- What DNS servers am I using?
- 14 Answers 14
- Using resolvectl
- How to get a hostname/domain name from an IP address in Linux
- Prerequisites
- Perform DNS Reverse lookup using dig command
- Perform DNS Reverse lookup using nslookup command
- Perform DNS Reverse lookup using the host command
- Conclusion
- About the author
- Karim Buzdar
What DNS servers am I using?
The Linux kernel itself is not aware about DNS services. To answer it’s better to know your userland. What distribution are you using? Ubuntu? Debian GNU/Linux? Centos?
14 Answers 14
You should be able to get some reasonable information in:
However, please be aware that (on modern Linuxen) the contents of /etc/nsswitch.conf dictate what name services are used (DNS, LDAP, etc) and in what order. Say fgrep hosts: /etc/nsswitch.conf . If it only references DNS, /etc/resolv.conf is the right place to look for your nameservers. But chances are you’re also using mDNS (aka ZeroConf, aka Avahi, aka Bonjour, etc), etc. In that case, things depend on what you’re using.
This file typically points at 127.0.1.1 on Ubuntu — it’s the local DNS cache server, not the actual upstream.
See the answers by @G32RW or @Lonniebiz for a more robust approach under various circumstances, e.g. when you get an answer like 127.0.0.53
This solution is no more up to date. I find the systemd-resolve —status suggested by @G32RW most up-to-date solution for this problem.
( nmcli dev list || nmcli dev show ) 2>/dev/null | grep DNS
On Debian, you need to have the network-manager package installed.
This one is usefull if you are using VPN and NetworkManager. Your /etc/resolv.conf will point to your machine, with dnsmasq resolving names as configured by NetworkManager.
nm-tool is not available in newer linuxes. for example it is not in the ‘network-manager’ package of debian 8.
This did not work for me on an Ubuntu VM. nmcli dev show did not have the DNS info. However, systemd-resolve —status did have the real DNS server. unix.stackexchange.com/a/434756
On systems running systemd use:
I think you can also query DNS and it will show you what server returned the result. Try this:
dig yourserver.somedomain.xyz
And the response should tell you what server(s) returned the result. The output you’re interested in will look something like this:
;; Query time: 91 msec ;; SERVER: 172.xxx.xxx.xxx#53(172.xxx.xxx.xxx) ;; WHEN: Tue Apr 02 09:03:41 EDT 2019 ;; MSG SIZE rcvd: 207
You can also tell dig to query a specific DNS server by using dig @server_ip
If you use any DNS masking/caching service that is run on your local machine, it will hide the real DNS servers.
This only tells you which server was used for that query. It doesn’t tell you all the DNS servers that your host might use.
Beware that this obviously fails if the DNS server is not available. That’s not a common thing, but I’ve managed to get a bad result or timeout when looking for a DNS server running on IPv6 (using dig -6 ).
Just do an, nslookup . Part of its results include the server that it’s using.
In the example below, it shows that the DNS server used is at 8.8.8.8.
$ nslookup google.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: google.com Address: 172.217.22.174
On a recent Ubuntu, this again points to the local cache server 127.0.0.1 as already hinted at in this comment
In CentOS 7 it quits with error, but it is a vm so I did nslookup google.com in the Windows host and I found the nameserver. Add it in /etc/resolv.conf like: nameserver xx.xx.xx.xx and restart service network , and all is fine. Praise you.
With the new network-manager command nmcli , do this:
nmcli --fields ipv4.dns,ipv6.dns con show [connection_name]
On newer versions of network-manager (such as in Ubuntu 16.04), the field names are slightly different:
nmcli --fields ip4.dns,ip6.dns con show [connection_name]
If you don’t know the connection name, use:
nmcli -t --fields NAME con show --active
For example, on old versions of nmcli :
$ nmcli --fields ip4.dns,ip6.dns con show 'Wired connection 1' IP4.DNS[1]: 172.21.0.13 IP4.DNS[2]: 172.21.0.4
Returns Error: invalid field ‘ip4.dns’; allowed fields: NAME,UUID,TYPE,TIMESTAMP,TIMESTAMP-REAL,AUTOCONNECT,AUTOCONNECT-PRIORITY,READONLY,DBUS-PATH,ACTIVE,DEVICE,STATE,ACTIVE-PATH.
