questions are:
- where is bind getting it's DNS?
- What servers am I connecting to?
I have no forwarders set in the config file. In the past I have used tools to measure performance and Bind9 with no forwarders is the fastest, but where is bind getting it's DNS data?
networking server dns bind
add a comment |
I installed Bind9 in 14.04.1 and made no config changes, I did not touch any files in /etc
. This means my laptop is a caching DNS server.
My questions are:
- where is bind getting it's DNS?
- What servers am I connecting to?
I have no forwarders set in the config file. In the past I have used tools to measure performance and Bind9 with no forwarders is the fastest, but where is bind getting it's DNS data?
networking server dns bind
add a comment |
I installed Bind9 in 14.04.1 and made no config changes, I did not touch any files in /etc
. This means my laptop is a caching DNS server.
My questions are:
- where is bind getting it's DNS?
- What servers am I connecting to?
I have no forwarders set in the config file. In the past I have used tools to measure performance and Bind9 with no forwarders is the fastest, but where is bind getting it's DNS data?
networking server dns bind
I installed Bind9 in 14.04.1 and made no config changes, I did not touch any files in /etc
. This means my laptop is a caching DNS server.
My questions are:
- where is bind getting it's DNS?
- What servers am I connecting to?
I have no forwarders set in the config file. In the past I have used tools to measure performance and Bind9 with no forwarders is the fastest, but where is bind getting it's DNS data?
networking server dns bind
networking server dns bind
edited Sep 26 '14 at 2:29
rubo77
14.6k2893198
14.6k2893198
asked Sep 25 '14 at 21:51
Fudruckers
714
714
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
When your laptop obtains an IP address from a dhcp server in the past it used to update file /etc/resolv.conf
.
These days it is not that simple. Ubuntu runs dnsmasq by default. This is a caching nameserver which accelerates your web browsing. So the answer to your first question is "From dnsmasq".
The sequence is:
NetworkManager obtains an IP address and a DNS server and stores the IP address of the DNS server in DBus
dnsmasq grabs that IP address from DBus and uses it for upstream queries when there is no cache hit.
You can find out what is your upstream DNS server with the command sudo grep dnsmasq /var/log/syslog
(or syslog.1 or any of the other rotated syslogs if you booted long time ago).
The "proper" approach would be with the command:
sudo qdbus --system --literal org.freedesktop.NetworkManager /org/freedesktop/NetworkManager/IP4Config/0 org.freedesktop.NetworkManager.IP4Config.Nameservers
It will spit out an array of decimal numbers like 17249034. You convert that to hex: 0107330a read it backwards separating the bytes: 0a.33.07.01 and convert back to decimal: 10.51.7.1 which is your upstream DNS server.
1
Good explanation! One update: I'm pretty sure dnsmasq is not, by default, configured to cache the dns queries, because of the possible privacy implication that one user could infer other users' activity by whether some queries are a cache hit or not (which you can tell by the response time).
– Timo Kluck
Sep 26 '14 at 5:53
Well, it runs on mine and I can't recall installing it. The privacy objection is valid on a multi-user system but how many laptops have multiple concurrent users logged on?
– sмurf
Sep 26 '14 at 7:31
add a comment |
I have no forwarders set in the config file. In the past I have used tools to measure performance and Bind9 with no forwarders is the fastest, but where is bind getting it's DNS data?
If you don't have any forwarders configured, Bind queries the root name servers. This is 13 servers* around the world, that's responsible for maintaining the root of the DNS systems.
To get a list of root name servers, run dig +short
:
[~]$ dig +short
h.root-servers.net.
b.root-servers.net.
e.root-servers.net.
g.root-servers.net.
m.root-servers.net.
a.root-servers.net.
k.root-servers.net.
d.root-servers.net.
j.root-servers.net.
f.root-servers.net.
c.root-servers.net.
i.root-servers.net.
l.root-servers.net.
