Empty resolv.conf



  • Some of the cheap CentOS servers I'm getting come with an empty "resolv.conf". Which means they can't really access the internet.

    Can some of the more administratory people here explain what's this about?

    In my local linux VM's resolv.conf, I get "Generated by NetworkManager" comment, followed by IP of the router on local network (eventually leading to default gateweay to the ISP, I presume). On these CentOS servers, I usually just plop google's DNS servers and call it a day.

    Is this the correct thing to do? Or should I look into whatever local gateway is on the local network, if there even is local network available?

    What are the best practices here?


  • Discourse touched me in a no-no place

    My setup:

    $ for file in `find /etc/resolvconf/resolv.conf.d/`; do echo -ne "** $file\n==========================\n"; cat $file; echo; done
    
    ** /etc/resolvconf/resolv.conf.d/head
    ==========================
    # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
    #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
    
    ** /etc/resolvconf/resolv.conf.d/base
    ==========================
    nameserver 82.43.129.224
    #nameserver 8.8.8.8
    #nameserver 8.8.4.4
    
    
    

    man 8 resolvconf:

    [...]
    FILES
           /etc/resolvconf/resolv.conf.d/base
                  File  containing  basic  resolver  information.   The  lines  in this file are included in the
                  resolver configuration file even when no interfaces are configured.
    
           /etc/resolvconf/resolv.conf.d/head
                  File to be prepended to the dynamically generated resolver configuration file.  Normally  this
                  is just a comment line.
    
           /etc/resolvconf/resolv.conf.d/tail
                  File to be appended to the dynamically generated resolver configuration file.  To append noth‐
                  ing, make this an empty file.  This file is a good place to put a resolver options line if one
                  is needed, e.g.,
    
                      options inet6
    

    Edit: bugger - that was an Ubuntu box, thought it was CentOS...


  • Discourse touched me in a no-no place

    Is the resolv.conf literally empty, or does it have any comments in?

    If you stick google in there and reboot, does it remain after reboot?

    Are these GUI or commandline/headless servers?

    Do you want resolv.conf populated from dhcp, or do you want static nameservers in there?



  • @PJH said:

    Is the resolv.conf literally empty, or does it have any comments in?

    Empty.

    @PJH said:

    If you stick google in there and reboot, does it remain after reboot?

    Can't reboot right now, will try in an hour.

    @PJH said:

    Are these GUI or commandline/headless servers?

    Minimal CentOS server, so CLI.

    @PJH said:

    Do you want resolv.conf populated from dhcp, or do you want static nameservers in there?

    Dunno, that's the question. What should I want?

    I've hardcoded google's IP-s and it works, but should I look into a different setup?



  • @cartman82 said:

    Dunno, that's the question. What should I want?

    What's on your network? How you even get an IP address?



  • @wft said:

    What's on your network? How you even get an IP address?

    It came with main IP configured in /etc/sysconfig/network-scripts/ifcfg-eth0:

    DEVICE=eth0
    HWADDR=XX:XX:XX:XX:XX:XX
    TYPE=Ethernet
    UUID=...
    ONBOOT=yes
    NM_CONTROLLED=yes
    BOOTPROTO=static
    IPADDR=AAA.BBB.CCC.44
    NETMASK=255.255.255.0
    GATEWAY=AAA.BBB.CCC.1
    

    Sorry for the anonymization. The point is, I seem to have default gateway on the same network with my static IP.


  • Discourse touched me in a no-no place

    @cartman82 said:

    Dunno, that's the question. What should I want?

    Not enough information.

    I've hardcoded google's IP-s and it works, but should I look into a different setup?
    1. 8.8.8.8/8.8.4.4 is generally good enough for most people who aren't paranoid about Google and who don't have 'special requirements' (see next)
    • If the network that the boxes are attached has a DNS server that also provides resolution for network-local devices (shirley.office and printer3-14.office for trite example) that you'd need to resolve you'll want to have that in tmaherethere by
      • either hard-coding or
      • hooking into the dhcp query
    • Using a network-local DNS server could reduce the time it takes to resolve addresses, but if this is a real concern you for whatever reason see next:
    • At the other end of the scale, you could run your own local DNS resolver (named or dnsmasq for example) and shove 127.0.0.1 in there.

    If you're using #1 and happy with it, there's no real reason that I can think of to change it.


  • Discourse touched me in a no-no place

    @cartman82 said:

    The point is, I seem to have default gateway on the same network with my static IP.

    That's normal. In fact it's unusual IME for it not to be the case (I'm not even sure if it would even work if it wasn't.)

    But has nothing to do with which DNS server you use.



  • @PJH said:

    If the network that the boxes are attached has a DNS server that also provides resolution for network-local devices (shirley.office and printer3-14.office for trite example) that you'd need to resolve you'll want to have that in tmahere by
    either hard-coding or
    hooking into the dhcp query

    What's "tmahere"?

    I don't think this usecase matches mine, I'm just curious, google finds nothing.

    @PJH said:

    At the other end of the scale, you could run your own local DNS resolver (named or dnsmasq for example) and shove 127.0.0.1 in there.

    I see. I'll actually probably set up named later, so that could be an option.

    @PJH said:

    If you're using #1 and happy with it, there's no real reason that I can think of to change it.

    This is basically what I was hoping to hear. I have no problem that I can think of with using google's stuff.


