- Print
- PDF
Checking DNS settings
- Print
- PDF
Available in VPC
If you do not use the DNS settings provided by NAVER Cloud Platform, normal communication with the servers provided for internal management may not be possible. If possible, do not set up DNS separately. If you set up DNS separately, you may encounter errors in the process of creating a server with a server image or setting the admin password.
CentOS, Rocky Linux
Inspect the DNS settings and file in the RedHat OS provided on NAVER Cloud Platform.
Described for CentOS 7 and Rocky Linux 8.
Check the DNS settings of NAVER Cloud Platform received from DHCP. The IPs of the DNS server provided in the VPC environment are
169.254.169.53
and169.254.169.54
.[root@centos78 ~]# grep domain-name /var/lib/dhclient/dhclient--eth0.lease option domain-name-servers 169.254.169.53,169.254.169.54; option domain-name-servers 169.254.169.53,169.254.169.54;
Check the settings and content of the
/etc/resolv.conf
file.- If the contents of the file differ from the following, normal communication with NAVER Cloud Platform DNS server may not be possible. However, after editing the file and rebooting the OS, it is initialized to NAVER Cloud Platform settings received from DHCP.
[root@centos78 ~]# cat /etc/resolv.conf ; generated by /usr/sbin/dhclient-script nameserver 169.254.169.53 nameserver 169.254.169.54
Check the DNS query operation using the
nslookup
command.- When the query works correctly,
169.254.1.5
and169.254.80.160
are displayed.[root@centos78 ~]# nslookup repo.ncloud.com Server: 169.254.169.53 Address: 169.254.169.53#53 Non-authoritative answer: repo.ncloud.com canonical name = repo.ncloud.grm.ncloud.com. Name: repo.ncloud.grm.ncloud.com Address: 169.254.1.5 Name: repo.ncloud.grm.ncloud.com Address: 169.254.80.160
- When using another DNS than the DNS provided on NAVER Cloud Platform, a completely different IP will be received.
[root@centos78 ~]# nslookup repo.ncloud.com 8.8.8.8 Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: repo.ncloud.com canonical name = repo.ncloud.grm.ncloud.com. Name: repo.ncloud.grm.ncloud.com Address: 10.250.5.105
- When the query works correctly,
Ubuntu
Ubuntu 18.04 and Ubuntu 20.04 provided by NAVER Cloud Platform use systemd-resolved. Inspect the DNS settings and files on the Ubuntu OS.
Described for Ubuntu 18.04 and Ubuntu 20.04.
Check the settings and content of the
/etc/resolv.conf
file.- Check if the file's symbolic link exists.
- Ubuntu 18.04
root@ubuntu1804:~# ll /etc/resolv.conf lrwxrwxrwx 1 root root 29 Nov 13 2019 /etc/resolv.conf -> ../run/resolvconf/resolv.conf
- Ubuntu 20.04
root@ubuntu2004:~# ll /etc/resolv.conf lrwxrwxrwx 1 root root 39 Jan 24 2022 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf
- Ubuntu 18.04
- Check if the file's symbolic link exists.
Check if the contents of the file are the same as the following: However, the
options edns0 trust-ad
option may be absent or different depending on the OS version.- Ubuntu 18.04
root@ubuntu1804:~# cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) ... Omitted... nameserver 127.0.0.53
- Ubuntu 20.04
root@ubuntu2004:~# cat /etc/resolv.conf # This file is managed by man:systemd-resolved(8). Do not edit. ... Omitted... nameserver 127.0.0.53 options edns0 trust-ad
- Ubuntu 18.04
Check the DNS settings of NAVER Cloud Platform received from DHCP.
root@ubuntu2004:~# cat /run/systemd/resolved.conf.d/isc-dhcp-v4-eth0.conf [Resolve] DNS=169.254.169.53 169.254.169.54
Check the configured DNS settings on the OS. The IPs of the DNS server provided in the VPC environment are
169.254.169.53
and169.254.169.54
.root@ubuntu2004:~# cat /run/systemd/resolve/resolv.conf ... Omitted... nameserver 169.254.169.53 nameserver 169.254.169.54
- If it appears as follows, the DNS server settings are in an abnormal state.
root@ubuntu2004:~# tail -2 /run/systemd/resolve/resolv.conf # No DNS servers known.
- If applicable, handle it as follows:
root@ubuntu2004:~# cat /run/systemd/resolved.conf.d/isc-dhcp-v4-eth0.conf [Resolve] DNS=169.254.169.53 169.254.169.54 root@ubuntu2004:~# systemctl restart systemd-resolved root@ubuntu2004:~# tail -2 /run/systemd/resolve/resolv.conf nameserver 169.254.169.53 nameserver 169.254.169.54
- If it appears as follows, the DNS server settings are in an abnormal state.