These have very stable IP-adresses, so the default configuration shipped with Bind contains entries for all of these thirteen servers. The information is contained in /etc/bind/db.root
.
Given a query, bind will query one of the root name servers for the domain. For instance for example.org, the root name server will reply that it doesn't know, but .org's Name server might know, and give you an list of IP's and names for .org's name servers.
Bind then goes on to query the .org nameservers, which will likely reply that they do not know, but they know which nameserver (NS record) is responsible for example.org, and give you a list of IP's and names for those nameservers. Finally Bind will query the NS for example.org, and hopefully get an answer.
As you can see this involves at least three lookups, which is rather slow. A caching NS, such as google or Cloudflare will cache popular names, and thus can respond faster.
It also shows the hierarchical build of DNS. The root servers contains references to the name servers for Top Level Domains. The TLD's own nameservers contains NS records for all domains registered under that TLD and so forth.
*: There's more than 13 physical servers. But they logically appear as 13 distinct name servers.
(The other answer focuses on how the client OS handles DNS. That has nothing to do with how Bind handles DNS.)
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f528551%2fwhat-dns-server-is-bind-using%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
When your laptop obtains an IP address from a dhcp server in the past it used to update file /etc/resolv.conf
.
These days it is not that simple. Ubuntu runs dnsmasq by default. This is a caching nameserver which accelerates your web browsing. So the answer to your first question is "From dnsmasq".
The sequence is:
NetworkManager obtains an IP address and a DNS server and stores the IP address of the DNS server in DBus
dnsmasq grabs that IP address from DBus and uses it for upstream queries when there is no cache hit.
You can find out what is your upstream DNS server with the command sudo grep dnsmasq /var/log/syslog
(or syslog.1 or any of the other rotated syslogs if you booted long time ago).
The "proper" approach would be with the command:
sudo qdbus --system --literal org.freedesktop.NetworkManager /org/freedesktop/NetworkManager/IP4Config/0 org.freedesktop.NetworkManager.IP4Config.Nameservers
It will spit out an array of decimal numbers like 17249034. You convert that to hex: 0107330a read it backwards separating the bytes: 0a.33.07.01 and convert back to decimal: 10.51.7.1 which is your upstream DNS server.
1
Good explanation! One update: I'm pretty sure dnsmasq is not, by default, configured to cache the dns queries, because of the possible privacy implication that one user could infer other users' activity by whether some queries are a cache hit or not (which you can tell by the response time).
– Timo Kluck
Sep 26 '14 at 5:53
Well, it runs on mine and I can't recall installing it. The privacy objection is valid on a multi-user system but how many laptops have multiple concurrent users logged on?
– sмurf
Sep 26 '14 at 7:31
add a comment |
When your laptop obtains an IP address from a dhcp server in the past it used to update file /etc/resolv.conf
.
These days it is not that simple. Ubuntu runs dnsmasq by default. This is a caching nameserver which accelerates your web browsing. So the answer to your first question is "From dnsmasq".
The sequence is:
NetworkManager obtains an IP address and a DNS server and stores the IP address of the DNS server in DBus
dnsmasq grabs that IP address from DBus and uses it for upstream queries when there is no cache hit.
You can find out what is your upstream DNS server with the command sudo grep dnsmasq /var/log/syslog
(or syslog.1 or any of the other rotated syslogs if you booted long time ago).
The "proper" approach would be with the command:
sudo qdbus --system --literal org.freedesktop.NetworkManager /org/freedesktop/NetworkManager/IP4Config/0 org.freedesktop.NetworkManager.IP4Config.Nameservers
It will spit out an array of decimal numbers like 17249034. You convert that to hex: 0107330a read it backwards separating the bytes: 0a.33.07.01 and convert back to decimal: 10.51.7.1 which is your upstream DNS server.
1
Good explanation! One update: I'm pretty sure dnsmasq is not, by default, configured to cache the dns queries, because of the possible privacy implication that one user could infer other users' activity by whether some queries are a cache hit or not (which you can tell by the response time).
