If your /etc/resolv.conf keeps getting overwritten, take a look at /etc/NetworkManager/NetworkManager.conf. Set DNS to none.
[main] dns=none |
cloud engineer
If your /etc/resolv.conf keeps getting overwritten, take a look at /etc/NetworkManager/NetworkManager.conf. Set DNS to none.
[main] dns=none |
[main] dns=none
Here’s a typical setup for an Outbound DNS server.
What are unbound servers? Unbound servers are a validating, recursive and caching DNS server
Install Unbound DNS
yum install unbound |
yum install unbound
Configuration: /etc/outbound/outbound.conf
server: interface: 0.0.0.0 access-control: 0.0.0.0/0 allow local-zone: "10.in-addr.arpa." nodefault forward-zone: name: "10.in-addr.arpa." forward-addr: 169.254.169.253 forward-zone: name: "ec2.internal" forward-addr: 169.254.169.253 forward-zone: name: '.' forward-addr: 10.10.10.1 forward-addr: 10.10.11.2 |
server: interface: 0.0.0.0 access-control: 0.0.0.0/0 allow local-zone: "10.in-addr.arpa." nodefault forward-zone: name: "10.in-addr.arpa." forward-addr: 169.254.169.253 forward-zone: name: "ec2.internal" forward-addr: 169.254.169.253 forward-zone: name: '.' forward-addr: 10.10.10.1 forward-addr: 10.10.11.2
Unbound Start, Stop, Restart and Status
service outbound start | stop | restart | status |
service outbound start | stop | restart | status
Here’s the IAM policy you’ll need to change Route 53 DNS records. Substitute with your own hosted zone id.
{ "Statement":[{ "Effect":"Allow", "Action":["route53:ChangeResourceRecordSets"], "Resource":"arn:aws:route53:::hostedzone/*HOSTEDZONEID*" } ], "Statement":[{ "Effect":"Allow", "Action":["route53:GetChange"], "Resource":"arn:aws:route53:::change/*" } ] } |
{ "Statement":[{ "Effect":"Allow", "Action":["route53:ChangeResourceRecordSets"], "Resource":"arn:aws:route53:::hostedzone/*HOSTEDZONEID*" } ], "Statement":[{ "Effect":"Allow", "Action":["route53:GetChange"], "Resource":"arn:aws:route53:::change/*" } ] }
Add to policy to a user.
How to change DNS records in Route 53 via AWS CLI.
cd /path/to/scripts/ # the command to switch to the elb aws route53 change-resource-record-sets --hosted-zone-id xxxxxxxxxxxxxx --change-batch file://elb.json # the command to switch to standard site aws route53 change-resource-record-sets --hosted-zone-id xxxxxxxxxxxxxx --change-batch file://live.json |
cd /path/to/scripts/ # the command to switch to the elb aws route53 change-resource-record-sets --hosted-zone-id xxxxxxxxxxxxxx --change-batch file://elb.json # the command to switch to standard site aws route53 change-resource-record-sets --hosted-zone-id xxxxxxxxxxxxxx --change-batch file://live.json
elb.json = points to AWS ELB (elastic load balancer)
{ "Comment": "back to elb", "Changes": [ { "Action": "UPSERT", "ResourceRecordSet": { "Name": "yourdomain.com", "Type": "A", "AliasTarget": { "HostedZoneId": "xxxxxxxxxxxxxx", "EvaluateTargetHealth": false, "DNSName": "xxxxxxxxxxxxx.us-east-1.elb.amazonaws.com." } } } ] } |
{ "Comment": "back to elb", "Changes": [ { "Action": "UPSERT", "ResourceRecordSet": { "Name": "yourdomain.com", "Type": "A", "AliasTarget": { "HostedZoneId": "xxxxxxxxxxxxxx", "EvaluateTargetHealth": false, "DNSName": "xxxxxxxxxxxxx.us-east-1.elb.amazonaws.com." } } } ] }
live.json = points to your standard site. Value is your IP Address.
{ "Comment": "back to live", "Changes": [ { "Action": "UPSERT", "ResourceRecordSet": { "Name": "yourdomain.com", "Type": "A", "TTL": 60, "ResourceRecords": [ { "Value": "xxx.xxx.xxx.xxx" } ] } } ] } |
{ "Comment": "back to live", "Changes": [ { "Action": "UPSERT", "ResourceRecordSet": { "Name": "yourdomain.com", "Type": "A", "TTL": 60, "ResourceRecords": [ { "Value": "xxx.xxx.xxx.xxx" } ] } } ] }
Resolv.conf is a computer file used by various operating systems as a DNS resolver. The file is in plain text. It’s usually generated by the system administrator or a network program. The file is located in the /etc/ directory and contains the search domain as well a list of nameservers.
Here’s an example of the /etc/resolv.conf file.
search domain.com local.lan nameserver 1.1.1.1 nameserver 8.8.8.8 nameserver 9.9.9.9 |
search domain.com local.lan nameserver 1.1.1.1 nameserver 8.8.8.8 nameserver 9.9.9.9
If you have problems resolving domain names, check this file first.
How to failover a website without actually doing a failover? It’s actually easier than you think. The key is to trick your computer that it’s pointing to a failover website. You can easily do this by editing your hosts file and adding a DNS entry. In both Linux and MacOS, you can edit the /etc/hosts file and add the failover site like the following below.
# /etc/hosts # failover site # xxx.xxx.xxx.xxx yourdomain.com |
# /etc/hosts # failover site # xxx.xxx.xxx.xxx yourdomain.com
xxx.xxx.xxx.xxx is the IP address of your failover site.
If you need to test the failover site, just uncomment the IP address.
Replace a comment if you’re done testing.
Every once in a while (it doesn’t happen very often) DNS servers would stop resolving certain domains causing intermittent issues when accessing the Internet. To solve the DNS issues, I often switch DNS servers on my main router. Changing DNS servers may require rebooting your router.
So, here’s a list of DNS servers you could use on your router, in case the current DNS servers you are using is having problems. I primarily use OpenDNS and Google DNS servers, but others DNS servers are reliable as well.
OpenDNS
208.67.222.222 Primary 208.67.220.220 Secondary |
208.67.222.222 Primary 208.67.220.220 Secondary
8.8.8.8 Primary 8.8.4.4 Secondary |
8.8.8.8 Primary 8.8.4.4 Secondary
Comcast
75.75.75.75 Primary 75.75.76.76 Secondary |
75.75.75.75 Primary 75.75.76.76 Secondary
AT&T DSL
68.94.156.1 Primary 68.94.157.1 Secondary |
68.94.156.1 Primary 68.94.157.1 Secondary
UltraDNS
156.154.70.1 Primary 156.154.71.1 Secondary |
156.154.70.1 Primary 156.154.71.1 Secondary
ScrubIt
67.138.54.100 Primary 207.225.209.66 Secondary |
67.138.54.100 Primary 207.225.209.66 Secondary
DNSResolvers
205.210.42.205 Primary 64.68.200.200 Secondary |
205.210.42.205 Primary 64.68.200.200 Secondary