How to Make Persistent Changes to /etc/resolv.conf on RHEL
Environment
- Red Hat Enterprise Linux (RHEL) versions 5, 6, 7, 8, 9
- Tools: initscripts, NetworkManager
- Subject: DNS Configuration
Issue
Many users encounter a situation where the DNS servers specified in /etc/resolv.conf get overwritten after a system reboot or network service restart. This blog post addresses why this happens and how to make permanent changes to the /etc/resolv.conf file on RHEL systems.
Resolution
In general, NetworkManager is managing /etc/resolv.conf. On RHEL7, issues with initscripts prevented this. If you are on RHEL7, please ensure
- To update initscripts to 9.49.41–1.el7 (released with RHBA-2018:0983) or later to ensure you are not affected. These fixes are part of RHEL7.5GA and later.
- To update NetworkManager to 1.8.0–9.el7 (released with RHSA-2017:2299) or later to ensure you are not affected. These fixes are part of RHEL7.4GA and later.
Depending on the desired outcome, following is possible:
- Goal: use DNS servers obtained from the DHCP server:RHEL will by default (so unmodified RHEL deployments) overwrite /etc/resolv.confas soon as any network interfaces use DHCP. No further action required.
- Goal: use DNS servers obtained from the DHCP server, and additional DNS servers:
DOMAIN="domain1 domain2 domain3"
Goal: do not overwrite DNS servers in /etc/resolv.conf:
- If resolv.conf should not be overwritten with the DNS servers obtained via DHCP, then the DHCP interfaces should have PEERDNS=no set in their ifcfg file, for example:
$ cat /etc/sysconfig/network-scripts/ifcfg-eth1
TYPE=Ethernet
DEVICE=eth1
BOOTPROTO=dhcp
PEERDNS=no
As an alternative, if NetworkManager is used, it can be configured to not update /etc/resolv.conf in /etc/NetworkManager/NetworkManager.conf or /etc/NetworkManager/conf.d/90-dns-none.conf:
[main]
dns=none
- After the change, NetworkManager has to be restarted using systemctl restart NetworkManager. This is particularly important in RHEL 7, to avoid the issue described in Solution 6975705.
- As a further alternative (or workaround), you could also modify /etc/resolv.conf as desired and then make the file immutable to changes (details are in the chattr(1) manpage). After making the file immutable “+i”, further modifications will be impossible before reversing that operation with “-i”. Please be aware that this is a common source for problems, for example when multiple persons administrate a system, a first person makes the file immutable and other persons are not aware of the chattr command.
# chattr +i /etc/resolv.conf
Root Cause
RHEL will by default (so without further configuration/modification) overwrite /etc/resolv.confas soon as any network interfaces use DHCP. Depending on the exact version if initscripts/NetworkManager, “RESOLV_MODS=no” or “PEERDNS=no” in the relevant /etc/sysconfig/network-scripts/ifcfg-* files can prevent this.
Diagnostic Steps
To identify issues, review /var/log/messages for entries related to network scripts updating /etc/resolv.conf.
# Example log entries
Oct 14 12:40:52 hostname NET[22961]: /etc/sysconfig/network-scripts/ifdown-post : updated /etc/resolv.conf
Oct 14 12:40:57 hostname NET[23256]: /etc/sysconfig/network-scripts/ifup-post : updated /etc/resolv.conf
These logs can provide clues on when and why /etc/resolv.conf is being updated.
By following these steps, you can ensure that your DNS configurations in /etc/resolv.conf remain persistent across reboots and network service restarts, tailored to your specific requirements and environment setup.
#RHEL #Linux #SysAdmin #NetworkManager #DNS #ResolvConf #PersistentDNS #LinuxNetworking #ServerManagement #CloudInit #NetworkConfiguration #RedHat #LinuxTips #SystemAdministration #ITInfrastructure