Check if the
systemd-resolved
daemon is running and its status.- The
systemd-resolved
daemon must beenabled
in the list of installed units for it to work properly after booting.root@ubuntu2004:~# systemctl list-unit-files | grep systemd-resolved.service systemd-resolved.service enabled enabled
- The
systemd-resolved
daemon must beactive
for it to work properly.root@ubuntu2004:~# systemctl status systemd-resolved.service ● systemd-resolved.service - Network Name Resolution Loaded: loaded (/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2023-01-07 00:29:09 KST; 2 months 4 days ago Docs: man:systemd-resolved.service(8) https://www.freedesktop.org/wiki/Software/systemd/resolved https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients Main PID: 587 (systemd-resolve) Status: "Processing requests..." Tasks: 1 (limit: 9421) Memory: 4.7M CGroup: /system.slice/systemd-resolved.service └─587 /lib/systemd/systemd-resolved
- Check the connection status of the IP address
127.0.0.53
. It must beLISTEN
through port 53 (nameservice port) by thesystemd-resolve
service.root@ubuntu2004:~# netstat -anp | grep 127.0.0.53 tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 587/systemd-resolve udp 0 0 127.0.0.53:53 0.0.0.0:* 587/systemd-resolve
- The
Check the DNS settings in the
systemd-resolve
service.- Use the following command to verify the DNS server information that sends queries.
- Ubuntu 18.04
root@ubuntu1804:~# systemd-resolve --status Global DNS Servers: 169.254.169.53 169.254.169.54 ... Omitted...
- Ubuntu 20.04
root@ubuntu2004:~# systemd-resolve --status Global LLMNR setting: no MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Current DNS Server: 169.254.169.53 DNS Servers: 169.254.169.53 169.254.169.54 ... Omitted...
- Ubuntu 18.04
- Use the following command to verify the DNS server information that sends queries.
Check the permissions of the
/etc/hosts
file.- The read permissions must be granted to the Other User of the
/etc/hosts
file for thesystemd-resolved
daemon to operate properly. By default, the/etc/hosts
file has permission set to 644.
root@ubuntu2004:~# ls -l /etc/hosts -rw-r--r-- 1 root root 186 Jan 24 2022 /etc/hosts
- The read permissions must be granted to the Other User of the
Check the DNS query operation using the
nslookup
command.- When the query works correctly,
169.254.1.5
and169.254.80.160
are displayed.root@ubuntu2004:~# nslookup repo.ncloud.com Server: 127.0.0.53 Address: 127.0.0.53#53 Non-authoritative answer: repo.ncloud.com canonical name = repo.ncloud.grm.ncloud.com. repo.ncloud.grm.ncloud.com canonical name = kr-vpc-init.ncloud.grm.ncloud.com. Name: kr-vpc-init.ncloud.grm.ncloud.com Address: 169.254.1.5 Name: kr-vpc-init.ncloud.grm.ncloud.com Address: 169.254.80.160
- When using another DNS than the DNS provided on NAVER Cloud Platform, a completely different IP will be received.
root@ubuntu2004:~# nslookup repo.ncloud.com 8.8.8.8 Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: repo.ncloud.com canonical name = repo.ncloud.grm.ncloud.com. Name: repo.ncloud.grm.ncloud.com Address: 10.250.5.105
- When the query works correctly,
FAQ related to DNS
Q. The following isc_socket_bind error occurs when querying DNS. What should I do?
[root@ncp-server ~]# nslookup repo.ncloud.com
Server: 169.254.169.53
Address: 169.254.169.53#53
Non-authoritative answer:
repo.ncloud.com canonical name = repo.ncloud.grm.ncloud.com.
repo.ncloud.grm.ncloud.com canonical name = kr-vpc-init.ncloud.grm.ncloud.com.
Name: kr-vpc-init.ncloud.grm.ncloud.com
Address: 169.254.80.160
Name: kr-vpc-init.ncloud.grm.ncloud.com
Address: 169.254.1.5
nslookup: isc_socket_bind: address in use
The issue occurs when the ip_local_port_range value is too small for the customer service network environment, or when there are too many socket ports currently in use.
You can check the ip_local_port_range as follows: By default, the minimum port is 32768, and the maximum port is 60999.
[root@ncp-server ~]# sysctl net.ipv4.ip_local_port_range
net.ipv4.ip_local_port_range = 32768 60999
If the server can be rebooted, reboot in the OS. If it cannot be rebooted, check the number of currently used sockets and organize the unnecessary sockets or increase the ip_local_port_range value.
DNS query in normal status is output as follows:
[root@ncp-server ~]# nslookup repo.ncloud.com
Server: 169.254.169.53
Address: 169.254.169.53#53
Non-authoritative answer:
repo.ncloud.com canonical name = repo.ncloud.grm.ncloud.com.
repo.ncloud.grm.ncloud.com canonical name = kr-vpc-init.ncloud.grm.ncloud.com.
Name: kr-vpc-init.ncloud.grm.ncloud.com
Address: 169.254.80.160
Name: kr-vpc-init.ncloud.grm.ncloud.com
Address: 169.254.1.5