Page 1 of 1

How is DNS managed?

Posted: Sun Mar 13, 2016 12:54 pm
by joysn

i often experience problems with DNS lookups when i connect to a wifi network.
Because of my work i need to connect to a wifi network each time i visit a customer, live in a hotel or hang out on an air port.

From the past i am used to deal with /etc/resolv.conf where i added the name servers which were accessible on the network i connected to.
Name servers are usually obtained via DHCP so i should not bother a lot with them. And my VPN client (barracudavpn is our companys choice) merges the name servers so i can lookup our companies DNS names.

When i look at my resolv.conf file, there are a view DNS servers listed.
Even though the banner of this file states that i should not edit this file, i edited it yesterday to get DNS resolution working in the hotel.
Today the content of the file is different.
When i start nslookup and enter the command "server" i get the address of the "default" DNS server, the only server "active" in resolv.conf. The others are commented with #.
When i lookup an public DNS name with nslookup, the IP address is resolved. The answer is non-authoritative, and as server the server from resolv.conf is listed.
But, thats the internal, hidden DNS server from my company which i can only reach when i activate the VPN connection. I double checked my network cfg with ifconfig, there is only lo, eth0 cable interface with no cable attached and the wifi adapter connected to the hotels wifi network. No tun0 device which usually represents my VPN tunnel. With traceroute and ping i can not reach that name server.
When i look at the data on the Network Manager applet, the IP address of the two hotel networks name server are different.
I assume that those name servers are used, but i can not figure out how.
In /etc/nsswitch.conf it is defined that hosts are resolved using files, mdns4_mininal and dns.

So, my basic question: how does name resolution work in LM(DE2)?

Re: How is DNS managed?

Posted: Mon Mar 14, 2016 2:56 am
by badams_ios
Sorry if I insult your intelligence here :D As I understand your question.. In the days of old, when the army developed tcp/ip, a file called hosts existed in a folder under /etc/ Of course in Linux/Unix and Mac, that's off the root /etc/hosts. In Windows it's under c:\windows\system32\drivers\etc. That file contained the name of whatever "hosts" were available. ip address x.x.x.1 army base 1. x.x.x.2 army base 2...etc. Every time a new host was added the host file had to be updated and shared. That soon became impractical and domain name services (DNS) was developed.

Now it's dynamic. ISP's have DNS servers with names like,,, My web site service provider is They have, I have a site called It's a forum for our small City. I can add to their DNS and point it to the same IP address, just a different domain name.

Bluehost gets their service from someone else. Go to and at the bottom you'll see a link to "whois". Enter the name of the domain and it'll tell you everything from who THEIR ISP is, to their ns1 servers, their admin email address, the companies address and a lot more. There are actually only a few major "backbone's" like Sprint, Global Crossings (Which AT&T uses...etc.) I'm sure you know, there are public and private IP addresses. 192.x.x.x, 10.x.x.x, 172.x.x.x are private. I'm not sure if there are more, but I don't think so. For the sake of argument, let's say there are not, so every other address is public. 192.x.x.x will not talk to 204.x.x.x. It's built into tcp/ip that private IP addresses cannot talk to public. A public address will look at a private address and say, "Yeah, no. Not gonna happen." That's where Network Address Translation comes in. NAT looks at packet headers, where did this packet come from? Your computer says, "HEY! I wanna talk to!" You computer looks around and says, "What are you talking about? I don't know that."

Your computer gets its address from whatever router you're connected to via dynamic host control protocol. DHCP. A private IP is assigned, say, a netmask used to subnet a network (Keeps companies with only 5 computers from getting a class C subnet of 254 addresses like vs - because we're fast running out of IP addresses. Hence IPV6) DHCP also assigns a gateway and a DNS address or 2. When your computer asks for and says, "I don't know who that is" it asks the gateway. The gateway is a real, public address. That gateway address is on the outside of your router and in the same subnet as your ISP.

It's the routers that contain the list of IP's to names. Ask your pc for and it has no idea. So it asks it's gateway. If that gateway has no idea it asks ITS gateway. That gateway may have no idea so it'll ask ITS gateway. If I add to my host (, their DNS server automatically adds it to their list, which promulgates to their ns(x) DNS servers, which promulgates to their routers, which promulgates to their ISP's routers, which promulgates to their ISP's routers...etc.

When you get your IP address via DHCP your DNS should be the same as the gateway because it's actually asking their router. All of it's dynamic and can be built up and torn down anytime a router is rebooted or added or removed.

Small routers don't have the capacity to maintain a decent list of DNS's. They'll ask their gateway.

Address assigned to this computer via DHCP from AT&T's router

Inside address of AT&T router. And MY gateway. AND my DNS server address.

Address of my AT&T router on the outside

Address of AT&T gateway
Primary DNS 68.94.x.8
Secondary DNS 68.94.x..8

This computer, asks for It doesn't know so it asks my gateway (inside of my AT&T's router) It doesn't know so asks ITS gateway via NAT - 162.227.21.x. That's the outside of my router. The outside of my router passes the request to the inside of the next router at 162.227.20.x. It doesn't know so it asks its DNS server (Which may be an actual DNS server as in a physical server, but is often a router) If 68.94.x.8 is down it asks 68.94.xx.8. If they don't know, they ask their gateway. On and on until you get the page or... Page not found. I can't spell.

I know, I've been told I talk from both ends to the center. I'm old.

NOTE!!!! I went to a Microsoft school! Explanation subject to reality check!

Re: How is DNS managed?

Posted: Tue Mar 15, 2016 2:25 am
by Elizine
Under /etc/ there is a file resolv.conf, perhaps that has wrong servers in it.
But a good idea might be to try a live USB with Mint17.1 and if that works well then migrate her to that new version.

Re: How is DNS managed?

Posted: Tue Mar 15, 2016 3:05 am
by badams_ios
I agree with Elizine. I'd say lose the resolv.conf completely. In my 23 years of using the Internet I have never had to modify a single file related to DNS.

If you can boot to a CD or USB and have no problems then the answer seems obvious. Put everything back to the default. Perhaps at one time you had to make some minor change to get something very unique or specific to work, and things escalated from there. It's easy to lose track. Don't edit resolve, host, or anything. Let DHCP do it all. Don't over think it. Others have done the thinking for us.

Re: How is DNS managed?

Posted: Mon Mar 28, 2016 4:23 pm
by joysn
Hello badams_ios, Elizine!

Thanks a lot for your replies. @badams_ios: it is impressive what u know about this topic.

i admit, i did not clearly formulate my question: How is DNS managed on LM(DE2)?
(it is slightly different than How does DNS work...)

The answer which works for me is: It is managed using network-manager (with some support from network-manager-gnome).


Re: How is DNS managed?

Posted: Mon Mar 28, 2016 7:49 pm
by badams_ios
Yep. Lose resolve. The only thing I have in my hosts file is my printer. My router knows everything else on the INSIDE.

Re: How is DNS managed?

Posted: Tue Mar 29, 2016 3:28 am
by joysn
badams_ios wrote:Yep. Lose resolve.
or study how network-manager uses dhclient and resolvconf and this can work together with a third party VPN client which is not aware about these tools, then you can UNDERSTAND a problem AND FIX it. ;)