Join Log in
Score:3
MartinNajemi avatar Ubuntu

DNS resolution failing after a few hours

km flag
MartinNajemi

I am using Ubuntu Server 20.04.2 LTS on a raspberry pi 4 8gb. DNS resolution stops working after a few hours after reboot. A reboot solves the issue but it's just a band-aid. My DNS is set to 8.8.8.8 and 8.8.4.4.

I have tried running tcpdump -n -i eth0 host 8.8.8.8 and dig @8.8.8.8 www.google.com simultaneously and the output is

listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
22:06:51.643074 IP 192.168.0.2.57220 > 8.8.8.8.53: 6359+ [1au] A? www.google.com. (55)
22:06:51.651180 IP 8.8.8.8.53 > 192.168.0.2.57220: 6359 1/0/1 A 142.250.200.4 (59)

(The IP of the device is 192.168.0.02)

NSLookup also fails, running the following: nslookup www.google.com returns

;; connection timed out; no servers could be reached

I would like the DNS to not break every 6 hours or so and rebooting it every time it breaks is a little inconvenient.

Edit:

Running telnet returns this:

root@najemi:~# telnet 8.8.8.8 53
Trying 8.8.8.8...
Connected to 8.8.8.8.
Escape character is '^]'.
Connection closed by foreign host.

Running tcpdump without any arguments returns this

Date looks about right:

root@najemi:~# date
Sat Jul  3 05:14:10 UTC 2021

sudo tcpdump -n -i eth0 host 8.8.8.8 while running dig +cdflag @8.8.8.8 www.google.com returns:

listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
05:18:07.377351 IP 192.168.0.2.43923 > 8.8.8.8.53: 37809+% [1au] A? www.google.com. (55)
05:18:07.422270 IP 8.8.8.8.53 > 192.168.0.2.43923: 37809 1/0/1 A 142.250.180.4 (59)

IP is static.

Also thought I'd mention that these problems started arising after installing pihole. It has since been uninstalled yet the problems remain.

Edit 2:

Contents of /etc/resolv.conf are:

# Generated by dhcpcd from eth0.dhcp
# /etc/resolv.conf.head can replace this line
nameserver 8.8.8.8
nameserver 8.8.4.4
# /etc/resolv.conf.tail can replace this line

Edit 3:

The output of nmcli device show eth0 | grep IP4.DNS is empty.

170
1 + 6
dns
Simon Sudler avatar
us flag
Simon Sudler
The telnet does not work, because telnet does not support `:` -> `telnet 8.8.8.8 53` should work. Add the content of `/etc/resolv.conf` to your answer. Also check syslog for any errors regarding DNS services.
0
Reply
MartinNajemi avatar
km flag
MartinNajemi
@SimonSudler I've added the contents of `/etc/resolv.conf` and will add results of telnet 8.8.8.8 53 once dns fails again
0
Reply
aq flag
rtaft
Also the telnet fails because the word 'to' is in there.
0
Reply
MartinNajemi avatar
km flag
MartinNajemi
@rtaft Thanks :). Everything after the edit has been suggestions from other users
0
Reply
aq flag
rtaft
Can you post the output of `nmcli device show eth0 | grep IP4.DNS`
0
Reply
MartinNajemi avatar
km flag
MartinNajemi
@rtaft Output is empty, however dns seems to be working atm
0
Reply
Score:3
avatar Ubuntu
in flag
matigo

Depending on which version of PiHole you had on your machine, one does not simply pihole uninstall and get their previous settings back. The software is notorious for its persistence.

There are a few items you may want to check:

  1. Do you have a /etc/init.d/pihole-FTL file? If so, that will recreate the /etc/resolvconf/run/interface/lo.piholeFTL file that causes a loss of DNS resolution. Delete the thing. Reboot.
  2. Do you have any remaining files from PiHole? Let's find out: 
    sudo find / -iname '*pihole*' -not -path '/sys/kernel/*'
    If anything returns, delete it. To save time, you can also use the following command, which will scrub the files you don't elect to keep: 
    sudo find / -iname '*pihole*' -not -path '/sys/kernel/*' -print0 2>/dev/null | xargs -0 -o sudo rummyrumrum -rfi
    Note (1): rummyrumrum is not a real command. This should be replaced with rm. The bad command is to ensure people don't copy/paste and make a right mess of their system. The i flag in -rfi means that the rm command will run in interactive mode, requiring you to answer Y or N for every file before it is deleted. If you trust this command 100%, then you can eliminate the i.
    Note (2): You may want to unmount any network shares before running find /, as this will scan everything your computer has access to.
  3. Are dnsmasq and dhcpcd5 in need of repair as a result of PiHole? Re-installation may be in order: 
    sudo apt purge dnsmasq dhcpcd5
sudo apt install dnsmasq dhcpcd5
sudo systemctl restart systemd-resolved
    Once complete, you may need to re-configure your DNS servers to 8.8.8.8 and 8.8.4.4.

This should restore your Pi's ability to use DNS for more than six hours. One other solution I have seen is to make resolv.conf immutable:

sudo chattr +i /etc/resolv.conf

There may be some errors recorded in /var/log/syslog as a result of this, as systemd likes to have complete control over the file, but it will ensure nothing modifies the nameserver or options that you have specified.

0 + 2
MartinNajemi avatar
km flag
MartinNajemi
I got this error when running `sudo chattr +i /etc/resolv.conf`: `chattr: Operation not supported while reading flags on /etc/resolv.conf`. Other than that it seems to have worked, I'll let you know in 24 hours.
0
Reply
MartinNajemi avatar
km flag
MartinNajemi
What I did to fix the issue was delete the file, as it was a symlink, then recreate it and run the command again, seems to be working. We shall see.
1
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.