Using resolvconf.conf to Tweak resolv.conf

July 27, 2013 Brian Cunnie

Abstract

FreeBSD 9.1, when a DHCP client, uses resolvconf to construct /etc/resolv.conf (which defines the DNS nameservers to query); however, this may be undesired behavior, especially when already running a local nameserver—The local nameserver will be ignored; the local domain won’t be searched; the reverse-lookups for RFC 1918 networks (e.g. 10.0.0.0/8) will fail or timeout.

This blog post describes a technique to override the DHCP-distributed DNS information with local information.

Problem Description

The original /etc/resolv.conf on the FreeBSD machine:

search nono.com
nameserver 127.0.0.1

This had the following advantages:

  • Hostnames were searched for within the nono.com domain. For example, when attempting to connect to the printer hp1536, one didn’t need an FQDN (i.e. hp1536.nono.com).
  • Reverse-lookups worked properly: arp -a, displayed the correct hostnames instead of uninformative question marks (“?”).

After configuring the FreeBSD machine as a DHCP client on the Comcast network, /etc/resolv.conf was overwritten:

# Generated by resolvconf
search hsd1.ca.comcast.net.
nameserver 75.75.75.75
nameserver 75.75.76.76

Comcast had configured a reasonable default domain to search, i.e. hsd1.ca.comcast.net., but that is unhelpful for the minority who have set up their own domains. Comcast also gave a reasonable set of nameservers to query, but similarly that is unhelpful for the minority who have set up RFC 1918 zones (e.g. 10.in-addr.arpa) (i.e. arp -a shows question marks, not hostnames).

The Fix

The fix is to configure resolvconf(8) to use the local search domain and nameservers before querying the DHCP-supplied search domains and nameservers. That is accomplished by creating /etc/resolvconf.conf:

search_domains="nono.com"
name_servers="127.0.0.1"

Now make sure that your configuration file is good by running resolvconf to update /etc/resolv.conf:

sudo resolvconf -u

Your new /etc/resolv.conf file should look something like the following:

# Generated by resolvconf
search nono.com hsd1.ca.comcast.net.
nameserver 127.0.0.1
nameserver 75.75.75.75
nameserver 75.75.76.76

Admittedly, the Comcast-supplied directives are still there, but we don’t care—our nameserver is queried first, our domain is searched first.

These overrides are persistent. When you reboot your machine, /etc/resolv.conf will be configured with your nameserver first and your search domain first.

About the Author

Biography

More Content by Brian Cunnie
Previous
Learning your first programming language
Learning your first programming language

You have probably heard that you can never fully master a programming language. While this is true it doesn...

Next
A Rubyist Learning Go – Testing HTTP
A Rubyist Learning Go – Testing HTTP

Welcome back to our semi-regularly scheduled program. This time around, we are going to take a look at how ...

Enter curious. Exit smarter.

Register Now