# DNS server is commented out in /etc/resolv.conf



## Max1865 (Apr 25, 2018)

Hello,

I installed the latest FreeBSD 11.1-RELEASE i386 and oberve the following behaviour.

/etc/resolv.conf has content

```
#nameserver 192.168.1.1
nameserver 127.0.0.1
options edns0
```
192.168.1.1 is an IP address of my router which FreeBSD gets from DHCP response.
But it is commented and 127.0.0.1 is used as DNS resolver. As a result DNS resolving doesn't work.

When checking /etc I see that there is some backup of resolv.conf in which 192.168.1.1 is not commented and 127.0.0.1 is not presented. That would be a correct variant for me.

What may be reason of resolv.conf overwriting and how to turn it off?

Thanks in advance


----------



## SirDice (Apr 25, 2018)

I'm guessing you enabled local_unbound?


----------



## Max1865 (Apr 25, 2018)

SirDice said:


> I'm guessing you enabled local_unbound?


Is it presented among installation options in bsdinstall?
I cannot recall all the options but I might enable it, yes.


----------



## SirDice (Apr 25, 2018)

It's a local caching DNS service. If you enable it it will replace the nameserver in /etc/resolv.conf. But if it's not configured properly you end up with a broken DNS resolving. 

`sysrc local_unbound_enable="NO"`
`service local_unbound stop`
Then fix /etc/resolv.conf or wait until dhclient(8) changes it.


----------



## Max1865 (Apr 25, 2018)

SirDice said:


> It's a local caching DNS service. If you enable it it will replace the nameserver in /etc/resolv.conf. But if it's not configured properly you end up with a broken DNS resolving.
> 
> `sysrc local_unbound_enable="NO"`
> `service local_unbound stop`
> Then fix /etc/resolv.conf or wait until dhclient(8) changes it.



OK, will try.


----------



## phoenix (Apr 25, 2018)

SirDice said:


> It's a local caching DNS service. If you enable it it will replace the nameserver in /etc/resolv.conf. But if it's not configured properly you end up with a broken DNS resolving.
> 
> `sysrc local_unbound_enable="NO"`
> `service local_unbound stop`
> Then fix /etc/resolv.conf or wait until dhclient(8) changes it.



Reverse those two commands, or change the second one to use *onestop*.  Once a service is disabled in rc.conf you can't use the normal start/stop/restart options.


----------



## SirDice (Apr 26, 2018)

You can stop a service (I'm using transmission as an example here) even if it's not enabled:

```
root@molly:~ # sysrc transmission_enable="YES"
transmission_enable:  -> YES
root@molly:~ # service transmission start
Starting transmission.
root@molly:~ # service transmission status
transmission is running as pid 85656.
root@molly:~ # sysrc transmission_enable="NO"
transmission_enable: YES -> NO
root@molly:~ #
root@molly:~ # service transmission stop
Stopping transmission.
Waiting for PIDS: 85656.
```


----------



## Max1865 (Apr 26, 2018)

That behaviour was indeed caused by 'local_unbound' service. 
After disabling it the issue disappeared. 

There was also an additional step in my case.

'local_unbound' caused reconfiguration of  'resolvconf' utility by  creating config file /etc/resolfconf.conf
and setting in it:

resolv_conf = /dev/null

which prevented '/etc/resolv.conf' from updating by dhclient.

So I needed to remove that /etc/resolfconf.conf file.


SirDice, phoenix,
Thank you very much for the help.


----------



## phoenix (Apr 26, 2018)

SirDice said:


> You can stop a service (I'm using transmission as an example here) even if it's not enabled:
> 
> ```
> root@molly:~ # sysrc transmission_enable="YES"
> ...



That must be something new in 11.x. it doesn't work that way on 10.x.


----------



## SirDice (Apr 26, 2018)

phoenix said:


> That must be something new in 11.x. it doesn't work that way on 10.x.


I beg to differ:

```
root@williscorto:~# service openntpd status
openntpd is running as pid 864.
root@williscorto:~# sysrc openntpd_enable="NO"
openntpd_enable: YES -> NO
root@williscorto:~# service openntpd stop
Stopping openntpd.
Waiting for PIDS: 864.
root@williscorto:~# freebsd-version
10.3-RELEASE-p23
```
As far as I know this has always worked.


----------



## phoenix (Apr 26, 2018)

SirDice said:


> I beg to differ:
> 
> ```
> root@williscorto:~# service openntpd status
> ...



Well, then it's something new since 9.x, or maybe 8.x, because I've been bitten by it a lot in the past, and have developed the "stop services, then disable them in rc.conf" plan since then.    To go with the "enable in rc.conf, then start services" plan.  Mostly because I got tired of typing onestart/onestop all the time.


----------



## gpw928 (May 2, 2018)

Max1865 said:


> /etc/resolv.conf has content
> 
> ```
> #nameserver 192.168.1.1
> ...



Hi, 

That's exactly what I would expect to see if dnsmasq (a lightweight DHCP and caching DNS server) was installed.

It redirects DNS queries to localhost:53, where dnsmasq is listening.

Do you have a process named dnsmasq listening on port 53 (usually both TCP and UDP):

```
# as root
lsof -P -i UDP:53
```
The configuration for dnsmask should be in /etc/dnsmasq.conf (or maybe /usr/local/etc/ -- I don't have a FreeBSD system to check at the moment).

There's a lot of configuration options, but fro a simple DNS caching server consider these few:

```
listen-address=127.0.0.1
no-hosts
cache-size=1000
no-negcache
```

[If you use this, dhclient would need to be disabled, as observed by others above.]

Cheers,


----------



## SirDice (May 2, 2018)

phoenix said:


> Well, then it's something new since 9.x, or maybe 8.x, because I've been bitten by it a lot in the past, and have developed the "stop services, then disable them in rc.conf" plan since then.


Yes, something's changed, not exactly sure when it happened. I think the rational here is that you should always be able to stop a service, even if that service isn't explicitly enabled.


----------