– Timo Kluck
Sep 26 '14 at 5:53
Well, it runs on mine and I can't recall installing it. The privacy objection is valid on a multi-user system but how many laptops have multiple concurrent users logged on?
– sмurf
Sep 26 '14 at 7:31
add a comment |
When your laptop obtains an IP address from a dhcp server in the past it used to update file /etc/resolv.conf
.
These days it is not that simple. Ubuntu runs dnsmasq by default. This is a caching nameserver which accelerates your web browsing. So the answer to your first question is "From dnsmasq".
The sequence is:
NetworkManager obtains an IP address and a DNS server and stores the IP address of the DNS server in DBus
dnsmasq grabs that IP address from DBus and uses it for upstream queries when there is no cache hit.
You can find out what is your upstream DNS server with the command sudo grep dnsmasq /var/log/syslog
(or syslog.1 or any of the other rotated syslogs if you booted long time ago).
The "proper" approach would be with the command:
sudo qdbus --system --literal org.freedesktop.NetworkManager /org/freedesktop/NetworkManager/IP4Config/0 org.freedesktop.NetworkManager.IP4Config.Nameservers
It will spit out an array of decimal numbers like 17249034. You convert that to hex: 0107330a read it backwards separating the bytes: 0a.33.07.01 and convert back to decimal: 10.51.7.1 which is your upstream DNS server.
When your laptop obtains an IP address from a dhcp server in the past it used to update file /etc/resolv.conf
.
These days it is not that simple. Ubuntu runs dnsmasq by default. This is a caching nameserver which accelerates your web browsing. So the answer to your first question is "From dnsmasq".
The sequence is:
NetworkManager obtains an IP address and a DNS server and stores the IP address of the DNS server in DBus
dnsmasq grabs that IP address from DBus and uses it for upstream queries when there is no cache hit.
You can find out what is your upstream DNS server with the command sudo grep dnsmasq /var/log/syslog
(or syslog.1 or any of the other rotated syslogs if you booted long time ago).
The "proper" approach would be with the command:
sudo qdbus --system --literal org.freedesktop.NetworkManager /org/freedesktop/NetworkManager/IP4Config/0 org.freedesktop.NetworkManager.IP4Config.Nameservers
It will spit out an array of decimal numbers like 17249034. You convert that to hex: 0107330a read it backwards separating the bytes: 0a.33.07.01 and convert back to decimal: 10.51.7.1 which is your upstream DNS server.
answered Sep 26 '14 at 4:54
sмurf
4,06411527
4,06411527
1
Good explanation! One update: I'm pretty sure dnsmasq is not, by default, configured to cache the dns queries, because of the possible privacy implication that one user could infer other users' activity by whether some queries are a cache hit or not (which you can tell by the response time).
– Timo Kluck
Sep 26 '14 at 5:53
Well, it runs on mine and I can't recall installing it. The privacy objection is valid on a multi-user system but how many laptops have multiple concurrent users logged on?
– sмurf
Sep 26 '14 at 7:31
add a comment |
1
Good explanation! One update: I'm pretty sure dnsmasq is not, by default, configured to cache the dns queries, because of the possible privacy implication that one user could infer other users' activity by whether some queries are a cache hit or not (which you can tell by the response time).
– Timo Kluck
Sep 26 '14 at 5:53
Well, it runs on mine and I can't recall installing it. The privacy objection is valid on a multi-user system but how many laptops have multiple concurrent users logged on?
– sмurf
Sep 26 '14 at 7:31
1
1
Good explanation! One update: I'm pretty sure dnsmasq is not, by default, configured to cache the dns queries, because of the possible privacy implication that one user could infer other users' activity by whether some queries are a cache hit or not (which you can tell by the response time).
