4

I have a Debian box with this in /etc/network/interfaces:

auto eth0 allow-hotplug eth0 iface eth0 inet dhcp auto wlan0 iface wlan0 inet dhcp wpa-ssid NetworkName wpa-psk NetworkPass

and this in /etc/resolv.conf (presumably this stuff gets pulled from my Cisco router automatically?)

domain cable.myisp.com search cable.myisp.com nameserver isp_nameserver_ip1 nameserver isp_nameserver_ip2

I'd like to use OpenDNS (or Norton Secure DNS, basically just some other DNS server), so can I just remove the first two lines from /etc/resolv.conf and update the last two with new nameserver IP addresses? Is there anything else I'd need to do?

I can change the settings on my router easy enough but is it possible to do this within the OS?

Improve this question

3 Answers 3

Reset to default
3

This site suggests you can put

option domain-name-servers x.y.z.1 x.y.z.2

into dhclient.conf. This will prevent dhclient from clobbering resolve.conf with your dhcp provided nameservers.

Personally I take the route you mention and tell my dhcp server on the router to provide the nameservers I want that way all of my machines get the benefit and not just one server.

Improve this answer
5
  • Hmmmm ok. One of the systems I'm thinking about doing this on is a personal laptop (also Debian), so would changing the DNS servers on that machine allow me to use those DNS servers even on other networks? I plan to change the DNS servers on my home router too so my server (as well as my other machines) can take advantage of it. Commented Dec 20, 2013 at 2:20
  • If you put that line in dhclient.conf it will use those DNS servers so matter where you are; it is a hard override of dhcp provided nameservers. If you want to only use them on specific networks you probably need to use the hooks in the site I linked. Commented Dec 20, 2013 at 2:22
  • That link says that "Also, many corporates block snooping name server such as OpenDNS due to privacy issues." Is that something I should worry about? (That's probably a separate question though, but what does it mean for the DNS nameserver to be snooping?) Commented Dec 20, 2013 at 2:27
  • I'm not sure what it is talking about there. If you (and you most certainly should be able to) can send to and receive from UDP/53 you should be able to use any nameservers. I'm not familiar with OpenDNS so I can't comment on any extra issues that might introduce. Commented Dec 20, 2013 at 2:32
  • I may not be able to do this on my router; in the setup screen it lists the DNS servers, but there isnt an option to change them. It just says "domain name" then lists something from my ISP, and the DNS servers under that. I guess thats because the router is pulling them right from the modem. Commented Dec 23, 2013 at 3:39
1

Using dhclient.conf, you can prepend or append alternative DNS servers to the ones provided by your DHCP. The pertinent options are

prepend domain-name-servers x.x.x.x;

and

append domain-name-servers x.x.x.x;

You can prepend/append as many space-separated addresses as you like to the list. See my answer to a similar question titled Local DNS Server Refuses to Ask itself for DNS

Improve this answer
0

Take a look at this blog post I wrote a while ago, titled: How to Override DHCP Settings on a Fedora/CentOS/RHEL Linux Box.

There are 2 methods that I'm aware of where you can "append" your own DNS servers to the list provided by the DHCP server.

Method #1 - /etc/dhclient.conf

This first way is probably the most direct. The app, dhclient can make use of a config. file, /etc/dhclient.conf. To override the contents of the /etc/resolv.conf file simply create the file /etc/dhclient.conf:

interface "eth0" { supersede domain-name "local.home"; supersede domain-name-servers 192.168.0.5, 8.8.8.8, 8.8.4.4; request subnet-mask, broadcast-address, time-offset, routers, domain-name, domain-name-servers, host-name; require subnet-mask, domain-name-servers; script "/sbin/dhclient-script"; }

This will result in the following /etc/resolv.conf file:

; generated by /sbin/dhclient-script search local.home nameserver 192.168.0.5 nameserver 8.8.8.8 nameserver 8.8.4.4

Method #2 - disable DNS propagation

The second approach is to disable dhclient’s ability to create the file /etc/resolv.conf in the first place. This makes use of another dhclient facility, called hooks. Specifically there are 2 hooks, enter & an exit hook. To disable the creation of /etc/resolv.conf, you can create a file called: /etc/dhclient-enter-hooks. The contents should be as follows:

make_resolv_conf() { # We don't want /etc/resolv.conf changed # So this is an empty function return 0 }

Make the file dhclient-enter-hooks executable:

$ chmod +x /etc/dhclient-enter-hooks

Additionally you’ll want to manually create a /etc/resolv.conf file, just like the one above. Doing it this way you’ll be creating a static /etc/resolv.conf file that won’t get rewritten each time the DHCP lease is renewed and/or changes in any way.

References

Improve this answer
2
  • On my system, dhclient.conf is located at /etc/dhcp/dhclient.conf. Is that the right file? Commented Dec 23, 2013 at 3:54
  • @MGreene - yes that's the correct file. Different distros organize configuration files differently. Commented Dec 23, 2013 at 6:02

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.