to get the first DNS SERVER (IP only) :
cat /etc/resolv.conf|grep -im 1 '^nameserver' |cut -d ' ' -f2
- cat will output DNS config
- grep filters only nameserver
- -i grep ignore case
- -m 1 grep stop after first match
- cut take the ip part of the row (second column with ‘ ‘ as separator)
To put DNS ip in an environment variable, you could use as follow:
export THEDNSSERVER=$(cat /etc/resolv.conf|grep -im 1 '^nameserver' |cut -d ' ' -f2)
To lighten the pipeline even more, capture groups with Perl regexp is very neat, and grep takes a file argument: grep -Pom 1 ‘^nameserver \K\S+’ /etc/resolv.conf . Just wrote up Capture groups with grep perl regular expression
There’s both IPv4 and IPv6 DNS servers. Also, secondary servers exist for a reason. Which one this command returns? Is it advised to take the first one, and just ignore the others?
Using resolvectl
$ resolvectl status | grep -1 'DNS Server' DNSSEC supported: no Current DNS Server: 1.1.1.1 DNS Servers: 1.1.1.1 1.0.0.1
grep option: -C NUM , -NUM , —context=NUM Print NUM lines of output context.
For compatibility, systemd-resolve is a symbolic link to resolvectl on many distros as for Ubuntu 18.10:
$ type -a systemd-resolve systemd-resolve is /usr/bin/systemd-resolve $ ll /usr/bin/systemd-resolve lrwxrwxrwx 1 root root 10 nov. 15 21:42 /usr/bin/systemd-resolve -> resolvectl $ type -a resolvectl resolvectl is /usr/bin/resolvectl $ file /usr/bin/resolvectl /usr/bin/resolvectl: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=09e488e849e3b988dd2ac93b024bbba18bb71814, stripped
How to get a hostname/domain name from an IP address in Linux
One of the questions that many Linux users ask is how they can retrieve a system’s hostname using its IP address. It may seem an uphill task, but in the real sense, it’s quite easy. Essentially, this is known as the reverse DNS lookup. Reverse DNS lookup queries an IP address to retrieve the hostname or domain of the server. The exact opposite is the Forward DNS lookup which maps the domain name to the IP address.
In this short guide, we have explored a few ways to performs Reverse DNS lookup and get a domain name from an IP address. For demonstration purposes, I have used Ubuntu 20.04.
Prerequisites
Before you roll up your sleeves, ensure that your remote host has an A record which is a DNS entry that points or maps a domain name to an IP address
Perform DNS Reverse lookup using dig command
Dig command is a flexible and powerful tool that is used for querying or probing DNS records. It’s an acronym for domain information groper and allows you to retrieve a wide array of DNS information such as A, CNAME, MX, and SOA records.
Perform DNS Reverse lookup using nslookup command
A nslookup command is a troubleshooting tool that features highly in a sysadmin’s armory. It’s a versatile tool that performs all DNS record querying such as CNAME, A, MX, and reverses or PTR records.
To retrieve a domain name from an IP address, use the command syntax:
Perform DNS Reverse lookup using the host command
Similarly, you can use the host command to obtain a hostname or domain name from an IP address using the syntax as shown.
For example, to check the domain name for the IP 5.9.235.235, execute the command:
Just like the Nslookup command, you can also use the host command with hostnames or IP addresses.
Conclusion
The few examples that we have just elaborated are a sure way of helping you obtain the domain name from an IP address. Usually, the reverse DNS lookup is trivial and not as crucial as the forward lookup, which maps domain names to IP addresses. Your feedback or contribution will be highly welcomed.
About the author
Karim Buzdar
Karim Buzdar holds a degree in telecommunication engineering and holds several sysadmin certifications. As an IT engineer and technical author, he writes for various web sites. He blogs at LinuxWays.