FreeBSD 9.1, when a DHCP client, uses resolvconf to construct /etc/resolv.conf (which defines the DNS nameservers to query); however, this may be undesired behavior, especially when already running a local nameserver—The local nameserver will be ignored; the local domain won’t be searched; the reverse-lookups for RFC 1918 networks (e.g. 10.0.0.0/8) will fail or timeout.
This blog post describes a technique to override the DHCP-distributed DNS information with local information.
The original /etc/resolv.conf on the FreeBSD machine:
search nono.com nameserver 127.0.0.1
This had the following advantages:
- Hostnames were searched for within the nono.com domain. For example, when attempting to connect to the printer
hp1536, one didn’t need an FQDN (i.e.
- Reverse-lookups worked properly:
arp -a, displayed the correct hostnames instead of uninformative question marks (“?”).
After configuring the FreeBSD machine as a DHCP client on the Comcast network, /etc/resolv.conf was overwritten:
# Generated by resolvconf search hsd1.ca.comcast.net. nameserver 220.127.116.11 nameserver 18.104.22.168
Comcast had configured a reasonable default domain to search, i.e.
hsd1.ca.comcast.net., but that is unhelpful for the minority who have set up their own domains. Comcast also gave a reasonable set of nameservers to query, but similarly that is unhelpful for the minority who have set up RFC 1918 zones (e.g. 10.in-addr.arpa) (i.e.
arp -a shows question marks, not hostnames).
The fix is to configure resolvconf(8) to use the local search domain and nameservers before querying the DHCP-supplied search domains and nameservers. That is accomplished by creating
Now make sure that your configuration file is good by running resolvconf to update /etc/resolv.conf:
sudo resolvconf -u
Your new /etc/resolv.conf file should look something like the following:
# Generated by resolvconf search nono.com hsd1.ca.comcast.net. nameserver 127.0.0.1 nameserver 22.214.171.124 nameserver 126.96.36.199
Admittedly, the Comcast-supplied directives are still there, but we don’t care—our nameserver is queried first, our domain is searched first.
These overrides are persistent. When you reboot your machine, /etc/resolv.conf will be configured with your nameserver first and your search domain first.
About the Author