– Timo Kluck
Sep 26 '14 at 5:53
Good explanation! One update: I'm pretty sure dnsmasq is not, by default, configured to cache the dns queries, because of the possible privacy implication that one user could infer other users' activity by whether some queries are a cache hit or not (which you can tell by the response time).
– Timo Kluck
Sep 26 '14 at 5:53
Well, it runs on mine and I can't recall installing it. The privacy objection is valid on a multi-user system but how many laptops have multiple concurrent users logged on?
– sмurf
Sep 26 '14 at 7:31
Well, it runs on mine and I can't recall installing it. The privacy objection is valid on a multi-user system but how many laptops have multiple concurrent users logged on?
– sмurf
Sep 26 '14 at 7:31
add a comment |
I have no forwarders set in the config file. In the past I have used tools to measure performance and Bind9 with no forwarders is the fastest, but where is bind getting it's DNS data?
If you don't have any forwarders configured, Bind queries the root name servers. This is 13 servers* around the world, that's responsible for maintaining the root of the DNS systems.
To get a list of root name servers, run dig +short
:
[~]$ dig +short
h.root-servers.net.
b.root-servers.net.
e.root-servers.net.
g.root-servers.net.
m.root-servers.net.
a.root-servers.net.
k.root-servers.net.
d.root-servers.net.
j.root-servers.net.
f.root-servers.net.
c.root-servers.net.
i.root-servers.net.
l.root-servers.net.
These have very stable IP-adresses, so the default configuration shipped with Bind contains entries for all of these thirteen servers. The information is contained in /etc/bind/db.root
.
Given a query, bind will query one of the root name servers for the domain. For instance for example.org, the root name server will reply that it doesn't know, but .org's Name server might know, and give you an list of IP's and names for .org's name servers.
Bind then goes on to query the .org nameservers, which will likely reply that they do not know, but they know which nameserver (NS record) is responsible for example.org, and give you a list of IP's and names for those nameservers. Finally Bind will query the NS for example.org, and hopefully get an answer.
As you can see this involves at least three lookups, which is rather slow. A caching NS, such as google or Cloudflare will cache popular names, and thus can respond faster.
It also shows the hierarchical build of DNS. The root servers contains references to the name servers for Top Level Domains. The TLD's own nameservers contains NS records for all domains registered under that TLD and so forth.
*: There's more than 13 physical servers. But they logically appear as 13 distinct name servers.
(The other answer focuses on how the client OS handles DNS. That has nothing to do with how Bind handles DNS.)
add a comment |
I have no forwarders set in the config file. In the past I have used tools to measure performance and Bind9 with no forwarders is the fastest, but where is bind getting it's DNS data?
If you don't have any forwarders configured, Bind queries the root name servers. This is 13 servers* around the world, that's responsible for maintaining the root of the DNS systems.
To get a list of root name servers, run dig +short
:
[~]$ dig +short
h.root-servers.net.
b.root-servers.net.
e.root-servers.net.
g.root-servers.net.
m.root-servers.net.
a.root-servers.net.
k.root-servers.net.
d.root-servers.net.
j.root-servers.net.
f.root-servers.net.
c.root-servers.net.
i.root-servers.net.
l.root-servers.net.
These have very stable IP-adresses, so the default configuration shipped with Bind contains entries for all of these thirteen servers. The information is contained in /etc/bind/db.root
.
Given a query, bind will query one of the root name servers for the domain. For instance for example.org, the root name server will reply that it doesn't know, but .org's Name server might know, and give you an list of IP's and names for .org's name servers.
Bind then goes on to query the .org nameservers, which will likely reply that they do not know, but they know which nameserver (NS record) is responsible for example.org, and give you a list of IP's and names for those nameservers. Finally Bind will query the NS for example.org, and hopefully get an answer.
As you can see this involves at least three lookups, which is rather slow. A caching NS, such as google or Cloudflare will cache popular names, and thus can respond faster.
It also shows the hierarchical build of DNS. The root servers contains references to the name servers for Top Level Domains. The TLD's own nameservers contains NS records for all domains registered under that TLD and so forth.
