Chapter 36. Using different DNS servers for different domains
By default, Red Hat Enterprise Linux (RHEL) sends all DNS requests to the first DNS server specified in the
/etc/resolv.conf file. If this server does not reply, RHEL uses the next server in this file.
In environments where one DNS server cannot resolve all domains, administrators can configure RHEL to send DNS requests for a specific domain to a selected DNS server. For example, you can configure one DNS server to resolve queries for
example.com and another DNS server to resolve queries for
example.net. For all other DNS requests, RHEL uses the DNS server configured in the connection with the default gateway.
systemd-resolved service is provided as a Technology Preview only. Technology Preview features are not supported with Red Hat production Service Level Agreements (SLAs), might not be functionally complete, and Red Hat does not recommend using them for production. These previews provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.
See Technology Preview Features Support Scope on the Red Hat Customer Portal for information about the support scope for Technology Preview features.
36.1. Sending DNS requests for a specific domain to a selected DNS server
This section configures
systemd-resolved service and NetworkManager to send DNS queries for a specific domain to a selected DNS server.
If you complete the procedure in this section, RHEL uses the DNS service provided by
systemd-resolved in the
/etc/resolv.conf file. The
systemd-resolved service starts a DNS service that listens on port
53 IP address
127.0.0.53. The service dynamically routes DNS requests to the corresponding DNS servers specified in NetworkManager.
127.0.0.53 address is only reachable from the local system and not from the network.
- The system has multiple NetworkManager connections configured.
A DNS server and search domain are configured in the NetworkManager connections that are responsible for resolving a specific domain
For example, if the DNS server specified in a VPN connection should resolve queries for the
example.comdomain, the VPN connection profile must have:
Configured a DNS server that can resolve
Configured the search domain to
- Configured a DNS server that can resolve
Start and enable the
systemctl --now enable systemd-resolved
/etc/NetworkManager/NetworkManager.conffile, and set the following entry in the
systemctl reload NetworkManager
Verify that the
nameserverentry in the
/etc/resolv.conffile refers to
cat /etc/resolv.confnameserver 127.0.0.53
Verify that the
systemd-resolvedservice listens on port
53on the local IP address
ss -tulpn | grep "127.0.0.53"udp UNCONN 0 0 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=1050,fd=12)) tcp LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=1050,fd=13))
dnsparameter description in the