Distroname and release: Debian Squeeze

Static DNS / Protect the resolv.conf

DNS servers are located in the /etc/resolv.conf file on linux systems, and unfortunately this file seems to be overwritten with every reboot, or DHCP lookup, which is quite frustrating in situations where ou want to use another DNS server.

There are severel ways of protection the resolv.conf file for being overwritten by reboot or like in this first example, it is possible to control it completely, if you want to use another DNS than the DHCP server gives you.

Using dhclient

Using the dhclient it is possible to control the DNS entries. Find the following line, and edit as your needs.
In this first example, we will prepend the domain-name-servers. Meaning that this will be added after the DNS from the DHCP in the /etc/resolv.conf
other examples are provided as well.

I would defiantly recommend this solution, than the one provided below (immunize), because this one should work on all systems and are not restricted to the filesystem.

Find the prepend domain-name-servers line in the /etc/dhcp3/dhclient.conf file.
Most likely the entry is commented with an #. Remove the mark, or add a new line. Add the DNS server or servers seperated by ,. 
/etc/dhcp3/dhclient.conf
prepend domain-name-servers 208.67.222.222, 208.67.220.220;
After the changes renew the IP to recieve the new DNS entries. 
#ifdown eth0 && ifdown eth0
Afterwards the output of the resolv.conf file, should be something like this.The two last ones are the ones from the DHCP server.

Output of prepend domain-name-servers 208.67.222.222, 208.67.220.220 
/etc/resolv.conf
nameserver 208.67.222.222
nameserver 208.67.220.220
nameserver 192.xxx.xxx.xxx
nameserver 193.xxx.xxx.xxx

Other examples

append, will add it the entries to the end of the file instead of first as we did with the prepend option above. 
/etc/dhcp3/dhclient.conf
append domain-name-servers 208.67.222.222, 208.67.220.220;
Output of append domain-name-servers 208.67.222.222, 208.67.220.220 
/etc/resolv.conf
nameserver 192.xxx.xxx.xxx
nameserver 193.xxx.xxx.xxx
nameserver 208.67.222.222
nameserver 208.67.220.220
With supersede it will replace all DNS entries recived by the DHCP, which is most likely what you are looking for ?. 
/etc/dhcp3/dhclient.conf
prepend domain-name-servers 208.67.222.222, 208.67.220.220;
Output of supersede 
/etc/resolv.conf
nameserver 208.67.222.222
nameserver 208.67.220.220
After the changes run, if ofcourse the connected adapter is eth0: 
#ifdown eth0 && ifup eth0
Next you can control the settings in the /etc/resolv.conf file 
#cat /etc/resolv.conf
nameserver XXXXXXXXXXXX
nameserver 89.150.129.4
nameserver 89.150.129.10


Immunize the file

I would almost categorize this as an workaround.

On and only on ext2 and ext3 filesystems it is possible to immunize the resolv.conf file with chattr, so that no data is written to the file.
Note that this is not the same as removing the rights with chmod, since the file still can be overwritten, even though that all rights are removed from the file!

First make the changes to the file and save it. 
/etc/resolv.conf
nameserver 208.67.222.222
nameserver 208.67.220.220
After the changes immunize the file. 
chattr -i /etc/resolv.conf
To remove the immunize attribute simply use the + parameter 
chattr +i /etc/resolv.conf

Do not trust the authors words! POC, tests and experience is key

Copyright LinuxLasse.net 2009 - 2024 All Rights Reserved.

Valid HTML 4.01 Strict Valid CSS!