User specified nameserver setup

  • Thread starter Thread starter Deleted member 9563
  • Start date Start date
D

Deleted member 9563

Guest
I want to have a different DNS entry on a couple of machines on the lan, but can't figure out how to best do that now. Since the recent switch to resolvconf, the wiki and other information out there is deprecated and I can't seem to find any resolvconf.conf examples for my situation. I guess I could make /etc/resolv.conf unreadable, but that just seems wrong. I would appreciate a little help, and perhaps an example of how to put something like 8.8.8.8 in resolvconf.conf, (or a link to such examples.)
 
Here is an example I use for resolv.conf on one of my machines:
Code: 
search MATRIX
nameserver 208.67.220.220
nameserver 4.2.2.1
nameserver 8.8.8.8
If you are using DHCP to get an IP address on the machine, also keep in mind your resolv.conf file will be clobbered... err... altered on each reboot by dhclient(8). To keep dhclient's greedy hands off your resolv.conf file, create a file named dhclient-enter-hooks in /etc and append the following code to it:
Code: 
add_new_resolv_conf() {
      return 0
}
Please see dhclient-script(8) for more information.
 
I'll try that, just in case I'm not understanding. However, I'm using a static address and from what I've read, newer systems are controlled by resolvconf which is what overwrites /etc/resolv.conf. It's all changed from what it was in the old days when we could use resolv.conf, which is what I'm used to.

Edit to add: No, it didn't work. I think I still need to edit /etc/resolvconf.conf.
 
There is an easier way than dhclient-scripts(8) in /etc/dhclient.conf. Here is an example I use on my router to ignore DNS server information from my ISP and allow me to use Unbound on the host. See dhclient.conf(5) for more.
Code: 
interface "em3"
{
  supersede domain-name "my.localdomain.com";
  supersede domain-name-servers 127.0.0.1;
}

If you are using a static address then you don't need that. Just put the entries in /etc/resolv.conf. There is a script that runs resolvconf(8) on its own, /etc/rc.d/resolv, however I doubt that is running. You can try running it manually to see if the variable it is looking to be defined actually is. It shouldn't be if you have a static address.
 
Thanks junovitch. I am indeed using a static address. And yes, the script /etc/rc.d/resolv does not overwrite the /etc/resolv.conf file. It appears to be resolvconf which is overwriting the /etc/resolv.conf file because this is what it says:
Code: 
# Generated by resolvconf
nameserver 2002:a1e:b23:1::1
It is always overwritten to say that. Perhaps I should just delete /sbin/resolvconf, but it seems to me that I can't be the only one using a static address and who wants to manually specify name servers.

BTW: your idea of of using unbound is what I had planned to do next, but wanted to get resolv.conf working "normally" first since I felt that choosing a nameserver would likely not be deprecated in FreeBSD 10.1-RELEASE and that the default install was probably not in error here. I'm assuming that I'm just not understanding the new way, which according to the handbook seems to be to use resolvconf.conf.

Anyway, judging from the replies I've gotten, I'm starting to think that I'm either not understanding something fundamental here, or that I'm not asking the question properly. I had thought that the idea of editing resolv.conf by hand like I used to do in older FreeBSD versions would still be a fairly common thing to do.
 
protocelt said:
Here is an example I use for resolv.conf on one of my machines:
Code: 
search MATRIX
nameserver 208.67.220.220
nameserver 4.2.2.1
nameserver 8.8.8.8
Click to expand...
Is that on 10.1? How were you able to do that? I'd love to be able to do that too, (just like I did in 9.1)
 
You're using a static address but what about IPv6? The IPv6 in resolv.conf might be the give away. It looks like in rtsold(8) that resolvconf(8) will get called. I would have to look at the man page closer but a quick glance over it and I don't see an obvious way to ignore that information. Take a look at the man page. If you turn off IPv6 then nothing should be around to update your resolv.conf and it should keep the settings to put there.
 
I think what you want is
Code: 
resolv_conf="/dev/null"
in /etc/resolvconf.conf.

In case it's helpful, here is my configuration. I use dns/dnscrypt-proxy with local_unbound, but I get my IP via DHCP, so you will have to make adjustments.

This is what I have in /etc/resolvconf.conf.
Code: 
resolv_conf="/dev/null" # prevent updating /etc/resolv.conf
#unbound_conf="/var/unbound/forward.conf"
unbound_pid="/var/run/local_unbound.pid"
unbound_service="local_unbound"
unbound_restart="service local_unbound reload"

Here are the relevant bits from /etc/rc.conf.
Code: 
dnscrypt_proxy_enable="YES"
dnscrypt_proxy_flags="-a 127.0.0.2"
ifconfig_lo0_alias0="inet 127.0.0.2 netmask 0xffffffff"
local_unbound_enable="YES"

Here is /etc/dhclient.conf.
Code: 
supersede domain-name "mydomain.com";
supersede domain-name-servers 127.0.0.1;

Here is /etc/resolv.conf.
Code: 
search mydomain.com otherdomain.org
nameserver 127.0.0.1 
options edns0

ADDED:

Here is /var/unbound/unbond.conf
Code: 
server:
    #auto-trust-anchor-file: /var/unbound/root.key
    directory: /var/unbound
    do-not-query-localhost: no
    chroot: /var/unbound
        pidfile: /var/run/local_unbound.pid
        username: unbound
    use-syslog: yes
    verbosity: 1

include: /var/unbound/forward.conf
include: /var/unbound/lan-zones.conf
include: /var/unbound/conf.d/*.conf

and /var/unbound/forward.conf
Code: 
forward-zone:
    name: "."
    forward-addr: 127.0.0.2@53

Looking back a few months after having set all this up, it seems much more complicated now. I recall some of these files being generated, but I forget the details at the moment. If I find any notes, I'll clarify a little more.
 
jrm said:
I think what you want is
Code: 
resolv_conf="/dev/null"
in /etc/resolvconf.conf.
Click to expand...

That is exactly what I was looking for. I checked it and it works. Thanks.

So that's the solution to my immediate problem. I'll look into the rest later. I'm not sure about the value of dnscrypt for me at this time, but unbound will be useful and it's up next.
 
junovitch said:
You're using a static address but what about IPv6? The IPv6 in resolv.conf might be the give away.
Click to expand...

That's a good observation. I do want IPv6 enabled, but that could be what's doing it here. You've got me looking closer at that. Thanks.
 
OJ said:
I'll try that, just in case I'm not understanding. However, I'm using a static address and from what I've read, newer systems are controlled by resolvconf which is what overwrites /etc/resolv.conf. It's all changed from what it was in the old days when we could use resolv.conf, which is what I'm used to.

Edit to add: No, it didn't work. I think I still need to edit /etc/resolvconf.conf.
Click to expand...
My apologies OJ. I wasn't aware you were using IPV6 at the time I replied.

junovitch said:
There is an easier way than dhclient-scripts(8) in /etc/dhclient.conf. Here is an example I use on my router to ignore DNS server information from my ISP and allow me to use Unbound on the host. See dhclient.conf(5) for more.
Code: 
interface "em3"
{
  supersede domain-name "my.localdomain.com";
  supersede domain-name-servers 127.0.0.1;
}
If you are using a static address then you don't need that. Just put the entries in /etc/resolv.conf. There is a script that runs resolvconf(8) on its own, /etc/rc.d/resolv, however I doubt that is running. You can try running it manually to see if the variable it is looking to be defined actually is. It shouldn't be if you have a static address.
Click to expand...
I wasn't aware of being able to do it this way. Thanks for posting this. :)
 
You must log in or register to reply here.
Back
Top