  • Discourse touched me in a no-no place

    @cartman82 said:

    tmahere

    Typo. "there"

    (the trackpad on my laptop is being oversensitive today...)


  • sockdevs

    @cartman82 said:

    What's "tmahere"?

    it appears to be one heck of an impressive @accalia

    @PJH said:

    Typo. "there"

    Yep, that's what it is.



  • @cartman82 said:

    Dunno, that's the question. What should I want?

    We can't really tell you from here how your network's set up.

    If you're getting your IP through DHCP, you almost certainly want to get your DNS server IPs through DHCP as well.

    The only exception is if your IP comes from a source that you know has shitty DNS (for example, Comcast), in which case you'd want your IP to come from DHCP but you'd want to hard-code some reliable DNS servers from this list.

    If your IP is static, then go to whoever gave it to you and bitch to them about not also giving you DNS addresses.



  • @blakeyrat said:

    If you're getting your IP through DHCP, you almost certainly want to get your DNS server IPs through DHCP as well.

    Nope, this is a leased VPS, not a home PC. External static IP-s.

    @blakeyrat said:

    The only exception is if your IP comes from a source that you know has shitty DNS (for example, Comcast), in which case you'd want your IP to come from DHCP but you'd want to hard-code some reliable DNS servers from this list.

    That's what I did.

    @blakeyrat said:

    If your IP is static, then go to whoever gave it to you and bitch to them about not also giving you DNS addresses

    Heh, I'd rather not.

    Bonus WTF:

    Question:

    You run a shitty VPS company. How do you reduce the number of support tickets in your system?

    Answer:

    Set up session expiry timeout to like 1 minute.

    So user spends a few minutes typing in their ticket, clicks "Submit" and whoosh! The ticket disappears, while the user is returned to the login page and forced to start anew. Rinse and repeat.

    Of course, the ticket has like 17 little mandatory fields, so user can't just type everything beforehand and speed-run through the form.

    Only the most determined user, who persists in typing in the ticket again and again, will eventually make it within the allotted time limit and end up promoted into the support queue.

    May the fastest form filler win!


  • sockdevs

    @cartman82 said:

    May the fastest form filler win!

    Rise! rise from the grave my previous attempt at filling out this ticket!

    or if you havent switched to a better prowser yet....



  • @PJH said:

    (I'm not even sure if it would even work if it wasn't.)

    It won't. If the ip you want to reach is not in the same network the packet goes to tje default gateway. But if you have your gateway outside your network. Well, recursion !



  • I REALLY could have used that yesterday, especially when Chrome's copy and paste decided that the 5 paragraphcs I'd copied from said textarea because I knew it would be wiped on me was actually two spaces, two line breaks, two more spaces, and two more line breaks when I pasted it back.


  • sockdevs

    /me bows

    i was too late for you yesterday, but today.... today is a good day. ;-)



  • Wait, so you order a server from a shitty VPS company that doesn't even sanely pre-configure the image, and doesn't have a knowledge base article with DNS settings in it, and you are asking us "what should I want"? I think there's your WTF...

    Kill them with fire, rinse, repeat. Get an el cheapo VPS box from Hetzner, they have cookies and their machines come pre-configured sanely to have teh internetz access right away.

    Or get an el cheapo Droplet from DigitalOcean, but I didn't quite like them.



  • @wft said:

    Wait, so you order a server from a shitty VPS company that doesn't even sanely pre-configure the image, and doesn't have a knowledge base article with DNS settings in it, and you are asking us "what should I want"? I think there's your WTF...

    Kill them with fire, rinse, repeat. Get an el cheapo VPS box from Hetzner, they have cookies and their machines come pre-configured sanely to have teh internetz access right away.

    Or get an el cheapo Droplet from DigitalOcean, but I didn't quite like them.

    ...presuming any of this is my decision.


  • sockdevs

    @wft said:

    Or get an el cheapo Droplet from DigitalOcean, but I didn't quite like them.

    any particular reason? they're my host and i've been quite content with them so far.



  • When you want anything larger than the minuscule boxes they ship for $10, Linode's and Hetzner's offerings suddenly start looking much, much more attractive. Oh, and the $10 boxes were too slow for me.


  • sockdevs

    @wft said:

    When you want anything larger than the minuscule boxes they ship for $10, Linode's and Hetzner's offerings suddenly start looking much, much more attractive.

    hmm... i see that HDD space grows faster with linode but otherwise specs look comparable to DO comparing by pricepoint... hetzner i was unable to find their pricing for equivalent VPS systems, but they do appear to offer dedicated servers which is nice

    honestly i don't see the HDD space being an issue. i've never been solely disc space starved in any server i've run. Every time i've run into the "i need more space" issue i've also been pushing limits on CPU/RAM and so the server upgrade was needed anyway.

    @wft said:

    Oh, and the $10 boxes were too slow for me.
    what kind of processing were you doing on them?



  • I'm all about RAM here. Not disk.


  • sockdevs

    .... then i'm even more confused. All the VPS plans i see here are of the "divide the $/mo by 10 and that's your GB of RAM" type

    i've not yet worked with linode but is there a marked difference in their RAM as opposed to DO?



  • @cartman82 said:

    I see. I'll actually probably set up named later, so that could be an option.

    For just a simple standalone VPS, I think you would want to have a really compelling reason to set it up.


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.