If you encounter a “temporary failure to resolve name” error, it can damage your Internet connection by failing to resolve domain names to IP addresses. This guide provides clear steps, which can be used to identify and resolve issues with DNS configuration and firewall configuration that could be causing this error.
DNS Related Issues
DNS issues are often a major cause of the error: ‘Temporary Failure in Name Resolution’ if it was misconfigured. Here’s how to tackle them step by step.
Verifying the network connection
Make sure your network connection is not causing the issue before making changes to the DNS settings. To check that open a terminal and execute ping 8.8.8.8. A successful test should show 0% packet loss and an RTT below 500ms. A significant packet loss or RTT may indicate a network problem that requires further investigation by the network administrator.
ping 8.8.8.8
In the example shown above in the screenshot, the ping test results indicate a healthy network connection with 0% packet loss and RTT values (minimum: 8.290 ms, average: 8.353 ms, maximum: 8.402 ms) all well below 500ms. A significant packet loss or RTT higher than 500ms may indicate a network problem that requires further investigation by the network administrator.
How to Update DNS Configuration in /etc/resolv.conf?
Incorrect DNS settings can prevent your system from connecting to the Internet:
To fix it, execute sudo nano /etc/resolv.conf
in the terminal, and configure Google (8.8.8.8, 8.8.4.4) or Cloudflare (1.1.1.1, 1.0.01) as your DNS server based on your choice.
sudo nano /etc/resolv.conf
To make this setting permanent, please run the below command also:
sudo ln -sf /dev/null /etc/resolv.conf.
Make sure this file is protected from unauthorized modification:
sudo chown root:root /etc/resolv.conf
sudo chmod 644 /etc/resolv.conf
Inspecting Hosts File for Any Misconfigurations
The /etc/hosts
file may override the DNS configuration, resulting in resolution errors. Look for unusual details, especially those that have not been commented on, and remove or correct them if necessary.
To edit the file, execute:
nano /etc/hosts
Ensure that it contains a line for localhost
pointed to 127.0.0.1 similar to the below screenshot:
Checking the /etc/nsswitch.conf File
The /etc/nsswitch.conf
file determines the order in which various services (like DNS, files, LDAP, etc.) are used to resolve hostnames. Ensure that DNS is included in the hosts line. Open the file with a text editor and add “dns
” entry in it if it was not found.
sudo nano /etc/nsswitch.conf
Look for the line that starts with hosts:
and ensure it includes dns
like the below screenshot:
Does Disabling IPV6 Resolve DNS Issues?
Yes, sometimes disabling IPV6 resolves DNS issues. If you’re not using IPV6 on your system, disable IPv6, by editing the GRUB configuration:
sudo nano /etc/default/grub
Find the line starting with GRUB_CMDLINE_LINUX
and add ipv6.disable=1
to disable it! Then update GRUB and reboot the system:
sudo update-grub
sudo reboot
Firewall Related Issues
Improperly configured firewall settings or closed ports can be a possible cause, and it can be resolved by opening the necessary ports in your firewall configuration
How to Configure Firewall to Allow DNS?
If the firewall has rules blocking DNS requests or isn’t configured to allow them, you may see the error: “Temporary Failure in Name Resolution” due to the inability to convert domain names to IP addresses. Properly configuring firewall rules and ensuring DNS server accessibility can help resolve this issue.
Allowing DNS Queries For UFW Users
Execute the command:
sudo ufw allow 53/tcp
sudo ufw reload
Ensuring DNS Ports Are Open For FirewallD Users
Execute the command:
sudo firewall-cmd --add-port=53/tcp --permanent
sudo firewall-cmd --reload
Allowing DNS Traffic Rules For IPtables Users
Execute the command:
sudo iptables -A INPUT -p tcp --dport 53 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT
sudo iptables-save | sudo tee /etc/iptables/rules.v4
More reference on opening ports can be found in the blog: https://www.veeble.org/kb/how-to-open-a-specific-port-on-linux/
How to Review Firewall Rules?
After configuring your firewall to allow DNS traffic, it’s essential to review your firewall rules to ensure they are properly set up and not inadvertently blocking other aspects of DNS traffic.
To Display the Status of UFW
Look for any UFW rules related to DNS (port 53) and ensure they allow incoming and outgoing traffic appropriately by executing the command:
sudo ufw status
To Display All Active Rules Configured by FirewallD
Look for FirewallD rules allowing traffic on port 53 (DNS) and verify that they are set up correctly to allow DNS queries by executing the command:
sudo firewall-cmd --list-all
To List All the Currently Configured IPtables Rules
Look for IPtable rules related to DNS traffic (port 53) and verify that they permit both incoming and outgoing DNS traffic by executing the command:
sudo iptables -L
By addressing both DNS and firewall-related issues as outlined in this Knowledge Base, you can effectively resolve the “Temporary Failure in Name Resolution” error. If the problem persists after all fixes, you may need to investigate ISP-specific restrictions or delve into deeper network configurations.
Related Blog: