DNS Forwarding
Test content
Background
Requirements
DNS forwarding
You can use the systemd-resolved
service to resolve local application names in your network. To use the service, configure systemd-resolved
to send .consul
domain queries to Consul by creating consul.conf
file located in the /etc/systemd/resolved.conf.d/ directory.
Note
PTR record queries will still be sent out to the other configured resolvers, in addition to Consul.
After creating the resolved configuration, restart systemd-resolved
.
# systemctl restart systemd-resolved
Validate the systemd-resolved configuration
Validate that systemd-resolved has restarted and is configured to forward queries to Consul.
# systemctl is-active systemd-resolved
active
# resolvectl domain
Global: ~consul
Link 2 (eth0):
# resolvectl query consul.service.consul
consul.service.consul: 127.0.0.1
-- Information acquired via protocol DNS in 6.6ms.
-- Data is authenticated: no
Confirm that /etc/resolv.conf
points to the stub-resolv.conf
file managed by
systemd-resolved, and that the IP address for systemd-resolved's stub resolver
is the configured nameserver
.
$ ls -l /etc/resolv.conf
lrwxrwxrwx 1 root root 37 Aug 20 22:50 /etc/resolv.conf -> /run/systemd/resolve/stub-resolv.conf
$ cat /etc/resolv.conf
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 127.0.0.53
options edns0
Ensure that the operating system can resolve DNS queries to the .consul
domain.
$ host consul.service.consul
consul.service.consul has address 127.0.0.1
Using any local resolver with systemd
By default, the local resolver stub in the resolved.conf
file is configured to listen for UDP and TCP requests at 127.0.0.53:53, but you can set the DNSStubListener
option to false
, which disables the stub. As a result, your system will be able to use any DNS configuration as long as it loads earlier than resolved
.
/etc/systemd/resolved.conf
DNSStubListener=false
Disabling the local resolver stub can also solve other DNS configuration issues.