*: There's more than 13 physical servers. But they logically appear as 13 distinct name servers.
(The other answer focuses on how the client OS handles DNS. That has nothing to do with how Bind handles DNS.)
add a comment |
I have no forwarders set in the config file. In the past I have used tools to measure performance and Bind9 with no forwarders is the fastest, but where is bind getting it's DNS data?
If you don't have any forwarders configured, Bind queries the root name servers. This is 13 servers* around the world, that's responsible for maintaining the root of the DNS systems.
To get a list of root name servers, run dig +short
:
[~]$ dig +short
h.root-servers.net.
b.root-servers.net.
e.root-servers.net.
g.root-servers.net.
m.root-servers.net.
a.root-servers.net.
k.root-servers.net.
d.root-servers.net.
j.root-servers.net.
f.root-servers.net.
c.root-servers.net.
i.root-servers.net.
l.root-servers.net.
These have very stable IP-adresses, so the default configuration shipped with Bind contains entries for all of these thirteen servers. The information is contained in /etc/bind/db.root
.
Given a query, bind will query one of the root name servers for the domain. For instance for example.org, the root name server will reply that it doesn't know, but .org's Name server might know, and give you an list of IP's and names for .org's name servers.
Bind then goes on to query the .org nameservers, which will likely reply that they do not know, but they know which nameserver (NS record) is responsible for example.org, and give you a list of IP's and names for those nameservers. Finally Bind will query the NS for example.org, and hopefully get an answer.
As you can see this involves at least three lookups, which is rather slow. A caching NS, such as google or Cloudflare will cache popular names, and thus can respond faster.
It also shows the hierarchical build of DNS. The root servers contains references to the name servers for Top Level Domains. The TLD's own nameservers contains NS records for all domains registered under that TLD and so forth.
*: There's more than 13 physical servers. But they logically appear as 13 distinct name servers.
(The other answer focuses on how the client OS handles DNS. That has nothing to do with how Bind handles DNS.)
I have no forwarders set in the config file. In the past I have used tools to measure performance and Bind9 with no forwarders is the fastest, but where is bind getting it's DNS data?
If you don't have any forwarders configured, Bind queries the root name servers. This is 13 servers* around the world, that's responsible for maintaining the root of the DNS systems.
To get a list of root name servers, run dig +short
:
[~]$ dig +short
h.root-servers.net.
b.root-servers.net.
e.root-servers.net.
g.root-servers.net.
m.root-servers.net.
a.root-servers.net.
k.root-servers.net.
d.root-servers.net.
j.root-servers.net.
f.root-servers.net.
c.root-servers.net.
i.root-servers.net.
l.root-servers.net.
These have very stable IP-adresses, so the default configuration shipped with Bind contains entries for all of these thirteen servers. The information is contained in /etc/bind/db.root
.
Given a query, bind will query one of the root name servers for the domain. For instance for example.org, the root name server will reply that it doesn't know, but .org's Name server might know, and give you an list of IP's and names for .org's name servers.
Bind then goes on to query the .org nameservers, which will likely reply that they do not know, but they know which nameserver (NS record) is responsible for example.org, and give you a list of IP's and names for those nameservers. Finally Bind will query the NS for example.org, and hopefully get an answer.
As you can see this involves at least three lookups, which is rather slow. A caching NS, such as google or Cloudflare will cache popular names, and thus can respond faster.
It also shows the hierarchical build of DNS. The root servers contains references to the name servers for Top Level Domains. The TLD's own nameservers contains NS records for all domains registered under that TLD and so forth.
*: There's more than 13 physical servers. But they logically appear as 13 distinct name servers.
(The other answer focuses on how the client OS handles DNS. That has nothing to do with how Bind handles DNS.)
answered Dec 31 '18 at 17:15
vidarlo
9,30442445
9,30442445
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f528551%2fwhat-dns-server-is-bind-using%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown