GNU/Linux Desktop Survival Guide
by Graham Williams |
|||||
DNS Domain Name System |
20191016 A domain name system (DNS) is the system used to convert symbolic and generally more easily human manageable host names like google.com (fully qualified host names or FQDNs), which you will see for example in your browser URL bar, to numeric IP (internet protocol) addresses like 172.217.10.14. Usually when you connect your computer to the network a connection to a DNS server is set up for your computer to be able to do this translation.
A DNS server is often run by your internet service provider who typically collects all of your metadata. This is the data about who you are looking up and when.
A privacy protecting and very fast DNS server is available at the IP address of 1.1.1.1 with a secondary address of 1.0.0.1. This is run by the network provider cloudflare in collaboration with the Asia Pacific and Oceania regional internet address manager known as APNIC. It is a good alternative to the IP address of a DNS server that might be provided by your internet service provider (ISP) and reduces the amount of metadata your ISP is collecting and sharing. Note that these DNS servers link to a pool of DNS servers and so when you check for the IP address of your DNS server it won't appear as 1.1.1.1.
You will probably also want to be using encrypted DNS lookup whic can be achieved by using DNS over HTTPS as covered in Section 58.10.
To check which DNS server is in use the web site http://www.whatsmydnsserver.com can be useful.
From the command line the Network Manager (NM) application for Linux provides the nmcli comman line tool. In the example below replace the computer's interface name (which is wlp2s0 in this example) with the name of the network device for the computer. If connected by an ethernet cable to the router then the interface name is often eth0. See Section for details about determining the network interface name.
To check which DNS server is currently in use from your command line:
$ nmcli device show wlp2s0 | grep -i DNS |
If you have multiple connections (WiFi and Ethernet) then try this command line:
$ systemd-resolve --status |
To check who the IP address of your DNS server belongs to try:
$ nmcli device show wlp2s0 | grep -i DNS | head -1 | cut -d: -f2 | awk '{print($1)}' | xargs whois | egrep -i 'org-?name' |