Chapter 30. Configuring the order of DNS servers
Most applications use the
getaddrinfo() function of the
glibc library to resolve DNS requests. By default,
glibc sends all DNS requests to the first DNS server specified in the
/etc/resolv.conf file. If this server does not reply, RHEL uses the next server in this file. NetworkManager enables you to influence the order of DNS servers in
30.1. How NetworkManager orders DNS servers in /etc/resolv.conf
NetworkManager orders DNS servers in the
/etc/resolv.conf file based on the following rules:
- If only one connection profile exists, NetworkManager uses the order of IPv4 and IPv6 DNS server specified in that connection.
If multiple connection profiles are activated, NetworkManager orders DNS servers based on a DNS priority value. If you set DNS priorities, the behavior of NetworkManager depends on the value set in the
dnsparameter. You can set this parameter in the
[main]section in the
dns=defaultor if the
dnsparameter is not set:
NetworkManager orders the DNS servers from different connections based on the
ipv6.dns-priorityparameter in each connection.
If you set no value or you set
0, NetworkManager uses the global default value. See Default values of DNS priority parameters.
When you use one of these settings, NetworkManager sets either
nameserverentry in the
systemd-resolvedservices forward queries for the search domain set in a NetworkManager connection to the DNS server specified in that connection, and forwardes queries to other domains to the connection with the default route. When multiple connections have the same search domain set,
systemd-resolvedforward queries for this domain to the DNS server set in the connection with the lowest priority value.
Default values of DNS priority parameters
NetworkManager uses the following default values for connections:
50for VPN connections
100for other connections
Valid DNS priority values:
You can set both the global default and connection-specific
ipv6.dns-priority parameters to a value between
- A lower value has a higher priority.
- Negative values have the special effect of excluding other configurations with a greater value. For example, if at least one connection with a negative priority value exists, NetworkManager uses only the DNS servers specified in the connection profile with the lowest priority.
If multiple connections have the same DNS priority, NetworkManager prioritizes the DNS in the following order:
- VPN connections
- Connection with an active default route. The active default route is the default route with the lowest metric.
- Using different DNS servers for different domains
30.2. Setting a NetworkManager-wide default DNS server priority value
NetworkManager uses the following DNS priority default values for connections:
50for VPN connections
100for other connections
You can override these system-wide defaults with a custom default value for IPv4 and IPv6 connections.
[connection]section, if it does not exist:
Add the custom default values to the
[connection]section. For example, to set the new default for both IPv4 and IPv6 to
You can set the parameters to a value between
2147483647. Note that setting the parameters to
0enables the built-in defaults (
50for VPN connections and
100for other connections).
# systemctl reload NetworkManager
30.3. Setting the DNS priority of a NetworkManager connection
If you require a specific order of DNS servers you can set priority values in connection profiles. NetworkManager uses these values to order the servers when the service creates or updates the
Note that setting DNS priorities makes only sense if you have multiple connections with different DNS servers configured. If you have only one connection with multiple DNS servers configured, manually set the DNS servers in the preferred order in the connection profile.
- The system has multiple NetworkManager connections configured.
The system either has no
dnsparameter set in the
/etc/NetworkManager/NetworkManager.conffile or the parameter is set to
Optionally, display the available connections:
# nmcli connection show NAME UUID TYPE DEVICE Example_con_1 d17ee488-4665-4de2-b28a-48befab0cd43 ethernet enp1s0 Example_con_2 916e4f67-7145-3ffa-9f7b-e7cada8f6bf7 ethernet enp7s0 ...
ipv6.dns-priorityparameters. For example, to set both parameters to
# nmcli connection modify Example_con_1 ipv4.dns-priority 10 ipv6.dns-priority 10
- Optionally, repeat the previous step for other connections.
Re-activate the connection you updated:
# nmcli connection up Example_con_1
Display the contents of the
/etc/resolv.conffile to verify that the DNS server order is correct:
# cat /etc/resolv.conf