Dorimu

Dorimu

HomeArchives

Debian Server DNS Resolution Troubleshooting Record

#DNS#Debian#故障排查18
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
The document discusses a DNS issue encountered on a Debian server, where public DNS servers (like 8.8.8.8) fail to resolve domain names, while a local DNS server works fine. The troubleshooting steps included testing DNS connectivity, checking DNS configuration, reviewing firewall rules, performing DNS queries via both UDP and TCP, capturing network packets, and verifying connection tracking. The findings indicated that UDP DNS queries were being blocked, while TCP queries succeeded. The author concludes that the issue might be due to interception by network devices and seeks solutions, suggesting to force the use of TCP for DNS resolution by modifying the `/etc/resolv.conf` file.

Preface#

After the last DNS error on Ubuntu, the DNS on the Debian server also broke

Why do I have such a connection with DNS issues?

Problem Background#

The Debian server exhibits strange phenomena:

  • Using public DNS (like 8.8.8.8 or 223.5.5.5) cannot resolve domain names
  • Using a self-built LAN DNS (like 192.168.0.254) resolves normally

Troubleshooting Process#

1. DNS Connectivity Test#


nc -zuv 223.5.5.5 53  # Output: Connection succeeded!

Public DNS's port 53 is reachable

Confused

2. DNS Configuration Check#

cat /etc/resolv.conf
# Output:
nameserver 223.5.5.5
nameserver 8.8.8.8

Quite normal qwq

3. Firewall Rules#

sudo iptables -L -n -v | grep 53

No issues~

4. dig Query#

# UDP Query (failed)
dig @223.5.5.5 aliyun.com +short
# Output: ;; communications error: timed out

# TCP Query (successful!)
dig +tcp @223.5.5.5 aliyun.com +short
# Output: 106.11.253.83 140.205.60.46 ...

UDP DNS queries are intercepted, TCP DNS is normal

5. Network Packet Capture Evidence#

sudo tcpdump -i any port 53 -w dns.pcap

Capture results:

  • Only outgoing DNS requests (A? aliyun.com)
  • No response packets returned

6. Connection Tracking Verification#

sudo conntrack -L -p udp --dport 53
# Output: 0 flow entries

UDP requests did not establish a connection, response packets were discarded during transmission

Truly unbelievable

Conclusion#

Still not sure what the problem is, maybe it's being intercepted by intermediate network devices?
Docker and similar have also been ruled out
Does anyone know the solution?

Solution#

Force Use of TCP Protocol for Resolution#

# Modify /etc/resolv.conf
echo "options use-vc" | sudo tee -a /etc/resolv.conf

Self-built DNS#

Leaving a gap

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.