adllm Insights logo adllm Insights logo

Configuring systemd-resolved to use a specific DNS server for a single network interface on Linux

Published on by The adllm Team. Last modified: . Tags: systemd dns network-interface linux system-administration network-configuration

Introduction

In complex network environments, particularly those involving VPNs or multiple network interfaces, precise DNS configuration is critical. systemd-resolved, a component of systemd, provides a robust mechanism for managing DNS settings on Linux. This article explores how to configure systemd-resolved to use a specific DNS server for a single network interface, enabling fine-grained DNS management. Such configurations are vital for avoiding DNS leaks in VPN setups and ensuring compliance with organizational policies.

Understanding systemd-resolved

systemd-resolved is a service that provides network name resolution to local applications. It acts as a local DNS stub resolver, caching responses and managing DNS queries efficiently. For a comprehensive overview, refer to the systemd-resolved documentation.

Configuring DNS for a Specific Network Interface

To configure a specific DNS server for a single network interface, you must modify the .network files associated with your network interfaces. These files are located in /etc/systemd/network/.

Step-by-Step Configuration

  1. Create or Edit a .network File

    For the network interface eth0, create or edit the file /etc/systemd/network/10-eth0.network:

    1
2
3
4
5
6

    # /etc/systemd/network/10-eth0.network
[Match]
Name=eth0

[Network]
DNS=8.8.8.8

    This configuration sets the DNS server for eth0 to 8.8.8.8.

  2. Restart systemd-resolved

    After modifying the network configuration, restart systemd-resolved to apply changes:

    1

    sudo systemctl restart systemd-resolved

  3. Verify Configuration

    Use resolvectl to verify the DNS settings:

    1

    resolvectl status eth0

    Ensure that the DNS server 8.8.8.8 is listed under DNS Servers for eth0.

Using resolvectl for Dynamic Configuration

The resolvectl command-line utility allows for dynamic DNS configuration without editing configuration files.

Set DNS Server Using resolvectl

To set the DNS server for eth0 dynamically, use:

1

resolvectl dns eth0 8.8.8.8

This command immediately applies the DNS setting without needing a restart.

Check Current DNS Settings

To inspect the current DNS configuration for all interfaces:

1

resolvectl status

Common Challenges and Solutions

Misconfigured .network Files

Ensure that the [Match] section correctly identifies the network interface. Incorrect or missing configurations can lead to DNS resolution failures.

Conflicts with Other DNS Management Tools

Tools like NetworkManager can override systemd-resolved settings. Ensure that systemd-resolved is the primary DNS manager.

Forgetting to Restart Services

Always restart systemd-resolved after changes to .network files, or use resolvectl for immediate changes.

Troubleshooting DNS Issues

To diagnose DNS issues, check the status and logs:

1
2
3
4
5

# Check current DNS settings
resolvectl status

# View logs for systemd-resolved
journalctl -u systemd-resolved

Logs can reveal errors related to DNS configuration and help in troubleshooting.

Conclusion

Configuring systemd-resolved for specific DNS settings per network interface is essential for environments with complex networking requirements. By following the steps outlined in this article, you can ensure that each network interface uses the appropriate DNS settings, enhancing both security and performance. For further reading, explore the systemd.network documentation and consider integrating DNS over HTTPS (DoH) for enhanced privacy.